Configure global roles in weblogic express

Weblogic Express 8.1 sp2 does not allow you to configure global roles using the
Admin console.
I know this is the expected functionality. How do you configure these global
roles without the use of the Admin Console.

As far as i know you could never create roles via WLST offline, only via WLST online.
Thanks,
-satya
BEA Blog: http://dev2dev.bea.com/blog/sghattu/

Similar Messages

Creating a Global Role using weblogic.Admin command

Hi,
Does anyone have an example of creating a global role using the weblogic.Admin commands? I think I have to use the INVOKE command with the DefaultRoleMapper and createRole method, but I'm not quite sure what the rest of the syntax is.
Thanks,
Gabriel

Gabriel,
The following works for me:
weblogic.Admin -url t3://localhost:80 -username weblogic -password weblogic INVOKE -mbean "Security:Name=myrealmDefaultRoleMapper" -method createRole "" "MyGlobalRole" "Grp(Administrators)" ""
The null first parameter identifies this role as a global role.
The second param is the name of the role.
The third parameter is the policy expression. Here, I've mapped the role to the Administrators group. You can also map it to users or a combo of the two. For example, to map it to the "weblogic" user, use "Usr(weblogic)" as the policy expression. If you leave this parameter empty, the role will be created but will not be mapped to anything.
I'm not sure what the fourth parameter is for. It's not defined in the RoleEditorMBean docs but not including it causes an error. I suspect it's a description field because WLS does not seem to care what you put there.
HTH,
Mike

Creating Global Roles in 9.1 using WLST

Hi,
Did anyone try creating Global Roles in Weblogic 9.1 ?
Since in Weblogic 9.1, the Authorizer and Role Mapper providers are XACML based, I am not sure if we can use WLST offline to create global roles.
Can someone please shed some light on this.
Thanks -agreddy

As far as i know you could never create roles via WLST offline, only via WLST online.
Thanks,
-satya
BEA Blog: http://dev2dev.bea.com/blog/sghattu/

Set global roles

Hi,
Is there a way to set global roles through weblogic ant tasks or command line utilities ?
I am using weblogic 8.1SP5
Thanks,
Manish
Edited by manish25 at 02/02/2007 1:24 PM

Hi,
There certain things you need to check
1. Did you do user comparsion?
2. Did you check the SCUL log?
SCUL ->choose (error,unconfirmed & warning) user / roles / profiles execute -> you will get list of users
Priority of resolving would be the same order 1. Error (red) 2. Unconfirmed (Gray) and 3. Warnings.(Yellow).
based on the error you can re distrubute the idoc.
Procedure :
Select the user which you would like to re-distribute for a particular system -> it will display user / roles / profile ->
Let stay roles are Grayed -> highlight on the role -> click on F7 button or cross mark(Distrbution) . You will receive new window with selection of IDOC type. Select appropriate IDOC type -> choose roles -> continue.
3. Text comparsion
To get a newly created role to a system quickly avoiding Text Comparison to all systems i.e from CUA. Instead you can do text comparsion from child systems.
Finallly your SCUM settings are correct.
Thanks,
Sri

Can I have a role inheriting another role in weblogic 9?

I have two global roles: AppUser and AppAdmin. An AppAdmin is an AppUser. Is it possible to configure this fact in weblogic 9?
Here is what I tried. I added AppUser and AppAdmin as global roles using the wl9 console. Then I tried to add a condition of type Role for AppUser and set the Role Argument Name to AppAdmin (to tell weblogic that any user that has the AppAdmin role also has the AppUser role), however, when I save the changes I get the following error message: Role tokens are not permitted in role expressions.
The help pages for the screens don't explain in detail each type of conditions.

That would be great as tested further with a few files as not only have external drive backup I also use Backblaze remote service and just requested a few test files to be returned for uploading, which both worked fine.
It's seems to be the hard drive it's not recognising PS and LR CC
Will keep in touch if have any further thoughts
Barrie
Sent from my iPad
http://500px.com/bazhome97
http://www.flickr.com/people/bazhome97/
Https://twitter.com/BazHome97

How to retrieve Global Roles in a the current security realm?

