OVD Roles

Hello folks,
I have some questions regarding OVD roles:
It is possible to defer defined groupings of users to an attached data source?
It is possible to defer defined groupings of users through a PAAM module?
Product administrative roles can have a clear delineation from general client access control?
I know are generic questions but any help can be appreciated.
Thanks

user8846155 wrote:
This method seems a little inefficient compared to the first. I think you can deal with that. Pre-fetch and caching come to mind.
When you say the database is the slave, are you suggesting we keep our user tables for query join purpose? Use some method of synchronization?Yes, exactly. Not just for join purpose but also to avoid changing the app. Avoiding data sunch from LDAP tp your database is a goal that may be less important than having your app work fast and avoid change..this depends on your priorities of course.
If we were to use OVD instead of SQL, we would need some method of representing our role/context associations in OVD.
User-> Role-> One or more context values for user association to role.
As a user, I may be an agent for two customers, with 1 having further restriction on contracts.
Role      Context
Agent Customer X
Agent Customer Y, Contract Z
I apologize if I am not being very clear.Your question is basically how to translate database schema to directory schema. There's many ways to do that. One way:
Object class Role
- attribute customerID
- attribute contractID
Object class User
- multi-valued attribute 'role' of type Role
User entry for Agent / Customer X
- objectclass User with 'role' set to Agent.
- objectlcass Role with 'customerID' set to CustomerX
User entry for Agent / Customer Y
- objectlcass User with 'role' set to Agent.
- objectclass Role with 'customerID' set to CustomerY and 'contractID' set to Contract Z.
Then it's very easy to construct an LDAP query to pull out your users depending on their role and context (customer and contract).

Similar Messages

  • BPM 11g workspace not show user from OVD - top most authentication provider

    Hi,
    We have added OVD which connected to LDAP as the top-most authentication provider for myrealm. The order of the providers are:
    (1) OVD (control Flag:SUFFICIENT)
    (2) DefaultAuthenticator(control Flag: REQUIRED)
    (3) DefaultIdentityAsserter
    The users and groups from the OVD are displayed in the weblogic console and are searchable in the OEM when I want to add the user/group to the application role but not in the BPM workspace. I find a related thread:
    Weblogic administrator account is inactive after enabling DB Authenticator
    It seems I did the same but I am still able to login bpm workspace with weblogic id. I guess my BPM does not use OVD for the Authenticator at all and it is still using DefaultAuthenticator. Can anyone please help and let me know what I missed for the setting? Should I put DefaultIdentityAsserter to the 2nd in the provider list to solve this?
    Thanks,
    Helen
    Edited by: Helen on Mar 22, 2011 7:31 AM

    Hi Helen
    Make sure that for the second Authenticator (DefaultAuthenticator) the required Flag is SUFFICIENT. From Weblogic point of view, if it is required, this means that user should and must exist in this provider also. Since you configured external LDAP and say you have something like "mytestuser" in LDAP. I guess you already added this user "mytestuser" to the BPMWorflowAdmin role as per the forum you listed below. But this user may not and will not exist in the default authenticator. So try making it sufficient and see if that works.
    As mentioned in my earlier post, I do have LDAP cconfigured to my BPM Domain and this is the first in the order of providers. I added a user from this LDAP into workflow admin role in em. I could login into bpm/workspace and see adminstrator link.
    Thanks
    Ravi Jegga

  • OVD/OID group reconciliation in OIM 11g with LDAP sync

    Hi All!
    Is it possible to reconcile OID groups to OIM using LDAP sync? How to achieve such configuration?
    I have OIM with LDAP sync and user and roles provisining to OVD is working.
    best
    mp

    Hi,
    I want to Integrate OIM and OID. Can you guide me in doing so?. The platform I will use is Windows 2003 Server, OIM version is 9.1. Also please tell me which version of OID i should use.
    Note: I am new to OID and OIM.
    Thanks in advance.
    Regards,
    Kazmi

