Adding a New Role

Use this procedure to add new roles or groups of roles in addition to those defined for the grid.

Creating new roles or groups of roles can make it easier to set up mapping. The groups of roles can be managed together and used to map to different target roles. For example, assume the session provider defined three roles that are related to the geographical structure of a company:

  • Germany-Office

  • UK-Office

  • US-Office

Each user is assigned to exactly one of the three roles but you would like to map all of the three roles to many different application defined roles. It would be cumbersome to add all three roles to each of the target application roles. Furthermore, if the organization grows with a new location of Sweden-Office, you would need to edit all the mappings and add the new role to all target roles.

In this situation, it is better to create a group of all the three roles called Any-Office and use that group when mapping to the application defined target roles. In this case, when the new Sweden-Office location appears, you only need to add it to the Any-Office group and all existing mappings will be "updated" as a consequence.

You may work with role mappings on a global page or on an application-centric page targeting a specific application. Both enable you to create new roles but the domain the new roles belong to will depend on the page used to create the role.

Thus, a role created on the global page will belong to the global role domain and a role created for a specific application will be in the application role domain. This distinction has no runtime significance but you need to understand in which domain a new role will end up so that you can find it when creating mappings using the role.

To add a new role or group or roles

  1. Navigate to the global Users and Role Mappings page or the corresponding application-centric application Users and Role Mappings page, depending on your needs. For more information, see Role Mapping.
  2. Click the Add new... link.
  3. In the dialog box, provide a name for the role, click Create, and then click the Save button.

    The new role should now be listed in the list of roles and you may start adding roles to this role in the same way as if it was any of the other roles in the list.

  4. After mapping some roles to the role, you may start using this role when mapping to other roles.