How to assign roles to users using WL api?

Hi,
We have a requirement to allow creation of new users through application screens and assign groups and roles to those users.
My users will exist in external LDAP server while my groups and roles will exist in embedded LDAP server. Using WL APIs i am able to create users and add them to groups using the code peices given below:
========================================
          userProviderControl.createUserSimple(form.userID, form.password);
          groupProviderControl.addUserToGroup(ocnGroup, form.userID);
========================================
How do i assign roles to this new user programatically?
If i add a role from console (Home > Realm Roles > Summary of Security Realms > myrealm > Realm Roles -> Global Roles) and edit role condition to add this newly created user then i it works fine. I want to achieve the same i.e. edit role condition programatically.
Any help will be greatly appreciated.
Thanks,

Problem Solved !!!
The data-type conversion needs to be performed in the SPML2 Person Form. Add a Field called waveset.roles and map it to the SPML2 attribute name being used in ur client. It's best done through a rule.....
If anybody is facing similar problem and need more details....please email me @ [email protected]

Similar Messages

  • How to assign ROle to user

    Hello All,
      I need to programmatically assign roles to user and want to give some authorization at runtime..
    please suggest me which function module to use ..
    please help me asap
    thanks,
    jigs
    helpful answers wil lbe rewarded

    Hi all,
    Thanks for the reply.
      But i want to add one role to user not profile.
      i got one bapi BAPI_USER_ACTGROUPS_ASSIGN, this bapi does work...
    but actually deletes previous roles and then assign new one.
    is there any fm which will add role to user without deleting existing role.
    thanks,
    jigs

  • How To Assign Role To User Programatically?

    Hi,
    We Need Code to Assign Role To User In JSPDynapage.
    Thanks
    SubbaRao Chinta

    Hi SubbaRao Chinta,
    See http://help.sap.com/saphelp_nw70/helpdata/EN/7d/003c41325fa831e10000000a1550b0/frameset.htm and the corresponding JavaDoc: http://help.sap.com/javadocs/nw04/current/um/com/sap/security/api/IRoleFactory.html
    Hope it helps
    Detlev

  • How to assign AdminRole to user through OIM API

    Hi all,
    Can any one tell me which method I have to use to assign a AdminRole to user using OIM API..
    Thanks in Advance

    Hi karthik thanks for the link...
    it is throwing the following error
    Exception in thread "main" oracle.iam.platform.utils.NoSuchServiceException: java.lang.ClassNotFoundException: oracle.iam.platform.authopss.api.AdminRoleServiceDelegate
    can i know which jar file to add for this error
    thanks in advance

  • Assigning roles to users programmatically

    Hi,
    I want to programmatically create roles, assign roles to users etc.
    I saw at this thread
    ADF Security Policy Store
    the folowing scriptlet by Frank Nimphius
    try {
    IdentityStore idstore = JpsCommonUtil.getValidIdStore("idstore.xml.provider").getIdmStore();
    try {
    UserManager userManager = idstore.getUserManager();
    RoleManager roleManager = idstore.getRoleManager();
    Role adminRole = idstore.searchRole(Role.SCOPE_APPLICATION,"admin");
    // create user
    //TODO check for empty username and password
    User newUser = userManager.createUser(this.username,this.password.toCharArray());
    roleManager.grantRole(adminRole,newUser.getPrincipal());
    } catch (IMException e) {
    // TODO
    } catch (JpsException e) {
    // TODO
    return null;
    this is a TP3 scriptlet, is it still working on the 11g production?
    I try it and i get a JpsException
    oracle.security.jps.JpsException
         at oracle.security.jps.internal.common.util.JpsCommonUtil.getValidIdStore(JpsCommonUtil.java:1004)
    do I have to replace "idstore.xml.provider" with something else depending on my configuration?
    thanks
    Tilemahos

    Hi Frank thanks for the answer,
    I check this functionality at WLS embeded LDAP and I shaw your "How-to configure OID for authentication in WebLogic Server" post.
    I manage to add users and assign them roles that i created at my application.
    But what if I want to have a super user that can create new roles and assign them member roles?
    eg.
    Developer created roles (policy store):
    accessPage1 ( granted all the necesery principals to access page1 )
    accessPage2 ( granted all the necesery principals to access page2 )
    Super user created roles
    Role1 member roles :accessPage1,accessPage2
    If i want my application to have that functionallity i must create roles programmatically wont I?
    If there another way?
    By the way I followed the advices at the following useful links
    Chris Muir: http://one-size-doesnt-fit-all.blogspot.com/2008/12/configuring-wls-with-ms-active.html
    Frank Nimphius's How-to configure OID for authentication in WebLogic Server
    Edwin Biemond's Using OpenLDAP as security provider in WebLogic
    Andrejus Baranovskis: Practical ADF Security Deployment on WebLogic Server
    And I manage to add users of the Microsoft LDAP at the WLS
    but I could't mekae them group members of my application groups (roles)
    is this possible?
    Thanks