Is there a WLS API available that obtains a list of mapped global roles (defined in a security realm) from an application?
I want to be able to do a getRoles call against an authenticated user. So far, I'm only able to use isUserInRole. What I need is a list of all global roles mapped to a user's group.
Thanks all...
Message was edited by:
raymondng

You can refer to the api
http://e-docs.bea.com/wls/docs81/javadocs/weblogic/management/security/authorization/RoleReaderMBean.html#getRoleExpression
-Ramkumar

Problem with File Based replication in Weblogic Express 10

Hi,
          We have Web application (exploded war) file deployed on Weblogic Express 10, to a Cluster of three Managed Servers (all three on different physical machines).
          We are using File based session persistance in weblogic.xml
          We have a shared location for all the three servers where we will be sharing the Session data.
          When we start the application, its works fine and is very fast, but after sometime the application slows down.
          Troubleshooting the Issue we found that its a problem with file based replication. By using File based replication every user session is stored in form of directory inside shared directory. So after sometime thousands of directories are created inside the shared directory where the session information is stored. So when we access the application, its waiting for lot of time with Message Session Monitor .... (this is because its browsing through the shared session storage directory for lot of time for session information as it has lot of directories) and finally after a long time like 10 mins we get the Application Home Page.
          When we clean up all the saved sessions inside shared directory, the application works fine, But we will see the same sometime later may be after 3 or 4 hours when the shared session directory has lot of session information stored in it.
          Is there a way to clean up the saved session information on file system as soon as that user session is closed by using file based replication.
          We cannot used Inmemory replication as our Appl doesnt support it.
          Please advice as it is a major show stopper in our Production Mirror env.
          Weblogic Consultant

It is possible to reduce number of live session by configuring very low timeout-secs weblogic.xml. Default is 60 minutes.
          More details are here..
          http://e-docs.bea.com/wls/docs100/webapp/weblogic_xml.html#wp1071982
          Jayesh
          Yagna Sys

Advertise configuration globally using Bonjour

What does this mean "advertise configuration globally using Bonjour" it can be found in the (AE) setup under Airport Tabs- Base Station. If you place a check mark in that field what happens or I say what can happen.
Also I have a mac mini that seems to drop the Airport connection, all other devices seems to keep a connection. Keep in mind I setup the mac mini with its own IP address which is way out of the DHCP range, In addtion the account that the mac mini uses doesn't have Admin rights at all
Looking for someone to explain or point me in the right direction.
last but not lease maybe someone can tell me if this would be the right direction of setting up this network, I would like to be able to remote into system from work to home:
I've setup my network with the following setup:
1. Cable moden attached to the AE, with radio mode @ 802.11n (802.11b/g)
2 I have a old express attached to a 1gig router by Cat5, and the (AE) is set to bridge mode.
Is this the right setup to have if you want your mac mini on the network wireless? My mac mini is attached to the TV use for a media server only. I do have two other macbooks & a macbook pro.
thanks,
rob

Wide-area bonjour makes your bonjour services browsable over the internet. The missing piece, however, is the client configuration tool. Once you have your wide-area bonjour updates going to your DNS server you can use this preference pane to search your DNS server. Once installed and set up for your wide-area bonjour, things like Safari can browse your bonjour services.
MacBook Pro 2GHz Core Duo 15" Mac OS X (10.4.8)

Caller id propagation from WebLogic Express to WebLogic Server

Hi all,
I'm planning on a WebLogic configuration where Servlets executing in
WebLogic Express invoke EJBs executing in WebLogic Server. The Web container
and the EJB container are thus executing in different processes.
Given that a user is authenticated in WebLogic Express using e.g. the
J2EE-standard form-based authentication, would the user id be propagated to
the EJB container automatically?
Thanks
Patrik Gottfridsson
Valtech

Call flow was :
CUCM---Router-----MPLS----Router---CME
extension 1040 from cucm was calling extension 2800 on CME, and on the display from the phone that is registered on CME had the "UNKNOWN" on it.
But I just figured it out.
Thanks anyways!

HttpClusterServlet Proxy Plugin problem - Weblogic Express 10

Hi,
I am using Weblogic Express 10 version. I am trying to configure HttpClusterServelet in one of my test machine.
I have a Admin server and 3 Managed servers which are part of clusters. I have a test war file which is deployed on to the cluster.
I am able to open the test war file application by hitting Managed servers URL's & Port no's
for eg: http://hostname:portno/testapp
Now I have created a war file with httpclusterserver features and deployed it to Admin server. (created web.xml & weblogic.xml inside WEB-INF directory and built it as war file and deployed it to Admin server)
so practically whenever I hit the Admin server URL my request should be proxied to one of the three Managed server which are part of the cluster
But when I try to open the application through admin server hostname and port no, I get below 403 exception on browser
Error 403--Forbidden
From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:
10.4.4 403 Forbidden
The server understood the request, but is refusing to fulfill it. Authorization will not help and the request SHOULD NOT be repeated. If the request method was not HEAD and the server wishes to make public why the request has not been fulfilled, it SHOULD describe the reason for the refusal in the entity. This status code is commonly used when the server does not wish to reveal exactly why the request has been refused, or when no other response is applicable.
Below is the content of my web.xml & weblogic.xml war file
web.xml
-bash-3.00$ more web.xml
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd";>
<web-app>
<servlet>
<servlet-name>HttpClusterServlet</servlet-name>
<servlet-class>
weblogic.servlet.proxy.HttpClusterServlet
</servlet-class>
<init-param>
<param-name>WebLogicCluster</param-name>
<param-value>
ManagedSrv1_Hostname:PortNo|ManagedSrv2_Hostname:PortNo|ManagedSrv3_Hostname:PortNo
</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>HttpClusterServlet</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>HttpClusterServlet</servlet-name>
<url-pattern>*.jsp</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>HttpClusterServlet</servlet-name>
<url-pattern>*.htm</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>HttpClusterServlet</servlet-name>
<url-pattern>*.html</url-pattern>
</servlet-mapping>
</web-app>
weblogic.xml
<!DOCTYPE weblogic-web-app PUBLIC "-//BEA Systems, Inc.//DTD Web Application 8.1//EN" "http://www.bea.com/servers/wls810/dtd/
weblogic 810-web-jar.dtd">
<weblogic-web-app>
<context-root>/</context-root>
</weblogic-web-app>
Kindly advise on this problem.
- - Weblogic Consultant

