OIM - Read Only Manage Users

Similar Messages

• Read-Only Console user

  Hi all!
  I would like to introduce a read-only console user on our weblogic 6.1 SP1 app
  server! Does anyone know how to configure such a user (respectively can anyone
  give me a docu reference according to this problem)?
  Is it possible anyway?
  Thanks for every serious response,
  Chris.

  Add the user to the Monitors group, so they have the Monitor role. This will
  give them read-only access to the console.
  "chris" <[email protected]> wrote in message
  news:[email protected]..
  >
  Hi all!
  I would like to introduce a read-only console user on our weblogic 6.1 SP1app
  server! Does anyone know how to configure such a user (respectively cananyone
  give me a docu reference according to this problem)?
  Is it possible anyway?
  Thanks for every serious response,
  Chris.

• How to make form field read only for users with certain permissions

  We need to make two form fields read only for users with certain permissions. Kindly guide me on how to do this in Infopath. I searched and there is an option to disable to the column, but no option to select user permissions. 
  Please give your suggestion on this. 
  thanks.

  Hi,
  See the link below:
  http://info.akgroup.com/blog-0/bid/69277/InfoPath-Restrict-visibility-to-users-in-a-SharePoint-Group
  Here you can add the fomatting action on the field to disable the field if those users belong to certain Sharepoint group (does not matter the permission levels though). Hope it helps.
  Regards, Kapil ***Please mark answer as Helpful or Answered after consideration***

• DBMS - Data not visible to read only account users.

  I have created below view to know the status of my batch jobs which run on server every sunday.
  CREATE OR REPLACE VIEW CAFDB_REFRESH AS
  SELECT
  log_id,
  owner,
  to_char(log_date, 'DD-MON-YY HH24:MI:SS') TIMESTAMP,
  job_name,
  status,
  ERROR#,
  run_duration,
  instance_id,
  additional_info
  FROM user_scheduler_job_run_details;
  it is working fine and i am able to get the information.
  now to make it visible to read only account users - using "grant select " i have given access and also created public synonym.
  but it is showing only column names in read only account not the data.
  how to make this visible to read only account?
  please guide.

  USER_ views will only have the objects owned by the user running the query..In your case it will have only the schedules done by the user.
  You will have to ue ALL_ or DBA view (all_scheduler_job_run_details)

• OIM Read only Admin Role

  Hello Everyone
  Is there something like read-only OIM Admin role?. My manager wants to just see everything done by a system administrator or xelsysadmin . He doesn't want to modify any date, but he just wants to access everything added by the administrator.
  Thank You

  Hi,
  I hope you are using OIM 11g R2.
  If yes, then OOTB OIM provides many Admin Roles under organization section. For example: User Viewer, HelpDesk, Org Admin etc.
  You can use any of the OOTB admin roles to fulfill your requirement.
  HTH
  J

