Knox Gateway Administration Guide
Also available as:
PDF
loading table of contents...

Example User Mapping

The gateway evaluates the list in order, from left to right; therefore a user matching multiple entries, resolves to the first matching instance.

In the following example, when a user authenticates as, the gateway asserts the user and all other users as:

<provider>
    <role>identity-assertion</role>
    <name>Pseudo</name>
    <enabled>true</enabled>
    <param>
        <name>principal.mapping</name>
        <value>guest=sam</value>
    </param>
</provider>

The following example shows how to map multiple users to different cluster accounts:

<provider>
    <role>identity-assertion</role>
    <name>Pseudo</name>
    <enabled>true</enabled>
    <param>
        <name>principal.mapping</name>
        <value>guest,joe,brenda,administrator=same;janet,adam,sue-dwayne</value>
    </param>
</provider>