Hi,
          Did you configure the replication correctly in the weblogic.xml?
          Also fill in the correct cluster address in the weblogic configuration.
          http://edocs.bea.com/wls/docs90/cluster/setup.html#726973
          Schelstraete Bart
          [email protected]
          http://www.schelstraete.org
          http://www.linkedin.com/in/bschelst

ALBPM Enterprise SA 5.7 MP3 and Weblogic Express 9.2

We are using ALBPM Enterprise SA 5.7 MP3 and Weblogic Express 9.2. We have the following questions:
1) Why, after assigning a Parametric Role to an user, we have to restart the portal in Weblogic before the user can log back into the system? When we do not do it, the user will see an error on the screen informing of a lack of permisions to visualize the activities of the new assigned role. This happens even when we have already clicked several times on the button labeled "Re-load Information from the Directory" (in ALBPM's WebConsole) and even after a few hours have passed. All our engines have a "Directory Polling Interval" of 1 minute, but it seems not to work.
2) Do we have to modify any extra value, or set something in particular in Weblogic?
Thanks in advance. We look forward for suggestions.

We are using ALBPM Enterprise SA 5.7 MP3 and Weblogic Express 9.2. We have the following questions:
1) Why, after assigning a Parametric Role to an user, we have to restart the portal in Weblogic before the user can log back into the system? When we do not do it, the user will see an error on the screen informing of a lack of permisions to visualize the activities of the new assigned role. This happens even when we have already clicked several times on the button labeled "Re-load Information from the Directory" (in ALBPM's WebConsole) and even after a few hours have passed. All our engines have a "Directory Polling Interval" of 1 minute, but it seems not to work.
2) Do we have to modify any extra value, or set something in particular in Weblogic?
Thanks in advance. We look forward for suggestions.

Configuring JSP's in Weblogic server 7.0

Hi,
I'm trying to port my web application from weblogic server 6.1 to weblogic
7.0. I'm having a little problem with jsp pages in weblogic 7.0. Some of the text
box controls which are populated dynamically in my jsp pages are getting populated
with
"null" value in WL 7.0 e.g. in the following case
<%
String claim_id=null;
%>
<input type=text value=<%= claim_id %> >
on weblogic 6.1 an empty string is printed but in wl 7.0 null is printed as the
value for the text field.
I used the domain configuration wizard in wl 7.0 to make a WLS Domain and then
deployed my application. If I deploy the same application in one of the examples
domain which is installed with Weblogic 7.0 then everything works fine. So its
definity a configuration issue.
Could someone please help me with this.
Thanks,
-Taqdees.

As per the j2ee 1.2, jsp 1.2 specification mandates that the expressions
default must be "null".
We have introduced a new flag in weblogic.xml called printNulls which is
true by default meaning that "null" will be the default.
Setting this to false makes sure that expressions(<%=expr%> ) with "null"
results are printed as "" (earlier behavior)
Here is how to configure the printNulls from weblogic.xml :
<weblogic-web-app>
<jsp-param>
<param-name>printNulls</param-name>
<param-value>false</param-value>
</jsp-param>
</weblogic-web-app>
Regards,
Eric
"taqdees malik" <[email protected]> wrote in message
news:3daaff99$[email protected]..
>
Hi,
I'm trying to port my web application from weblogic server 6.1 toweblogic
7.0. I'm having a little problem with jsp pages in weblogic 7.0. Some ofthe text
box controls which are populated dynamically in my jsp pages are gettingpopulated
with
"null" value in WL 7.0 e.g. in the following case
<%
String claim_id=null;
%>
<input type=text value=<%= claim_id %> >
on weblogic 6.1 an empty string is printed but in wl 7.0 null is printedas the
value for the text field.
I used the domain configuration wizard in wl 7.0 to make a WLS Domain andthen
deployed my application. If I deploy the same application in one of theexamples
domain which is installed with Weblogic 7.0 then everything works fine. Soits
definity a configuration issue.
Could someone please help me with this.
Thanks,
-Taqdees.