• All USB drives mount as read only for user

  I have searched a bunch and thee results I find seem to be irrelevant to my situation. Most relate to a single USB media that is a problem and won't read or write.
  On a new Arch install on a new computer (my third base system install). Running Gnome.
  All USB mass storage devices mount as read only for the logged in user. Root has write permissions and I can mkdir no problem. It is not an issue with the USB drive itself as this occurs with multiple USB media (I've tested several SD cards on a reader and at least two drives, all the media works correctly on my existing installations)
  I'm posting the contents of my /etc/group file in case there's an obvious error there I don't see, and my dmesg output upon plugging in the drive. User name is changed in the group file posted to "archie"
  This is a single-user system.
  /ect/group
  root:x:0:root
  bin:x:1:root,bin,daemon
  daemon:x:2:root,bin,daemon
  sys:x:3:root,bin
  adm:x:4:root,daemon
  tty:x:5:
  disk:x:6:root
  lp:x:7:daemon
  mem:x:8:
  kmem:x:9:
  wheel:x:10:root,archie
  ftp:x:11:
  mail:x:12:
  uucp:x:14:archie
  log:x:19:root
  utmp:x:20:
  locate:x:21:
  rfkill:x:24:
  smmsp:x:25:
  http:x:33:
  games:x:50:
  lock:x:54:
  uuidd:x:68:
  dbus:x:81:
  network:x:90:
  video:x:91:
  audio:x:92:
  optical:x:93:
  floppy:x:94:
  storage:x:95:
  scanner:x:96:
  power:x:98:
  nobody:x:99:
  users:x:100:archie
  systemd-journal:x:190:
  archie:x:1000:
  avahi:x:84:
  polkitd:x:102:
  rtkit:x:133:
  gdm:x:120:
  brlapi:x:999:
  kvm:x:78:
  ntp:x:87:archie
  dmesg output
  [ 968.044188] usb 4-3: new high-speed USB device number 4 using ehci-pci
  [ 968.170628] usb-storage 4-3:1.0: USB Mass Storage device detected
  [ 968.171435] scsi7 : usb-storage 4-3:1.0
  [ 969.174450] scsi 7:0:0:0: Direct-Access Generic USB SD Reader 1.00 PQ: 0 ANSI: 0
  [ 969.175068] scsi 7:0:0:1: Direct-Access Generic USB MS Reader 1.03 PQ: 0 ANSI: 0
  [ 969.939417] sd 7:0:0:0: [sdb] 15572992 512-byte logical blocks: (7.97 GB/7.42 GiB)
  [ 969.941028] sd 7:0:0:0: [sdb] Write Protect is off
  [ 969.941037] sd 7:0:0:0: [sdb] Mode Sense: 03 00 00 00
  [ 969.944664] sd 7:0:0:1: [sdc] Attached SCSI removable disk
  [ 969.945509] sd 7:0:0:0: [sdb] No Caching mode page found
  [ 969.945517] sd 7:0:0:0: [sdb] Assuming drive cache: write through
  [ 969.952682] sd 7:0:0:0: [sdb] No Caching mode page found
  [ 969.952693] sd 7:0:0:0: [sdb] Assuming drive cache: write through
  [ 969.956396] sdb: sdb1
  [ 969.965003] sd 7:0:0:0: [sdb] No Caching mode page found
  [ 969.965011] sd 7:0:0:0: [sdb] Assuming drive cache: write through
  [ 969.965015] sd 7:0:0:0: [sdb] Attached SCSI removable disk
  I'm sure I'm just missing something in user management, but I can't find what.
  Last edited by hooya (2014-04-27 03:10:49)

  I am also having the same problem. Root can read and write to automounted drives, but my user cannot. I've tried with a variety of drives, I am assuming they are being automounted by root instead of the logged-in user somehow. (I am running x directly, and am not using a display manager, if that has anything to do with it).
  When I look at how it is mounted it is as follows:
  /dev/sdc1 on /run/media/myuser/drivename type vfat (rw,nosuid,nodev,relatime,uid=1000,gid=1000,fmask=0022,dmask=0077,codepage=437,iocharset=iso8859-1,shortname=mixed,showexec,utf8,flush,errors=remount-ro,uhelper=udisks2)

• Access Database Opens in Read Only for Users

  I just moved an Access Database to a new server (from Server 2003 to Server 2012). From the server, using Office 2010, I can open the database without issue but, if a user try's to open the same database from either a shortcut or mapped with Office 2010,
  they get the message that the database is Read Only. Did I miss a step in moving the database to the new server? Thanks

  Hi,
  Did your user get the error message "You are trying to open a read-only database..."? If it was, please try the following method:
  On the desktop, double-click My Computer.
  Locate the Microsoft Access database that you moved.
  Right-click the database name, and then click Properties.
  In the Properties dialog box, clear the Read-only check box under
  Attributes.
  Click OK to apply the change.
  Open your database in Access.
  Resource:
  http://support.microsoft.com/kb/324666/en-us (It also applies to Access 2010)
  Hope it's helpful.
  Regards,
  George Zhao
  TechNet Community Support
  It's recommended to download and install
  Configuration Analyzer Tool (OffCAT), which is developed by Microsoft Support teams. Once the tool is installed, you can run it at any time to scan for hundreds of known issues in Office
  programs.

• Best way to make my WDA read only when user selects from FPM toolbar

  Using FPM, we've inserted a custom web dynpro application to maintain our gate dates in PPM 5.0.
  When the user presses the Read Only button on the FPM toolbar, what's the best way to turn our fields off? Just create a new attribute in our Component Controller context node and bind it to all the screen fields?

  Hallo Robert,
  I think it is the best and easy way to realize this.

