Example RBM XML file

The following content shows an example XML file defining users and mapping users to policies.

For more information on user authentication using an XML file, see User authentication with XML file, for more information on user authorization using an XML file, see Credential mapping with an XML file.

<?xml version="1.0" encoding="utf-8"?>
<!--
  Licensed Materials - Property of IBM
  IBM MQ Appliances
  Copyright IBM Corporation 2015, 2025. All Rights Reserved.
  US Government Users Restricted Rights - Use, duplication or disclosure
  restricted by GSA ADP Schedule Contract with IBM Corp.
-->
<AAAInfo xmlns="http://www.datapower.com/AAAInfo">
  <FormatVersion>1</FormatVersion>
  <Filename>store:///RBMInfo.xml</Filename>
  <Summary>This is an example of the file format.</Summary>

  <!-- AUTHENTICATION -->
  
  <!-- examples for user accounts -->
  <Authenticate>
    <Username>admin<Username>
    <Password>admin</Password>
    <OutputCredential>devadmin</OutputCredential>
  </Authenticate>

  <Authenticate>
    <Username>Jojo<Username>
    <Password>zxy739*721</Password>
    <OutputCredential>user</OutputCredential>
  </Authenticate>

  <Authenticate>
    <Username>kayser<Username>
    <Password>hay_1n_the_shed</Password>
    <OutputCredential>user</OutputCredential>
  </Authenticate>

  <!-- AUTHORIZATION -->
  
  <!-- (1) direct mapping of user to policy -->
  
  <!-- user to policy mapping -->
  <MapCredentials>
      <InputCredential>devadmin</InputCredential>
      <OutputCredential>
        */*/*?Access=rwadx
      </OutputCredential>
  </MapCredentials>

  
  <!-- (2) mapping of user to group to policy -->
   
  <!-- user to group mapping -->
  <MapCredentials>
      <InputCredential>user</InputCredential>
      <OutputCredential>useradmin</OutputCredential>
  </MapCredentials>

  <!-- LDAP user to group mapping -->
  <MapCredentials>
      <InputCredential>uid=tuser,ou=people,dc=cambridge,dc=ibm,dc=com</InputCredential>
      <OutputCredential>useradmin</OutputCredential>
  </MapCredentials>

  <!-- group to policy mapping -->
  <MapCredentials>
      <InputCredential>useradmin</InputCredential>
      <OutputCredential>
        */*/access/username?Access=rwad
        */*/access/usergroup?Access=rwad
        */*/status/object-status?Access=r
        */*/login/web-mgmt?Access=x
      </OutputCredential>
  </MapCredentials>

</AAAInfo>