  • How to create local store adapters in bulk without using ODSM in OVD

    Hello,
    Our requirement is to create 62 local store adapters in OVD
    Hence, it can not be done using manual effort
    I have tried to do this using below approach:
    Create an ldif containing 62 groups
    Update adapters.os_xml to have the 62 nodes of "standard" per adapter
    restart OVD
    import ldif file in data browser in ODSM
    However, this approach is not working
    I am not able to search these groups in my configured OAM and getting "No profile configured for such kind of group" error in identity console of OAM (10g)
    Please help
    Thanks,
    Purva

    You cannot create a APPdomain without DNS manager. 
    You can install DNS role on a machine and update your sharepoint server's DNS to consume from this DNS server. APPdomain cannot work without DNS

  • Best practices on enterprise and application roles in OIM and OAM 11g?

    Hi, all,
    I wonder if any of you can give me some advice on role design for OIM and OAM 11g. I'd like to have both enterprise roles, such as Accountant II, and application roles, such as App1_User, App1_Admin, etc. Ideally, the enterprise role would automatically give the user the appropriate application roles, but I can't figure out how to do that. We tried using OIM 11g's inheritance, but when the application role is inherited, OAM doesn't see it in OID/OVD and therefore doesn't think the user has the correct authorization to access the application. I thought about using role membership rules, but those seem to only allow you to use user attributes to control membership, which doesn't help at all in my situation.
    How is this situation best handled? Any advice much appreciated!
    Ariel Anderson
    Senior Business Analyst
    Zirous, Inc.

    Hi,
    I am assuming in clustered environment you are having two instances running.
    It must be an issue with a single server,,because the problem is intermittent.
    To see which server is causing problem....just perform the following steps:
    1) Stop server1 and keep running server2..and fire new registration request...
    2) stop server 2..and keep running server1.....and fire new registration request.
    Using above, atleast you can see which server is causing the problem...
    Regards,
    J
    Edited by: J_IDM on Mar 21, 2011 10:52 PM

  • Roles and Permissions in Oracle BI Publisher

    Hi,
    I am trying to do Role based access in the Oracle BI reporting.The roles will be in the OVD/OID and OBIR reports access should be controlled as per those roles.
    The document I refered is
    http://docs.oracle.com/cd/E14571_01/bi.1111/e13880/T539768T526688.htm#xdosa_und_users.
    When I clicked on Permissions and added some permissions like Read,Write etc..and clicked Ok,"Failed" message is displaying.
    Any idea why this error is coming?
    Thanks in advance.
    Edited by: Subin Cheruvath on Feb 17, 2013 11:00 PM

    DiscoUser.
    Skulls lays it out well in that a database user has a database name (ie: rproudman). Then they can have a role (ie: cost manager).
    Similarly in Oracle Apps, there is an Oracle Apps user (ie: could be the same - rproudman). And they can have one or many responsibilities (ie: cost manager).
    Where Disco is concerned, is that if you create an Apps mode EUL, when you log in with your Oracle Apps username and password, you are presented with a list of Oracle Apps responsibilities that have been assigned to you in Oracle Apps (unless you only have 1 responsibility where the list won't be presented, but you'll be using that responsibility by default). As security, workbooks, etc. can - AND SHOULD - only be shared with responsibilities, when you log in to Disco as one responsibility, you might see a number of reports you're allowed to run. Go back in with a new responsibility and you may see a different set of reports. Works just like switching responsibility in Oracle Apps.
    Russ