• How to make data of responsabilitys in read only for users

  hi everyone
  i need help to find a way to make all datas in the E-Business suite application in read only. i try to attach the diffirents responsabilitys with options profiles but i cant make this process work
  if anyone please know any way to help to make this work it will be mush appreciated.
  Thanks in advence
  My said ABAROUN

  So you'd better ask this in the E-business forum.
  Sybrand Bakker
  Senior Oracle DBA

• SPSecurity.RunWithElevatedPrivileges Not Working for Read Only Permissions Users

  I have the following code in a method that generates tabbed web parts on any page in SharePoint 2010.
  The problem is that it will not work for users who have Read access only on a SharePoint site.  It will work when those users have Contribute access.  
  So even though I have elevated permissions in the code it does not actually elevate the permissions at the point where it is needed.
  if (panel != null)
  try
  using (SPLimitedWebPartManager wpManager = SPContext.Current.Web.GetLimitedWebPartManager(HttpContext.Current.Request.Url.ToString(), PersonalizationScope.Shared))
  try
  // Elevated previleges required for EXPORT and IMPORT. Else Users with normal read access will get errors.
  SPSecurity.RunWithElevatedPrivileges(delegate()
  // Retrieve the web part titles in the ConfigureTabs XML string for this tab.
  var webPartTitles = from t in xDocument.Descendants("webPart")
  where (string)t.Parent.Attribute("name") == (string)e.Item.DataItem
  select (string)t.Attribute("title");
  foreach (string wpTitle in webPartTitles)
  foreach (System.Web.UI.WebControls.WebParts.WebPart webPart in wpManager.WebParts)
  // Find the matched closed web part in WebParts collection
  if (webPart.Title == wpTitle && webPart.IsClosed == true)
  string errorMessage;
  //ADD EXPORT PROPERTY
  webPart.ExportMode = WebPartExportMode.All;
  MemoryStream stream = new MemoryStream();
  XmlTextWriter writer = new XmlTextWriter(stream, System.Text.Encoding.UTF8);
  // Export the closed webpart to a memory stream.
  wpManager.ExportWebPart(webPart, writer);
  writer.Flush();
  stream.Position = 0;
  XmlTextReader reader = new XmlTextReader(stream);
  // Import the exported webpart.
  System.Web.UI.WebControls.WebParts.WebPart newWebPart = wpManager.ImportWebPart(reader, out errorMessage);
  reader.Close();
  writer.Close();
  // Show the imported webpart.
  panel.Controls.Add(newWebPart);
  break;
  catch (Exception ex)
  // For debugging use only.
  Label label = new Label();
  label.Text = "Please check your XML configuration for error. " + Environment.NewLine + ex.Message;
  panel.Controls.Add(label);
  catch (Exception ex)
  // For debugging use only.
  Label label = new Label();
  label.Text = "Please Check SPContext.Current.Web is not null. " + Environment.NewLine + ex.Message;
  panel.Controls.Add(label);
  This snippet of code was originally pulled from a microsoft technet article on creating Tabbed web parts "the correct way" but it doesn't work in all scenarios.
  Is there a way to get this code working for Read/Visitors to a SharePoint site?

  From initial observation what I see is that your SPLimitedWebPartManager is not created from an elevated web. Try like below
  SPSecurity.RunWithElevatedPrivileges(delegate()
  using(SPSite elevatedSite = new SPSite(SPContext.Current.Site.ID))
  using(SPWeb elevatedWeb = elevatedSite.OpenWeb())
  using (SPLimitedWebPartManager wpManager = elevatedWeb.GetLimitedWebPartManager(HttpContext.Current.Request.Url.ToString(), PersonalizationScope.Shared))
  { //Rest of your code
  Geetanjali Arora | My blogs |

• How can HelpDesk manage users in multiple Organizations in OIM R2

  Hi All,
  I looking to satisfy a requirement for OIM 11g R2 where a helpdesk administrator can only manage users that belong to a particular institution. However, there are approximately 50% of users that belong to more than one institution, where helpdesk staff from each institution should be able to manage the user. Customer is currently
  doing this in Waveset by assigning users to orgs dynamically through rules which allows multiple virtual orgs. OIM unfortunately has no way to assign a user to multiple orgs, making OOTB authorization management very difficult.
  How can a administrators from different org manage same User. If that user belongs to different org?
  How to achieve this in OIM R2?
  Thanks
  Akshat

  Hi Adr,
  I know the OIM Authorization is around the Organization, and a user can present in only one org in OIM.
  I wanted to know, can we force the authorization based on Department/Institutions rather than Org. I am thinking in reagards of OES Authorization policies.
  OIM unfortunately has no way to assign a user to multiple orgs, making OOTB authorization management slightly difficult.
  I am looking to determine the best approach to accommodate this requirement. Due to the high number of users that reside within multiple institutions, leveraging organizations will not work. Asa far i know OES APM should be able to accommodate this, but could not find any solid guidance in the Oracle training or Oracle by Example documentation.
  Any thoughts?
  -Ak

