Nexus makes it very straightforward to map an external role to an
internal Nexus role. This is something you would do, if you want to
grant every member of an externally managed group (such as an LDAP
group) a certain privilege in Nexus. For example, assume that you have
a group in LDAP named
svn and you want to make sure that everyone in
svn group has Nexus administrative privileges. To do this, you
would click on the Add.. drop-down in the Roles panel as shown in
Figure 8.13, “Selecting External Role Mapping in the Role Management Panel”. This drop-down can be found in the
roles management panel which is opened by clicking on Roles in the
Selecting External Role Mapping under Add… will show you a dialog containing a drop-down of External Realms. Selecting an external realm such as LDAP will then bring up a list of roles managed by that external realm. The dialog shown in Figure 8.14, “Selecting an Externally Managed Role to Map to a Nexus Role” shows the external realm LDAP selected and the role "svn" being selected to map to a Nexus role.
Once the external role has been selected, Nexus will create a corresponding Nexus Role. You can then assign other roles to this new externally mapped role. Figure 8.15, “Mapping an External Role to a Nexus Role” shows that the SVN role from LDAP is being assigned the Nexus Administrator Role. This means that any user that is authenticated against the external LDAP Realm who is a member of the svn LDAP group will be assigned a Nexus role that maps to the Nexus Administrator Role.