Migrate 8.1 Global roles include Role Conditions

Hi all,
have one question. I want migrate Global Role conditions from one WebLogic 8.1 server to another. When I export DefaultRoleMapper provider, I can see in exported file list of Global Roles only. I cannot see any mapping item in this file. Please, know someone how migrate Global Roles including mapping ?
TY very much,
Lada

Hi,
I export DefaultRoleMapper through Security-Realms-myrealm-Providers-Role Mapping-DefaultRoleMapper/Migration-Export in WL console.
In exported file I can see only list of defined Global Roles, for example:
dn: cn=::AbortTaskRole,ou=ERole,ou=@realm@,dc=@domain@
objectclass: top
objectclass: ERole
cn: ::AbortTaskRole
createTimestamp: 201000261052Z
creatorsName: cn=admin
EExpr:: fALDp01DQWRtaW5Hcm91cArDp01DU3BBZG1pbkdyb3VwCg==
wlsCreatorInfo: mbean
modifyTimeStamp: 201000261147Z
modifiersName: cn=admin
dn: cn=::CancelTaskRole,ou=ERole,ou=@realm@,dc=@domain@
objectclass: top
objectclass: ERole
cn: ::CancelTaskRole
createTimestamp: 201000261053Z
creatorsName: cn=admin
EExpr:: fALDp01DQWRtaW5Hcm91cArDp01DU3BBZG1pbkdyb3VwCg==
wlsCreatorInfo: mbean
modifyTimeStamp: 201000261148Z
modifiersName: cn=admin
But in this file I dont see any conditions which are bound to these Roles (myrealm-Global Roles-<concrete role>-Conditions). I cannot find these conditions in any other files generated through export wholes security realm.
TY for your help,
Lada

Global Roles

Hi Experts,
I am currently facing an issue where I am unable to see any roles when I "Browse Global Scoped Roles" under "Search for Roles Entitled to this Resource
". I have defined all the global roles under "Home >Summary of Security Realms >myrealm >Realm Roles" on the weblogic server 10.3.0.0.
Even the default roles defined under Visitor Roles
- Visitor Entitlement RoleAnonymousVisitor
- Visitor Entitlement RoleAuthenticatedVisitor
are missing in this environment.
Any help will be highly appreciated.
Cheers
Edited by: user551247 on 25-May-2011 01:37
Just to add, I tried to look into the table P13N_ENTITLEMENT_ROLE and could see that all the roles defined are already present. I tried to create a new role and this role is being added to this table.
But I am not able to view any of these roles on the portal.

Have you tried this ?
http://weblogic-wonders.com/weblogic/2010/06/04/how-to-modify-weblogic-default-roles-and-policies/

Help: Install "WebLogic Express Server" license

I am having problem to install my "WebLogic Express Server" license.
As I understand, the "WebLogic Server" and "WebLogic Express Server" use the same
installation file, the only difference is the license. So I downloaded the "WebLogic
Server 6.0 Service Pack 2" from BEA's web site. After the installation, I found
a "license.bea" file under WebLogic home directory. I replaced this file with
my license file for "WebLogic Express Server". Unfortunately, I can not start
the default server anymore.
Neither the "UpdateLicense" command works: it seems to me that it only merges/replaces
the existing license with the new one. So although I "updated" the "WebLogic Server"
license to "WebLogic Express Server" license using this command, it seems that
I am still using the "WebLogic Server", because I can still see the EJB component
page in the admin console.
Did I miss something? What is the best way to check whether "WebLogic Express
Server" has been sucessfully installed? Your help is highly appreciated!

Hi,
Find the Link with the screenshots of the whole installtion and domain creation process for Weblogic in all the ways
Installing Weblogic in GUI mode - weblogicexpert
Installing Weblogic 10.3.6 in console Mode in windows machine - weblogicexpert
Creating Domain In GUI mode - weblogicexpert
Creating Domain in Console Mode - weblogicexpert
Starting Weblogic Admin Server
Starting/Stoping Weblogic Admin Server - weblogicexpert
Starting Weblogic Managed Server
Starting/Stoping Weblogic Managed Server - weblogicexpert
Configuring Node manger
Configuring NODE MANAGER And Starting Managed Server from Console - weblogicexpert
Deployment process
Deployments - weblogicexpert
Security concepts
Security Concepts and Hands on - weblogicexpert
Installing Weblogic 12.1.2
Weblogic 12c - weblogicexpert
All other basic information are available in the blog
Hope it helps

Configure global roles in weblogic express

Similar Messages

Maybe you are looking for