• Create a user with read only access in the weblogic server 10.3.5

  Hi Friends,
  I am getting the below exception after creating a user (soa_read_only) with read only access in the logs after logging in with this user credentials:
  [2011-11-28T13:22:32.781+05:30] [AdminServer] [WARNING] [] [oracle.jps.admin] [tid: [ACTIVE].ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: soa_read_only] [ecid: 49233e31d176bb92:78c87a90:133e90b0482:-8000-00000000000005d2,0] Access denied. Required roles: Operator, Admin, executing subject: principals=[soa_read_only, Monitors][[
  java.lang.SecurityException: Access denied. Required roles: Operator, Admin, executing subject: principals=[soa_read_only, Monitors]
       at oracle.as.jmx.framework.wls.spi.security.WLSMBeanSecurityHelper.isInWlsGlobalSecurityRoles(WLSMBeanSecurityHelper.java:245)
       at oracle.as.jmx.framework.wls.spi.security.WLSMBeanSecurityHelper.checkGlobalSecurityRoleBasedAccess(WLSMBeanSecurityHelper.java:139)
       at oracle.as.jmx.framework.wls.spi.security.WLSMBeanAccessControllerSPIImpl.checkLogicGlobalSecurityRoleAccess(WLSMBeanAccessControllerSPIImpl.java:35)
       at oracle.as.jmx.framework.MBeanAccessControllerImpl.checkLogicGlobalSecurityRoleAccess(MBeanAccessControllerImpl.java:52)
       at oracle.security.jps.mas.mgmt.jmx.policy.JpsAdminRoleImpl.checkRole(JpsAdminRoleImpl.java:182)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:597)
       at oracle.as.jmx.framework.standardmbeans.spi.OracleStandardEmitterMBean.doInvoke(OracleStandardEmitterMBean.java:973)
       at oracle.adf.mbean.share.AdfMBeanInterceptor.internalInvoke(AdfMBeanInterceptor.java:104)
       at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doInvoke(AbstractMBeanInterceptor.java:252)
       at oracle.as.jmx.framework.generic.spi.security.AbstractMBeanSecurityInterceptor.internalInvoke(AbstractMBeanSecurityInterceptor.java:190)
       at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doInvoke(AbstractMBeanInterceptor.java:252)
       at oracle.security.jps.ee.jmx.JpsJmxInterceptor$2.run(JpsJmxInterceptor.java:344)
       at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
       at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:413)
       at oracle.security.jps.ee.jmx.JpsJmxInterceptor.internalInvoke(JpsJmxInterceptor.java:360)
       at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doInvoke(AbstractMBeanInterceptor.java:252)
       at oracle.as.jmx.framework.generic.spi.interceptors.ContextClassLoaderMBeanInterceptor.internalInvoke(ContextClassLoaderMBeanInterceptor.java:103)
       at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doInvoke(AbstractMBeanInterceptor.java:252)
       at oracle.as.jmx.framework.generic.spi.interceptors.MBeanRestartInterceptor.internalInvoke(MBeanRestartInterceptor.java:116)
       at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doInvoke(AbstractMBeanInterceptor.java:252)
       at oracle.as.jmx.framework.generic.spi.interceptors.LoggingMBeanInterceptor.internalInvoke(LoggingMBeanInterceptor.java:524)
       at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doInvoke(AbstractMBeanInterceptor.java:252)
       at oracle.as.jmx.framework.standardmbeans.spi.OracleStandardEmitterMBean.invoke(OracleStandardEmitterMBean.java:887)
       at oracle.as.jmx.framework.standardmbeans.spi.OracleStandardEmitterConfigMBean.doInvoke(OracleStandardEmitterConfigMBean.java:398)
       at oracle.as.jmx.framework.standardmbeans.spi.OracleStandardEmitterConfigMBean.invoke(OracleStandardEmitterConfigMBean.java:365)
       at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:836)
       at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:761)
       at weblogic.management.mbeanservers.domainruntime.internal.FederatedMBeanServerInterceptor.invoke(FederatedMBeanServerInterceptor.java:349)
       at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$16.run(WLSMBeanServerInterceptorBase.java:449)
       at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.invoke(WLSMBeanServerInterceptorBase.java:447)
       at weblogic.management.mbeanservers.internal.JMXContextInterceptor.invoke(JMXContextInterceptor.java:263)
       at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$16.run(WLSMBeanServerInterceptorBase.java:449)
       at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.invoke(WLSMBeanServerInterceptorBase.java:447)
       at weblogic.management.mbeanservers.internal.SecurityMBeanMgmtOpsInterceptor.invoke(SecurityMBeanMgmtOpsInterceptor.java:65)
       at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$16.run(WLSMBeanServerInterceptorBase.java:449)
       at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.invoke(WLSMBeanServerInterceptorBase.java:447)
       at weblogic.management.mbeanservers.internal.SecurityInterceptor.invoke(SecurityInterceptor.java:444)
       at weblogic.management.jmx.mbeanserver.WLSMBeanServer.invoke(WLSMBeanServer.java:323)
       at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder$11$1.run(JMXConnectorSubjectForwarder.java:663)
       at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder$11.run(JMXConnectorSubjectForwarder.java:661)
       at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