  • URGENT: OVD adapter

    Hi All,
    I have below requirement:
    Our OID 11g has entry cn=SeedRoleGroups,cn=Groups,dc=oracle,dc=com. There is one entry under this called cn=SeedRoleGroup9,cn=SeedRoleGroups,cn=Groups,dc=oracle,dc=com. This entry has cn=RoleGroupD,cn=Roles,cn=DomainA,cn=Domains,dc=oracle,dc=com as uniquemember.
    In the RoleGroupD entry cn=RoleGroupD,cn=Roles,cn=DomainA,cn=Domains,dc=oracle,dc=com it has unique member uid=admin, cn=users, dc=oracle,dc=com which is a user.
    Now I want to have the entries in OVD 11g as shown below:
    cn=AggregatedGroups will contain the SeedRoleGroup entries, but will also show the users as uniquemembers.
    i.e.
    cn=AggregatedGroups
    cn=SeedRoleGroup1
    cn=SeedRoleGroup2
    cn=SeedRoleGroup9
    uniquemember=cn=RoleGroupD,cn=Roles,cn=DomainA,cn=Domains,dc=oracle,dc=com
    uniquemember=uid=admin, cn=users, dc=oracle,dc=com
    Can someone throw light how to achieve this? I have tried with join adapter and it is showing only entries of cn=SeedRoleGroup9,cn=SeedRoleGroups,cn=Groups,dc=oracle,dc=com which has uniquemember as cn=RoleGroupD,cn=Roles,cn=DomainA,cn=Domains,dc=oracle,dc=com but I also want user uid=admin, cn=users, dc=oracle,dc=com as uniquemember in the same cn=SeedRoleGroup9....
    Can this be achieved using Join adapter? If so please help with Join Rules.
    Edited by: 903004 on 07-Mar-2012 04:23

    Can someone help, please? This is urgent.

  • ADF Security & DB roles

    Adding on behalf of one of my colleague.
    ADF Security.
    Currently we have roles as database objetcs. These roles are assigned to different users.
    We need to populate these roles as Application Roles in ADF Security.
    Please let us know is there any suggestion available for this.
    Best Regards,
    Lokanath

    fyi
    Frank Nimphius wrote:
    ... 1. roles in a table
    In this case use SQL Authenticator in WLS ...Be wary when using ADF Security (OPSS) with a SQLAuthenticator.
    This is feedback I got in SR 3-4124753004 :
    "If the you want to use DB as the identity store, then the supported way is to buy OVD server license and configure DB adapter in OVD and then configure an OVD authenticator in Weblogic. SQLAuthenticator will not be used as identity store. And, we do not recommend to use LibOVD for DB identity store. OVD server is the recommended and supported way."
    related bugs are :
    - bug 13876651, "FMW CONTROL SHOULD NOT ALLOW MANAGING USERS GROUPS FROM SQL AUTHENTICATOR"
    - enhancement request 12864498, "OPSS : ADDMEMBERSTOAPPLICATIONROLE : THE SEARCH FOR ROLE FAILED"
    related forum threads are :
    - "ADF Security : identity store : tables in a SQL database"
    - "OPSS : addMembersToApplicationRole : The search for role failed"
    regards
    Jan Vervecken

  • OAM OIM OID OVD ?

    I always hear these things from Oracle, OAM, OIM, OID and OVD. are they the same thing? if not, I belive they are related since people always mention them together, then, what's relationship? please clarify
    I'm new to Oracle identity management products. please let me know if there are any others products closely relate to above in this family.
    Thanks

    Hi,
    Each and every thing performs specific role,It will interdependent you can say when it comes to implementation.
    OAM->oracle access manager=performing authentication and authorization of web based and non webbased resources by protecting them.
    OIM->oracle identity manager =managing identities of organisation,integrating and provisioning(giving access) to various application and single sign on.
    OID->oracle internet directory=its one of the directory server like sun directory server,AD for managing user data.
    OVD->oracle virtual directory=its a virtual directory server which provides only view from multiple directory servers.
    Please go through oracle docs for more info.
    Thanks,
    Ragu.

