Configuring user repository attribute mapping in a federated repository configuration

Follow this task to set or modify the mapping for user or group attributes of a user registry to federated repository properties in the current realm.

1. In the administrative console, click Security > Global security.
2. Under User account repository, select Federated repositories from the Available realm definitions field and click Configure. To configure for a specific domain in a multiple security domain environment, click Security domains > domain_name. Under Security Attributes, expand User Realm, and click Customize for this domain. Select the Realm type as Federated repositories and then click Configure.
3. Under Additional properties, click the User repository attribute mapping link.
4. Select an attribute and click Edit to modify the mapping.

   Property for Input

   Specifies the name of the federated repository property that maps to the specified user registry attribute when it is an input parameter for the user registry interface.

   For example, to set the type of attribute that is used for the userSecurityName parameter in the UserRegistry call, String getUniqueUserId(String userSecurityName), configure the input mapping (Property for Input) on the userSecurityName attribute. The default mapping value for userSecurityName is principalName.

   Property for Output

   Specifies the name of the federated repository property that maps to the specified user registry attribute when it is an output parameter (return value) for the user registry interface. In most cases, the propertyForInput and propertyForInput would be the same.

   For example, to set the type of attribute that is used for the return type (the unique user ID) in the UserRegistry call, String getUniqueUserId(String userSecurityName), configure the output mapping on the uniqueUserId call. The default mapping value is uniqueName.

5. Click OK and Save to the master configuration.
6. Restart the application server.