       at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder.invoke(JMXConnectorSubjectForwarder.java:654)
       at javax.management.remote.rmi.RMIConnectionImpl.doOperation(RMIConnectionImpl.java:1427)
       at javax.management.remote.rmi.RMIConnectionImpl.access$200(RMIConnectionImpl.java:72)
       at javax.management.remote.rmi.RMIConnectionImpl$PrivilegedOperation.run(RMIConnectionImpl.java:1265)
       at javax.management.remote.rmi.RMIConnectionImpl.doPrivilegedOperation(RMIConnectionImpl.java:1367)
       at javax.management.remote.rmi.RMIConnectionImpl.invoke(RMIConnectionImpl.java:788)
       at javax.management.remote.rmi.RMIConnectionImpl_WLSkel.invoke(Unknown Source)
       at weblogic.rmi.internal.ServerRequest.sendReceive(ServerRequest.java:174)
       at weblogic.rmi.internal.BasicRemoteRef.invoke(BasicRemoteRef.java:222)
       at javax.management.remote.rmi.RMIConnectionImpl_1035_WLStub.invoke(Unknown Source)
       at javax.management.remote.rmi.RMIConnector$RemoteMBeanServerConnection.invoke(RMIConnector.java:993)
       at weblogic.management.remote.wlx.ClientProvider$WLXMBeanServerConnectionWrapper.invoke(ClientProvider.java:291)
       at weblogic.management.remote.wlx.ClientProvider$WLXMBeanServerConnectionWrapper.invoke(ClientProvider.java:291)
       at oracle.sysman.emSDK.sec.targetauth.emas.EMASConnection.checkTargetRole(EMASConnection.java:222)
       at oracle.sysman.emSDK.sec.targetauth.EMTargetAuthService.checkTargetRoleEx(EMTargetAuthService.java:625)
       at oracle.sysman.emSDK.sec.targetauth.EMTargetAuthService.checkTargetRoleEx(EMTargetAuthService.java:595)
       at oracle.sysman.emSDK.sec.targetauth.EMTargetAuthService.checkTargetRole(EMTargetAuthService.java:577)
       at oracle.sysman.emSDK.sec.authz.EMAuthzService.checkPermission(EMAuthzService.java:288)
       at oracle.sysman.emSDK.pagemodel.menu.EMMenuCommand.getMenuItem(EMMenuCommand.java:681)
       at oracle.sysman.core.app.menu.XMLMenuManager.createEMMenuItem(XMLMenuManager.java:1595)
       at oracle.sysman.core.app.menu.XMLMenuManager.createEMMenu(XMLMenuManager.java:1421)
       at oracle.sysman.core.app.menu.XMLMenuManager.getTargetMenu(XMLMenuManager.java:529)
       at oracle.sysman.core.view.menu.MenuBarUIBean.populateTargetMenu(MenuBarUIBean.java:1023)
       at oracle.sysman.core.view.menu.MenuBarUIBean.getFarmMenuComp(MenuBarUIBean.java:696)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:597)
       at javax.el.BeanELResolver.getValue(BeanELResolver.java:261)
       at com.sun.faces.el.DemuxCompositeELResolver._getValue(DemuxCompositeELResolver.java:173)
       at com.sun.faces.el.DemuxCompositeELResolver.getValue(DemuxCompositeELResolver.java:200)
       at com.sun.el.parser.AstValue.getValue(Unknown Source)
       at com.sun.el.ValueExpressionImpl.getValue(Unknown Source)
       at com.sun.faces.application.ApplicationImpl.createComponent(ApplicationImpl.java:250)
       at javax.faces.webapp.UIComponentELTag.createComponent(UIComponentELTag.java:222)
       at javax.faces.webapp.UIComponentClassicTagBase.createChild(UIComponentClassicTagBase.java:513)
       at javax.faces.webapp.UIComponentClassicTagBase.findComponent(UIComponentClassicTagBase.java:782)
       at javax.faces.webapp.UIComponentClassicTagBase.doStartTag(UIComponentClassicTagBase.java:1354)
       at org.apache.myfaces.trinidad.webapp.UIXComponentELTag.doStartTag(UIXComponentELTag.java:75)
       at oracle.adfinternal.view.faces.unified.taglib.UnifiedMenuTag.doStartTag(UnifiedMenuTag.java:51)
       at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:50)
       at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
       at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
       at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
       at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
       at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
       at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
       at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
       at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
       at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
       at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
       at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
       at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
       at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
       at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
       at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
       at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
       at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
       at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
       at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
       at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
       at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
       at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
       at oracle.jsp.runtime.tree.OracleJspNode.execute(OracleJspNode.java:89)
       at oracle.jsp.runtimev2.ShortCutServlet._jspService(ShortCutServlet.java:89)
       at oracle.jsp.runtime.OracleJspBase.service(OracleJspBase.java:30)