  • Re-using roles

    Is it possible to use roles defined for a particular site in
    another site without recreating them? We have a large organization
    with multiple sites (to avoid confusion with workflow), and we
    often use the same role settings when defining custom roles.
    Is there a way to make these common roles "global" like the
    pre-defined ones, or to export them from one site and import them
    into another?
    Thanks,
    Jack

    Marcelo,
    You can manager users using EUSM (executable) found on the oid/ovd installation. Global/local role has to be created on the database side. All EUS mapping can be done on the OID or OVD side using "eusm". There is a metalink note that gives lots of examples on this. Or you can also use enterprise manager grid control that lets you do the same.
    As or OVD vs. OID, I am not aware of any major limitations. just operational limitations. Since OID is a ldap server by itself, you can do a lot of tracing/auditing yourself instead of relying on other LDAP admins (unless you manage other ldap servers also). We are currently implementing oid 11.1.1.2 for EUS and I know of my previous employer who is in the middle of implementing OVD 11g (with sun one directory).
    Regards,
    Shaji
    http://www.linkedin.com/in/shajivps

  • Error while generating a role

    Hi SAP Techies,
    I am getting the following error while generating a role,
    "18 field value(s) for object K_CCA were not entered in the profile"
    Can you please provide me a solution to fix this problem.
    Thanks.
    Regards,
    Agustuss

    How many cost centres are you putting in the role?  Do you have cost centre set as an org level?
    From your User Name I assume that you are at the BBC...Do you still use a program to populate the cost centres in the role based on the cost centre group names?  If so it is possible that you are trying to put too many cost centres in the field and the the profile will not generate because of this (we had it back in 2001 when I was working there).
    Do you have the technical error message details?

  • Error while creating a new connection in ODSM for OVD

    Hi all,
    I am getting the following error while creating a new connection in ODSM for OVD.
    Error log:
    [2012-07-10T14:50:30.005+05:30] [wls_ods1] [ERROR] [] [oracle.adfinternal.view.faces.config.rich.RegistrationConfigurator] [tid: [ACTIVE].ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000JXkC9dU3FClqwsJb6G1FyhO000003D,0] [APP: odsm#11.1.1.2.0] Server Exception during PPR, #7[[
    javax.servlet.ServletException: Could not initialize class com.octetstring.vde.admin.services.client.VDEAdminServiceSoapBindingStub
    at javax.faces.webapp.FacesServlet.service(FacesServlet.java:277)
    at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
    at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
    at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
    at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.help.web.rich.OHWFilter.doFilter(Unknown Source)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:97)
    at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:420)
    at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60)
    at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:420)
    at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:247)
    at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:157)
    at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.dms.wls.DMSServletFilter.doFilter(DMSServletFilter.java:326)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
    at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
    at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
    at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
    at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
    at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
    at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
    Caused by:
    =======
    java.lang.NoClassDefFoundError: Could not initialize class
    com.octetstring.vde.admin.services.client.VDEAdminServiceSoapBindingStub
    at com.octetstring.vde.admin.services.client.ServerMgrServiceLocator.getVDEAdminService(ServerMgrServiceLocator.java:58)
    at oracle.ldap.odsm.model.ovd.APServerProxy.connect(APServerProxy.java:248)
    at oracle.ldap.odsm.model.ovd.APServerProxy.authenticateAs(APServerProxy.java:684)
    at oracle.ldap.odsm.model.ovd.APServerProxy.authenticate(APServerProxy.java:286)
    at oracle.ldap.odsm.model.ovd.APServerProxy.init(APServerProxy.java:216)
    at oracle.ldap.odsm.model.ovd.APServerProxy.<init>(APServerProxy.java:198)
    at oracle.ldap.odsm.model.ovd.OVDRoot.connectOVD(OVDRoot.java:185)
    at oracle.ldap.odsm.ui.common.Connection.connect(Connection.java:120)
    at oracle.ldap.odsm.ui.common.Visit.createConnection(Visit.java:663)
    at oracle.ldap.odsm.ui.common.Login.saveChanges(Login.java:215)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at com.sun.el.parser.AstValue.invoke(Unknown Source)
    at com.sun.el.MethodExpressionImpl.invoke(Unknown Source)
    at org.apache.myfaces.trinidadinternal.taglib.util.MethodExpressionMethodBinding.invoke(MethodExpressionMethodBinding.java:53)
    at org.apache.myfaces.trinidad.component.UIXComponentBase.broadcastToMethodBinding(UIXComponentBase.java:1245)
    at org.apache.myfaces.trinidad.component.UIXCommand.broadcast(UIXCommand.java:183)
    at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.broadcastEvents(LifecycleImpl.java:812)
    at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:292)
    at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:177)
    at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265)
    ... 28 more
    How to resolve this issue.Pls suggest me.
    Regards,
    -Deena.

