Mapping Security Roles with an LDAP Server

In this portion of the security configuration, the administrator defines what users (or groups of users) are allowed access to basic SIMULIA Execution Engine application functions and to other functions. Users without the correct access level will not be able to log onto the SIMULIA Execution Engine.

Configuring SIMULIA Execution Engine security with an LDAP server involves mapping the predefined security roles to actual principals (users or groups) in the LDAP server. The installation template assumes that you have defined the following user groups in your LDAP server—fiperusers, fiperstations, fiperadmins—and that each group contains the appropriate users.

If these user group mappings are already defined on your LDAP server, you do not need to manually configure the mappings. Proceed to Finalizing the ActiveDirectoryAuthenticator Settings. If you are using different, custom user groups, as defined by your LDAP server, follow the procedure below to complete your user group mappings.

Before you begin: If you want to set up security using the embedded WebLogic LDAP server, you do not need to complete the procedure in this section. Proceed to Using the WebLogic Embedded LDAP for Client Authentication.

  1. Click Lock & Edit on the left side of the WebLogic Administration Console.

  2. Click the Roles and Policies tab on the right side of the page.

  3. In the Name column of the Roles table on the right side of the console, expand the Global Roles option.

  4. Click the Roles link.

  5. In the Global Roles table on the right side of the console, click the View Role Conditions link for the fiperuser role.

    The Edit Global Role screen appears.

  6. Click Add Conditions.

  7. Verify that Group is selected from the Predicate List list.

  8. Click Next.

  9. In the Group Argument Name text box, type the appropriate group name.

  10. Click Add.

    The specified group is added to the text box at the bottom of the screen.

  11. Click Finish.

    An entry specifying your group name should now appear in the list on the Edit Global Role screen.

  12. Click Save.

  13. Click the Global Roles link at the top of the console.

    The Global Roles table is displayed.

  14. Repeat step 5 through step 13 for the fiperadmin and fiperstation roles, mapping them to the appropriate groups.

    SIMULIA Execution Engine users now must supply a user ID and password to connect to the SIMULIA Execution Engine. The SIMULIA Execution Engine will authenticate the user credentials against the LDAP server.

  15. Proceed to Finalizing the ActiveDirectoryAuthenticator Settings when all three roles have been mapped.