       at oracle.jsp.runtimev2.JspPageTable.compileAndServe(JspPageTable.java:665)
       at oracle.jsp.runtimev2.JspPageTable.service(JspPageTable.java:387)
       at oracle.jsp.runtimev2.JspServlet.internalService(JspServlet.java:802)
       at oracle.jsp.runtimev2.JspServlet.service(JspServlet.java:726)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:821)
       at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
       at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
       at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:27)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
       at oracle.sysman.eml.app.JSPFilter.doFilter(JSPFilter.java:93)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
       at weblogic.servlet.internal.RequestDispatcherImpl.invokeServlet(RequestDispatcherImpl.java:524)
       at weblogic.servlet.internal.RequestDispatcherImpl.include(RequestDispatcherImpl.java:444)
       at weblogic.servlet.jsp.PageContextImpl.include(PageContextImpl.java:164)
       at weblogic.servlet.jsp.PageContextImpl.include(PageContextImpl.java:185)
       at oracle.jsp.runtime.tree.OracleJspIncludeNode.execute(OracleJspIncludeNode.java:49)
       at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
       at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
       at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
       at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
       at oracle.jsp.runtime.tree.OracleJspIterationTagNode.executeHandler(OracleJspIterationTagNode.java:45)
       at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
       at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
       at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
       at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
       at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
       at oracle.jsp.runtime.tree.OracleJspIterationTagNode.executeHandler(OracleJspIterationTagNode.java:45)
       at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
       at oracle.jsp.runtime.tree.OracleJspNode.execute(OracleJspNode.java:89)
       at oracle.jsp.runtimev2.ShortCutServlet._jspService(ShortCutServlet.java:89)
       at oracle.jsp.runtime.OracleJspBase.service(OracleJspBase.java:30)
       at oracle.jsp.runtimev2.JspPageTable.compileAndServe(JspPageTable.java:665)
       at oracle.jsp.runtimev2.JspPageTable.service(JspPageTable.java:387)
       at oracle.jsp.runtimev2.JspServlet.internalService(JspServlet.java:802)
       at oracle.jsp.runtimev2.JspServlet.service(JspServlet.java:726)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:821)
       at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
       at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
       at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:27)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
       at oracle.sysman.eml.app.JSPFilter.doFilter(JSPFilter.java:93)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
       at weblogic.servlet.internal.RequestDispatcherImpl.invokeServlet(RequestDispatcherImpl.java:524)
       at weblogic.servlet.internal.RequestDispatcherImpl.include(RequestDispatcherImpl.java:444)
       at weblogic.servlet.jsp.PageContextImpl.include(PageContextImpl.java:164)
       at weblogic.servlet.jsp.PageContextImpl.include(PageContextImpl.java:185)
       at oracle.adfinternal.view.faces.taglib.region.IncludeTag.__include(IncludeTag.java:442)
       at oracle.adfinternal.view.faces.taglib.region.IncludeTag.doEndTag(IncludeTag.java:232)
       at oracle.adfinternal.view.faces.taglib.region.PageTemplateTag.doEndTag(PageTemplateTag.java:162)
       at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:63)
       at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
       at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
       at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
       at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
       at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
       at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
       at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
       at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
       at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
       at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
       at oracle.jsp.runtime.tree.OracleJspNode.execute(OracleJspNode.java:89)
       at oracle.jsp.runtimev2.ShortCutServlet._jspService(ShortCutServlet.java:89)
       at oracle.jsp.runtime.OracleJspBase.service(OracleJspBase.java:30)
       at oracle.jsp.runtimev2.JspPageTable.compileAndServe(JspPageTable.java:665)
       at oracle.jsp.runtimev2.JspPageTable.service(JspPageTable.java:387)
       at oracle.jsp.runtimev2.JspServlet.internalService(JspServlet.java:802)
       at oracle.jsp.runtimev2.JspServlet.service(JspServlet.java:726)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:821)
       at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
       at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
       at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:27)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
       at oracle.adf.library.webapp.LibraryFilter.doFilter(LibraryFilter.java:176)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