    Hi Deena,
    This error:
    "[2012-07-10T14:50:30.005+05:30] [wls_ods1] [ERROR] [] [oracle.adfinternal.view.faces.config.rich.RegistrationConfigurator] [tid: [ACTIVE].ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000JXkC9dU3FClqwsJb6G1FyhO000003D,0] [APP: odsm#11.1.1.2.0] Server Exception during PPR, #7[[
    javax.servlet.ServletException: Could not initialize class com.octetstring.vde.admin.services.client.VDEAdminServiceSoapBindingStub"
    is known issue
    Go to metalink, article: Unable To Connect To OVD 11g Webinterface Using ODSM. [ID 1282757.1]
    You need to apply that patch.
    I hope this helps,
    Thiago Leoncio.

  • Cannot send email from Powershell on Mailbox Role

    Hi,
    I am trying to send an email from Powershell on Mailbox role of Exchange server. I have installed Symantec Mail Security on Mailbox Role.
    When I try to send email using Powershell, I got the following error.
    PS C:\a> Send-MailMessage -to [email protected] -Subject "Alert Closed.. Service is restarted on Computer" -from
    [email protected] -Body "The service was found stopped on Computer it was started automatically and it is now running normally." -bodyasHTML -priority High -SmtpServer smtp.domain.com
    Send-MailMessage : Service not available, closing transmission channel. The server response was: 4.3.2 Service not active
    At line:1 char:1
    + Send-MailMessage -to [email protected] -Subject "Alert Closed.. Service is ...
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : InvalidOperation: (System.Net.Mail.SmtpClient:SmtpClient) [Send-MailMessage], SmtpException
        + FullyQualifiedErrorId : SmtpException,Microsoft.PowerShell.Commands.SendMailMessage
    This command is working fine on every server except exchange server (CAS, Mailbox). Firewall is off on the servers.
    Any help will be highly appreciated.
    Regards,
    Anees

    Hi,
    Please check the similar thread .
    http://social.technet.microsoft.com/Forums/exchange/en-US/ef699832-8da9-4709-9a50-c6223b13bd95/sendmailmessage-returns-the-server-response-was-432-service-not-available?forum=exchangesvrsecuremessaginglegacy
    smtp server (smtp.domain.com) is rejecting the connection from the
     Mailbox role of Exchange server.
    So please allow the mailbox server ip address on the smtp server's (i.e. smtp.domain.com)
    receive connector to get it done 
    Regards
    S.Nithyanandham
    Thanks S.Nithyanandham