  • SECATT for assigning roles to users

    Hi All,
    How do we make the ECATT to work for the below scenario:
    Users already have roles assigned to them. We need to add a new roles to the users which can vary in number based on the users job.
    A simple ECATT script that was developed to add a single role to a new user does not work in the above case and gives an error of invalid batch input. How do I create a ECATT to assign role to user who already has a set of roles assigned (number of roles assigned to users differ, so I cannot assume to train the ECATT to assign a role on line X). Is there something I am missing while the ECATT script creation?
    We are doing this from a CUA and its very difficult to assume how many roles a user could have.
    Thanks,
    Jay

    Thanks Alex for the insight. For some reason SU10 is slow in the CUA environment and I wanted to avoid it but yes I finally had to use SU10. Talking to one of our ABAPer I came to know that even in their BDC recordings they get the error which I receeived, but he changes his program to skip all the lines with data and then fill the empty line.
    In CUA environment, how do we create ECATT to delete a role from many users?
    Thanks,
    Jay

  • What role is required to 'nominate' a user using BPM API's?

    I see an exception while nominating a user using SAP API's. Log as below:
    Caused by: com.sap.bpem.tm.exception.InvalidAuthorizationException: User Test1 is not allowed to perform action NOMINATE on task 3v67h898881811e4bae5000000ddc0f1
    Nominate works fine if the user is assigned "Administrator" role. Is there an alternative role which can be assigned as we cannot give end user admin access.
    Thanks in advance
    Regards
    Vidya

    There is a standard user 'SAP_BPM_Service'. You can assign the 'SAP_BPM_SuperAdmin' role to perform all possible actions related to BPM.
    what you are trying to do is nominate a user for a particular task For this, you will have to assign roles to the person who is currently logged-in. So standard user does not come into picture.
    Refer this link for details of Task Delegation.
    Refer this link for all possible roles and authorizations related to BPM processes and tasks.
    API or no API, assign 'SAP_BPM_SuperAdmin' to the user.

  • How to assign roles to portal please describe

    how to assign roles to portal please describe

    Hi Deba,
    If you are talking about assigning roles to users .
    Then follow these steps :
    http://help.sap.com/saphelp_nw70/helpdata/EN/ed/845890b89711d5993900508b6b8b11/frameset.htm
    Create Workset and Roles :
    https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/9f2df6f9-0701-0010-d08f-a95acdd86453
    For creating users,
    Go to user administration( You should have this role assigned to you) and create a user.
    Cheers,
    Sandeep Tudumu

  • Assigned Role in user Group

    Dear All
      Please help me assigned Role in user Group  . I create user Group  (  SURG ) . But i can't assigned Role ?
    Regards , Thanks
      Lannguyen

    Hello,
    You cannot assign user groups directly to Roles, however you can do the following.
    Use PFCG transaction
    1. Select the role and switch to change mode.
    2. Switch to user tab.
    3. Put the cursor in the blank line and hit F4
    4. You should get a popup window which asks you to provide search criteria for the user.
    5. Switch to 2nd tab Users by Logon criteria, here you should be able to find the selection field User group.
    6. Select the group you created and hit the green tick.
    7. All the users in that group will be listed in the User list tab on the main screen.
    8. Now to complete the user assignment hit the User comparisor button ( it should turn green once done).
    Regards,
    Siddhesh

  • How to assign values to JTable using mysql database

    how to assign value to JTable using mysql...

    Search the forum. You use the values of the "ResultSet" to create a "DefaultTableModel" which you then add to the "JTable".
    I'll let you pick the search keywords to use, which I've suggested above. You can also throw in my userid if you want to specifically look for my solution.

