Examples for user/group role mapping for Lotus Connections

A customer recently had the requirement to grant only a specific group of users access to Lotus Connections. As you probably know this can be achieved by configuring the user/group role mapping in WAS. Since a screenshot makes it more clear than following the Info Center, I’m providing the configuration I implemented:

Bildschirmfoto2010-04-27um11.07.53.V7JRoijKq2fH.jpg
Bildschirmfoto2010-04-27um11.09.23.rurawAVOIuEm.jpg
Bildschirmfoto2010-04-27um11.10.00.hlp5xjaae8PL.jpg
Bildschirmfoto2010-04-27um11.10.24.muO5M5GiBtDp.jpg
Bildschirmfoto2010-04-27um11.11.08.A2cQpQQLIlHB.jpg
Bildschirmfoto2010-04-27um11.12.51.TzIzlAEckZdt.jpg
Bildschirmfoto2010-04-27um11.13.29.yppTc3S04Dj9.jpg
Bildschirmfoto2010-04-27um11.15.18.bS2WHxJCrlgz.jpg
Bildschirmfoto2010-04-27um11.15.42.lXi4RoamMqAk.jpg
Bildschirmfoto2010-04-27um11.16.58.mMPnW5AZLvjY.jpg
Bildschirmfoto2010-04-27um11.17.42.GOzsycFZkaav.jpg

You also need to modify LotusConnections-config.xml to set service_extension_auth for Communities and Profiles to “DSX-Admin”:

Bildschirmfoto2010-04-27um11.19.48.Su9l7SqWUKg4.jpg

2 thoughts on “Examples for user/group role mapping for Lotus Connections

  1. But when a User is not a member of the LotusConnectionsUsers group and still tries to login he will get an nasty error. This comes because for WAS itself you are able to login ! so you are authenticated and authorized in the eyes of WAS but you can’t get to URL’s which are protected by the person role in the ear file ! so how to solve this is to also tell WAS that only people in the LotusConnectionsUsers & LotusConnectionsAdmins should be able to login ! This can be doen but is an extra config requirement for your problem as stated in your blog !

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>