       at oracle.sysman.eml.app.JSPFilter.doFilter(JSPFilter.java:93)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
       at oracle.sysman.core.model.targetauth.EMLangPrefFilter.doFilter(EMLangPrefFilter.java:158)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
       at weblogic.servlet.internal.RequestDispatcherImpl.invokeServlet(RequestDispatcherImpl.java:524)
       at weblogic.servlet.internal.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:253)
       at com.sun.faces.context.ExternalContextImpl.dispatch(ExternalContextImpl.java:410)
       at org.apache.myfaces.trinidad.context.ExternalContextDecorator.dispatch(ExternalContextDecorator.java:45)
       at org.apache.myfaces.trinidad.context.ExternalContextDecorator.dispatch(ExternalContextDecorator.java:45)
       at org.apache.myfaces.trinidad.context.ExternalContextDecorator.dispatch(ExternalContextDecorator.java:45)
       at org.apache.myfaces.trinidad.context.ExternalContextDecorator.dispatch(ExternalContextDecorator.java:45)
       at org.apache.myfaces.trinidadinternal.context.FacesContextFactoryImpl$OverrideDispatch.dispatch(FacesContextFactoryImpl.java:268)
       at com.sun.faces.application.ViewHandlerImpl.executePageToBuildView(ViewHandlerImpl.java:471)
       at com.sun.faces.application.ViewHandlerImpl.renderView(ViewHandlerImpl.java:140)
       at javax.faces.application.ViewHandlerWrapper.renderView(ViewHandlerWrapper.java:191)
       at org.apache.myfaces.trinidadinternal.application.ViewHandlerImpl.renderView(ViewHandlerImpl.java:193)
       at oracle.sysman.emSDK.adfext.ctlr.EMViewHandlerImpl.renderView(EMViewHandlerImpl.java:150)
       at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._renderResponse(LifecycleImpl.java:800)
       at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:294)
       at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:214)
       at javax.faces.webapp.FacesServlet.service(FacesServlet.java:266)
       at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
       at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
       at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:27)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
       at oracle.help.web.rich.OHWFilter.doFilter(Unknown Source)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
       at oracle.sysman.emSDK.license.LicenseFilter.doFilter(LicenseFilter.java:166)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
       at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:205)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
       at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:106)
       at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:447)
       at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60)
       at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:447)
       at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:271)
       at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:177)
       at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
       at oracle.sysman.emas.fwk.MASConnectionFilter.doFilter(MASConnectionFilter.java:41)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
       at oracle.adf.library.webapp.LibraryFilter.doFilter(LibraryFilter.java:176)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
       at oracle.sysman.eml.app.AuditServletFilter.doFilter(AuditServletFilter.java:183)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
       at oracle.sysman.eml.app.EMRepLoginFilter.doFilter(EMRepLoginFilter.java:203)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
       at oracle.sysman.core.model.targetauth.EMLangPrefFilter.doFilter(EMLangPrefFilter.java:158)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
       at oracle.sysman.core.app.perf.PerfFilter.doFilter(PerfFilter.java:141)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
       at oracle.sysman.eml.app.ContextInitFilter.doFilter(ContextInitFilter.java:542)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
       at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:111)
       at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
       at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:413)
       at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:94)
       at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:161)
       at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
       at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:136)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
       at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
       at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)
       at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
       at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
       at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
       at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
       at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
       at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
       at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
  Why this exception is occurring? Kindly help me with this, its a bit urgent!!!!