  • HI,how to find roles for user based on userid?

    hi,
    i need to find roles for each user based on user id.
    can i know any one knows this how to get roles for user?
    thanks,
    jpullareddy

    hi,
    i solve my self.
    i am getting values
    jpullareddy

  • Provisioning OIM user using OIM APIS

    Hi All,
    Could anyone help me out on how to provision a User using OIM APIS.
    Thanks and Regards,
    Vaasu.

    public class GetGroups {
    tcUtilityFactory utilFactory = null;
    tcSignatureMessage moSignature = null;
    tcUserOperationsIntf moUserUtility = null;
    tcResultSet userResultSet,userSet = null;
    ConfigurationClient.ComplexSetting myConfig = ConfigurationClient.getComplexSettingByPath("Discovery.CoreServer");
    final Hashtable env = myConfig.getAllSettings();
    Map v = new HashMap();
    public void UserGroups(String userid) {
    try {
    System.out.println(" I am in TRY");
    moSignature = tcCryptoUtil.sign("xelsysadm", "PrivateKey");
    utilFactory = new tcUtilityFactory(env, moSignature);
    moUserUtility =
    (tcUserOperationsIntf) utilFactory.getUtility("Thor.API.Operations.tcUserOperationsIntf");
    v.put("Users.User ID", userid);
    userSet = moUserUtility.findAllUsers(v);
    long user_key = userSet.getLongValue("Users.Key");
    System.out.println( " Group Name " + grpName );
    } catch(Exception e){
    e.getMessage();
    Like that
    moobjIntf =
    *(tcObjectOperationsIntf) utilFactory.getUtility("Thor.API.Operations.tcObjectOperationsIntf");*
    Map objmap =new HashMap(0;
    objmap.put("Objects.Name", "AD User") \\ just hardcoding this AD User you can pass it as variable also
    tcResultSet moResultSet = moobjIntf.findObjects(objmap);
    long obj_key = moResultSet.getLongValue("Objects.Key");

  • Plug_in:how to unlock a locked document use acrobat API

    how to unlock a locked document use acrobat API.in acrobat plug_in

    how to unlock a locked document use acrobat API.in acrobat plug_in(Which API can enter a password to unlock the locked document)

  • How to create a project templace using a API?

    Hi all,
    I can create a project using API PA_PROJECT_PUB.create_project, but how to create a project templace using a API?
    thanks for your any effort.
    Caril

    Hi Caroline:
    If sub projects are not supported currently, does the EDK API support creating the project folders under a project? Please let me know.
    Thanks.
    Bhanu

  • How to retrieve data from MDM using java API

    hi experts
    Please explain me the step by step procedure
    how to retrieve data from MDM using java API
    and please tell me what are the
    important classes and packages in MDM Java API
    thanks
    ramu

    Hi Ramchandra,
    You can refer to following links
    MDM Java API-pdf
    https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/2d18d355-0601-0010-fdbb-d8b143420f49
    webinr of java API
    https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/89243c32-0601-0010-559d-80d5b0884d67
    Following Fourm Threads will also help.
    Java API
    Java API
    Re: usage of  java API ,
    Matching Record
    Need Java API for Matching Record
    Thanks and Regards,
    Shruti.
    Edited by: Shruti Shah on Jul 16, 2008 12:35 PM

Maybe you are looking for

  • Printer plugged into airport will not recognize mac

    We have an HP J6480 all-in-one printer that I recently connected to an AirPort device.  We have two machines running Mavericks (10.9.2), my wife's iMac and my MacBook Pro, as well as an old iBook G4 (10.5.8), all of which are on our network.  We are

  • Policy Assignment to AD Groups

    Perhaps I'm going about this the wrong way, but can someone explain if this should work or not? I have ZESM 4.1 IR 1 installed on a Windows 2003 server with a seperate SQL box - all installed and configured fine. Created a user source pointing at AD,

  • Is there a way to create a scrolling text box on my desktop?

    When I watch the news, or ESPN, they always have a scrolling box that gives breaking news or updated scores.  I would like that for my desktop, but I want to type what goes in it.  I want the box to constantly be on top of anything I'm working on. I

  • Can't play movie from gallery on mac

    I can not play movies from my gallery on my macbook. These movies are imported from Canon A630 to iPhoto. In iPhoto I can play them well. All of them are published to my mobileme gallery using iPhoto. Then I open this gallery in Safari on my macbook

  • How to call UPDATE statements in the timesten

    Hi i want to know how can i call UPDATE statements from the c program as of now i am using SQLPREPARE and SQLEXECUTE for the same. but i get the following error. Is there any special way of calling UPDATE and INSERT routines. As my select statements