Nexus Repository Manager OSS and Nexus Repository Manager make it very straightforward to map an external role to an internal role. This is something you
would do, if you want to grant every member of an externally managed group (such as an LDAP group) a certain
privilege in the repository manager. For example, assume that you have a group in LDAP named
svn and you want to
make sure that everyone in the
svn group has administrative privileges. To do this, you would click on the
Add.. drop-down in the Roles panel as shown in Figure 8.13, “Selecting External Role Mapping in the Role Management Panel”. This drop-down can be found
in the roles management panel which is opened by clicking on Roles in the Security menu.
Selecting External Role Mapping under Add… will show you a dialog containing a drop-down of External Realms. Selecting an external realm such as LDAP will then bring up a list of roles managed by that external realm. The dialog shown in Figure 8.14, “Selecting an Externally Managed Role to Map to an Internal Role” shows the external realm LDAP selected and the role "svn" being selected to map to a role.
Once the external role has been selected, the repository manager creates a corresponding role. You can then assign other roles to this new externally mapped role. Figure 8.15, “Mapping an External Role to an Internal Role” shows that the SVN role from LDAP is being assigned the Administrator Role. This means that any user that is authenticated against the external LDAP Realm who is a member of the svn LDAP group will be assigned a role that maps to the Administrator Role.