  Hi
  1. First create a user like readonlyweblogic using some password in Weblogic Console. In Weblogic Console itself, select this new user and go to his Group Memberships and add a Group named Monitors. This means this user has Monitor role for Weblogic Console. Monitor is a Read Only access role to the weblogic console.
  2. NOW, with full admin privileges user, login into EM Console. Select soa_infra, right click mouse -> Security -> Application Roles. On right side, click green arrow and see list of Roles shown. Select the role named SOAMonitors, click on this. And add a User to this that is created above like "readonlyweblogic".
  3. Close all the browsers. Open a new browser and test weblogic console and em console with this new user.
  I have this setup like this in many envs and they all work fine. They are read only access users for admin console and em console.
  Thanks
  Ravi Jegga

• Wiki "Read Only" users can read & write

  I am looking to use the built in Wiki software on our Snow Leopard mac mini server. The wiki is meant to be private with one user able to read and write and another account that can read only. After selecting "read only" the user can still read & write. The read only account is not an administrator so I am not sure why they are not read only, could someone point me in the right direction?
  Thanks for your help!

  Hi,
  According to your post, my understanding is that users with read only permissions can't see custom Master Page and Managed Metadata Navigation SharePoint 2013.
  I suggest to customize the ClientObject model code to retrieve info with elevated privileges and then re-deployed the master page.
  Here is a similar thread for you to take a look at:
  http://social.technet.microsoft.com/Forums/en-US/bd7aa817-114a-46ae-a08a-71d903227ce0/sharepoint-2010-custom-master-page-and-read-only-permission-issue?forum=sharepointadminprevious
  If it doesn’t work, please check more information about the custom Master Page, such as whether it contain content like web parts that with permission limited, or whether you have any changes
  to the read permission group.
  In addition, please check the SharePoint ULS log to find more information, , the ULS log file is in the location: C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\LOGS
  You can check the ULS log by the methods here:
  http://blog.credera.com/technology-insights/microsoft-solutions/troubleshooting-sharepoint-errors/
  Best Regards,
  Linda Li

• Safety issue: Another user can access some read only folders of mine

  Hi,
  big, serious problem: I had created a simple account user for guest access on my 10.5.7 system. Now i logged into this account, opened the finder and browsed my supervisor's home directory. Some folders i had created in there were readable (including the websites folder). Okay, they were set to readable (read only, not read write) according to the Information Window (CMD-I).
  But when i browsed them i decided to delete a file. I selected the file, hit the delete button and wooosh away it was. What the f..? I wasn't even asked for my supervisor' s password. It just had deleted the file.
  Crosschecking by creating a new folder and moving it into the very same directory revealed i had write access. NOT GOOD! (scream!)
  Anyone had the same shocking experience of OS X being not safe?
  However, after i changed the permissions of the respective folders to "no permissions" and then changed them back to "read only", they at least were read only.
  But hey - how can I tell which folders of mine are really safe? I can't check up every folder if another user on my system has "by accident" write permissions to a folder which reads "read only" in the Information Window.
  Help!
  Fox

  Foxboy71 wrote:
  Hi,
  I've created the first folder as a "Data" Folder *inside my home directory* to archive Downloads of different kinds (Programs / Utils / all this stuff). i wanted to have these Downloads accessible for all Users so that they can get the Data out of this folder. So the path is /Users/(me)/Data.
  The other folder is my "Website" folder, standard OS X.
  The exact Information of the Info Window:
  (Me) read&write
  admin read&write
  everyone read only
  the User account in question is not an admin account.
  now I'm completely confused. are you saying that you can write to this folder from a different account which is not an admin account?? that should not be possible based on these permissions. please double-check and make sure that the other account is not listed as admin in system preferences->accounts.
  also, these permissions are wrong anyway. did you change them yourself? the default permissions on a newly created folder in your home directory should look quite different. log in as your main user and make a folder at the top level of your home directory. what are the permissions there?
  P.S. the unknown user you see is quite normal if you upgraded to leopard from Tiger.
  My account is an admin account.
  Thanks for the reply,
  Fox

• Grant read only to one user

  Hello everyone,
  I'd gone through unlimited forums and blogs but not got any proper solution and is getting confused as I'm not good in sql.
  I had created a db user.
  I need grant it following privileges same as read only apps user:-
  (1) It can only select all tables except dba related tables, views etc.
  (2) It can only select any table of any user
  (3) It can only select any function, procedures and every custom objects.
  (4) it can select any table without prefixing apps. before table.
  Step by step instructions required with sql statements.

  Hi,
  Richa wrote:
  Hello everyone,
  I'd gone through unlimited forums and blogs but not got any proper solution and is getting confused as I'm not good in sql.
  I had created a db user.
  I need grant it following privileges same as read only apps user:-
  (1) It can only select all tables except dba related tables, views etc.
  (2) It can only select any table of any userThe SELECT ANY TABLE system privilege enables a user to select from any table including dba related tables and views. If you want to exclude them, then you have to give SELECT privileges on all the other tables, one at a time, and remember to do it for new tables as they are created.
  (3) It can only select any function, procedures and every custom objects.The EXECUTE ANY PROCEDURE system privilege does that.
  (4) it can select any table without prefixing apps. before table.Don't be sill. That's like saying "it can select from any table without giving the table name", or "without typing anything".
  You might reduce how often you have to qualify the table name with the schema name by using "ALTER SESSION SET CURRENT_SCHEMA = schema_name;".
  Step by step instructions required with sql statements.To give the privileges mentioned in (1), (2) and (3) to user FUBAR, log in as SYSTEM and say
  GRANT  SELECT ANY TABLE          TO fubar;
  GRANT  EXECUTE ANY PROCEDURE     TO fubar;