Adding Service Accounts

  1. If you have not already done so, click Create to create a new session or click Edit to enter an existing session. See Using the Change Center.
  2. Select Project Explorer, then select a project or folder in which to add the service account. The Project/Folder View page is displayed.
  3. From the Create Resource drop-down list, select Service Account to display the Create a New Service Account page.
  4. In the Resource Name field, enter a unique name for this service account.
  5. In the Resource Description field, enter a description for the service account.
  6. Under Resource Type, do one of the following:
    • To create a service account that provides the user names and passwords that it receives from incoming client requests, select Pass Through.
    • To create a service account that provides a user name and password that you save with the service account configuration, select Static.
    • To create a service account that maps the user name from one or more authenticated clients to user names and passwords that you specify, select Mapping.
  7. Depending on the resource type you selected in step 6, do one of the following steps described in Table 14-2.
  8. Table 14-2 Resource Type Options 
    Selected Resource Type
    Complete These Steps
    Pass Through
    Click Last.
    Static
    1. Click Next.
    2. Enter the user name and password in the User Name field, Password, and Confirm Password fields.
    3. Click Last.
    Mapping
    To create a service account that maps the user name from one or more clients to user names and passwords that you specify, do the following:
    1. Click Next.
    2. In the Enter Authorized Remote User table, do the following:
      1. In the Remote User Name, Password, and Confirm Password fields, enter the user name and password that you want to send in outbound requests.
      2. Click Add.
      3. The user mapping is added to the Remote Users table.

      4. (Optional) Add additional remote users in the Enter Authorized Remote User table.
    3. Click Next.
    4. To map authorized clients to remote user names and passwords, do the following in the Enter Authorized Local User table:
      1. In the Local User Name field, enter the name that identifies a client that has been authenticated on its inbound request.
      2. If you have not already added this user in the Security Configuration module of the ALSB Console, do so before you use this mapping in a runtime environment. See Adding Users. ALSB lets you create a mapping for a non-existent local user, but the mapping will never match an authenticated user and will never be used.

      3. From the Remote User Name list, select the user name that you want to send in outbound requests for the authenticated user you specified in the Local User Name field.
      4. Click Add.
    5. To map anonymous clients to remote user names, do the following:
      1. Select the Map Anonymous Requests check box.
      2. From the Select Remote User list, select the user name that you want to send in outbound requests for all anonymous users.
    6. Click Last.

  9. Click Save. The service account is created and saved in the current session.
  10. To end the session and deploy the configuration to the run time, click Activate under Change Center.