  • How to get security roles in a JSF portlet

    I need to get the LDAP user-roles available in the Sun Portal Server 7 in my JSF-168 portlet.
    I've added the mapping file, updated the portlet.xml and web.xml, deployed the portlet (psconsole). But the portlet shows the "content not available" error with javax....title title.
    I've probably messed up the descriptors, but I don't see what is wrong. Here they are:
    roleMaps.properties
    cn\=VSM.Administrator,dc\=neco,dc\=cz=Administrator
    web.xml
    <?xml version="1.0" encoding="UTF-8"?>
    <web-app version="2.4">
      <context-param>
        <param-name>javax.faces.STATE_SAVING_METHOD</param-name>
        <param-value>server</param-value>
      </context-param>
      <context-param>
        <param-name>javax.faces.CONFIG_FILES</param-name>
        <param-value>/WEB-INF/navigation.xml,/WEB-INF/managed-beans.xml</param-value>
      </context-param>
      <context-param>
        <param-name>com.sun.faces.validateXml</param-name>
        <param-value>true</param-value>
      </context-param>
      <context-param>
        <param-name>com.sun.faces.verifyObjects</param-name>
        <param-value>false</param-value>
      </context-param>
      <filter>
        <filter-name>UploadFilter</filter-name>
        <filter-class>com.sun.rave.web.ui.util.UploadFilter</filter-class>
        <init-param>
          <description>
              The maximum allowed upload size in bytes.  If this is set
              to a negative value, there is no maximum.  The default
              value is 1000000.
            </description>
          <param-name>maxSize</param-name>
          <param-value>1000000</param-value>
        </init-param>
        <init-param>
          <description>
              The size (in bytes) of an uploaded file which, if it is
              exceeded, will cause the file to be written directly to
              disk instead of stored in memory.  Files smaller than or
              equal to this size will be stored in memory.  The default
              value is 4096.
            </description>
          <param-name>sizeThreshold</param-name>
          <param-value>4096</param-value>
        </init-param>
      </filter>
      <filter-mapping>
        <filter-name>UploadFilter</filter-name>
        <servlet-name>Faces Servlet</servlet-name>
      </filter-mapping>
      <servlet>
        <servlet-name>Faces Servlet</servlet-name>
        <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
        <load-on-startup>1</load-on-startup>
      </servlet>
      <servlet>
        <servlet-name>ExceptionHandlerServlet</servlet-name>
        <servlet-class>com.sun.errorhandler.ExceptionHandler</servlet-class>
        <init-param>
          <param-name>errorHost</param-name>
          <param-value>localhost</param-value>
        </init-param>
        <init-param>
          <param-name>errorPort</param-name>
          <param-value>25444</param-value>
        </init-param>
      </servlet>
      <servlet>
        <servlet-name>ThemeServlet</servlet-name>
        <servlet-class>com.sun.rave.web.ui.theme.ThemeServlet</servlet-class>
      </servlet>
      <servlet>
        <description>Generated By Sun Java Studio Creator</description>
        <display-name>CreatorPortlet Wrapper</display-name>
        <servlet-name>VSMPortal</servlet-name>
        <servlet-class>org.apache.pluto.core.PortletServlet</servlet-class>
        <init-param>
          <param-name>portlet-class</param-name>
          <param-value>com.sun.faces.portlet.FacesPortlet</param-value>
        </init-param>
        <init-param>
          <param-name>portlet-guid</param-name>
          <param-value>VSMPortal.VSMPortal</param-value>
        </init-param>
      </servlet>
      <servlet-mapping>
        <servlet-name>ExceptionHandlerServlet</servlet-name>
        <url-pattern>/error/ExceptionHandler</url-pattern>
      </servlet-mapping>
      <servlet-mapping>
        <servlet-name>ThemeServlet</servlet-name>
        <url-pattern>/theme/*</url-pattern>
      </servlet-mapping>
      <servlet-mapping>
        <servlet-name>VSMPortal</servlet-name>
        <url-pattern>/VSMPortal/*</url-pattern>
      </servlet-mapping>
      <welcome-file-list>
        <welcome-file>faces/null</welcome-file>
      </welcome-file-list>
      <error-page>
        <exception-type>javax.servlet.ServletException</exception-type>
        <location>/error/ExceptionHandler</location>
      </error-page>
      <error-page>
        <exception-type>java.io.IOException</exception-type>
        <location>/error/ExceptionHandler</location>
      </error-page>
      <error-page>
        <exception-type>javax.faces.FacesException</exception-type>
        <location>/error/ExceptionHandler</location>
      </error-page>
      <error-page>
        <exception-type>com.sun.rave.web.ui.appbase.ApplicationException</exception-type>
        <location>/error/ExceptionHandler</location>
      </error-page>
      <jsp-config>
        <jsp-property-group>
          <url-pattern>*.jspf</url-pattern>
          <is-xml>true</is-xml>
        </jsp-property-group>
      </jsp-config>
         <security-role>
              <role-name>Administrator</role-name>
         </security-role>          
    </web-app>
    portlet.xml
    <?xml version='1.0' encoding='UTF-8' ?>
    <portlet-app xmlns='http://java.sun.com/xml/ns/portlet/portlet-app_1_0.xsd' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' xsi:schemaLocation='http://java.sun.com/xml/ns/portlet/portlet-app_1_0.xsd                         http://java.sun.com/xml/ns/portlet/portlet-app_1_0.xsd' version='1.0'>
         <portlet>
              <description>Created By Java Studio Creator</description>
              <portlet-name>VSMPortal</portlet-name>
              <display-name>VSMPortal Portlet</display-name>
              <portlet-class>com.sun.faces.portlet.FacesPortlet</portlet-class>
              <init-param>
                   <name>com.sun.faces.portlet.INIT_VIEW</name>
                   <value>/Uctarna.jsp</value>
              </init-param>
              <expiration-cache>0</expiration-cache>
              <supports>
                   <mime-type>text/html</mime-type>
                   <portlet-mode>VIEW</portlet-mode>
              </supports>
              <supported-locale>en</supported-locale>
              <portlet-info>
                   <title>VSMPortal</title>
                   <short-title>VSMPortal</short-title>
                   <keywords>Creator</keywords>
              </portlet-info>
              <security-role-ref>
                   <role-name>Administrator</role-name>
                   <role-link>Administrator</role-link>
              </security-role-ref>          
         </portlet>
    </portlet-app>If I don't use the security-role and security-role-ref tags, the portlet works, and the isUserInRole method obviously doesn't.

    Nobody uses the LDAP roles in a portlet? Anybody knows other thread discussing similar issue (I can't find anything)?

  • Creating a Role view in a workflow

    I'm trying to create a role view in my workflow with the following code but it gives me an error: com.waveset.util.InternalError: Unable to locate ViewHandler for 'role'.
    <Action application='com.waveset.session.WorkflowServices'>
                <Argument name='op' value='createView'/>
                <Argument name='type' value='Role'/>
                <Return from='view' to='view'/>
              </Action>Has anyone created a role from a workflow, java or SPML?

    nvm figured it out.
    <Action id='0' application='com.waveset.session.WorkflowServices'>
              <Argument name='op' value='createView'/>
              <Argument name='type' value='Role'/>
              <Argument name='viewId' value='Role'/>
              <Argument name='Form' value='Empty Form'/>
              <Argument name='authorized' value='true'/>
              <Return from='view' to='role'/>
            </Action>       

Maybe you are looking for

  • German menu options in the app store instead of English

    When I select the app store icon on my iPad main screen, I am taken to the US based app store, however all menu options are in German. The apps themselves are still US based and still in US currency I.e I do not have Germany selected as my country ot

  • How can I find the original newsfeed addresses in apple RSS mail

    I subscribe to a lot of newsfeeds through my apple mail RSS feed.  Now I want to find the original addresses to load onto a new device, but the apple mail only shows the title I gave the feed.  Where is the actual feed hidden (for example feedburner

  • Package designing strategy (may be stupid question)

    Hi, I always run into this problem while deciding package structure. Hope I can get it resolved once and for all here. There are customer and products domain objects. I will create seperate packages for them. Say each package will have several classe

  • Disappearing actual values in plan query

    HI, I have a problem with input ready query in Integrated Planning (BI 7.0 s.p. 23). In query I have a few key figures with actual values and two key figures ready to insert plan values. In rows I have 3 charcteristics (costcenter and two others). In

  • Hi Guru's I need this Codes

    Hi all, im new in this SQL type Commands. benn studying this for almost 2 weeks. if you can help me with this... i would like to know how to ADD, EDIT, SEARCH using SQL codes with the follwing... i have 4 fields in my DB namely (RegNo, Lastname, Firs