RE:Oracle Role manager

HI
can any one explain me in brief about Oracle Role Manager and where Service Oriented Architecture comes in to picture.
Thanks

All I know abt ORM is,
1)for a typical ORM engagment you need to first need to do a top dpwn analysis to identify commonly used roles and privileges and translate them into Business Roles and IT Roles respectively.
2) Load Hierarchy data, clean the data through ORM reporting
3) Use Role Discoverer to mine the roles fed to it.
4) this will then translate into a role catalogue which you need the business to agree upon and sign off on.

Similar Messages

  • Problems with the installation of Oracle Role Manager

    Hello everyone;
    I have a problem with the deployment of Jboss 4.05GA; just can not load the Role Manager Administrative Console (http://localhost:8080/ormconsole)
    Probe load the Jboss and that if I load the console this APPSERVER (http://localhost:8080)
    Also probe load the Role Manager Web UI and I had no problems (http://localhost:8080/webui)
    Use the method of installation Install Software Only then can make the integration with the IOM.
    Any suggestions for solving this problem.
    Part of the Log:
    14:17:02,953 ERROR [URLDeploymentScanner] Incomplete Deployment listing:
    --- Incompletely deployed packages ---
    org.jboss.deployment.DeploymentInfo@40e1e159 { url=file:/C:/jboss-4.0.5.GA/serve
    r/default/deploy/server.ear }
    deployer: org.jboss.deployment.EARDeployer@873723
    status: Deployment FAILED reason: URL file:/C:/jboss-4.0.5.GA/server/default/t
    mp/deploy/tmp18940server.ear-contents/ormconsole-exp.war/ deployment failed
    state: FAILED
    watch: file:/C:/jboss-4.0.5.GA/server/default/deploy/server.ear
    altDD: null
    lastDeployed: 1228418189671
    lastModified: 1228418186515
    mbeans:
    --- MBeans waiting for other MBeans ---
    ObjectName: jboss.web.deployment:war=ormconsole.war,id=-1206236729
    State: FAILED
    Reason: org.jboss.deployment.DeploymentException: URL file:/C:/jboss-4.0.5.GA/
    server/default/tmp/deploy/tmp18940server.ear-contents/ormconsole-exp.war/ deploy
    ment failed
    --- MBEANS THAT ARE THE ROOT CAUSE OF THE PROBLEM ---
    ObjectName: jboss.web.deployment:war=ormconsole.war,id=-1206236729
    State: FAILED
    Reason: org.jboss.deployment.DeploymentException: URL file:/C:/jboss-4.0.5.GA/
    server/default/tmp/deploy/tmp18940server.ear-contents/ormconsole-exp.war/ deploy
    ment failed
    14:17:03,281 INFO [Http11BaseProtocol] Starting Coyote HTTP/1.1 on http-0.0.0.0
    -8080
    14:17:03,718 INFO [ChannelSocket] JK: ajp13 listening on /0.0.0.0:8009
    14:17:03,781 INFO [JkMain] Jk running ID=0 time=0/94 config=null
    14:17:04,015 INFO [Server] JBoss (MX MicroKernel) [4.0.5.GA (build: CVSTag=Bran
    ch_4_0 date=200610162339)] Started in 1m:35s:859ms
    Thank you

    HI JLK,
    i think i have solved the problem. Try to install the Oracle Role Manager with the installer and select the "Install Software and Configure" and install the "Standard Model" to the Database. Don't deploy the standard.car file.
    I hope i could help you.
    Thomas

  • Oracle Role Manager won't install

    I'm running MS Windows Server 2003 SP1 in a Virtual PC environment. The Oracle DB instance that I plan to connect with is hosted on another Virtual PC. Network configuration between the Guest PCs appears to be working normally through a Microsoft Loopback Adapter that I installed on the Host.
    When attempting to run the setup.exe utility that ships with ORM (which should trigger the launch of the Oracle Universal Installer), a CMD window opens in which I can see things proceeding as I would expect them to.
    However, when the window closes, instead of the Universal Installer GUI popping up, nothing happens.
    When you restart the server, you get a message indicating that setup.exe encountered some problems and are prompted to report the problem to Microsoft.
    Any ideas on how to resolve this?
    Edited by: imcapple on May 13, 2009 3:11 PM

    Sounds like an issue with OUI - there's a log file in Program Files\Oracle\<something> that should lead you toward the OUI log file. In my experience the reason this happens is due to java classpath issues..
    Paul

  • Oracle Role Manager integration with OIM

    Hi all
    I need to test installation OIM and ORM products.
    This products was installed on windows platform. My questions are:
    1) How realized connection (integration) between OIM and ORM ???
    2) Where i can search information (documents) over ORM product ???
    Thanks for u time
    Gustavo

    Hi Gustavo,
    Did you able to integrate ORM and OIM? I am getting some database error whcih deploying the integration libarary. Can you please offer me some help on this.
    Debi

  • Role Management in Oracle !!

    Friends ,
    I have the follwoing two questions about the Oracle's Role Management ,
    1)
    Suppose I create a role 'role1' and give the below privileges :
    SQL> grant select on scott.dept to role1;
    Grant succeeded.
    SQL> grant update on scott.dept to role2;
    Grant succeeded.Now , would anybody please tell me , using which view I can see these privileges or from which views , I can see the privileges which contains 'role1' /'role2'? I try to use the views like , dba_role_privs, role_role_privs, dba_sys_privs, role_sys_privs, role_tab_privs BUT I cannot find .
    2)
    I need an example How I can manage a ROLE externally ( by using O/S authentication ) . I set OS_ROLES=TRUE , but cannnot connected to the databaes . It shows following error :
    SQL> grant role1 to aaron;
    grant role1 to aaron
    ERROR at line 1:
    ORA-01956: invalid command when OS_ROLES are being usedWould anybody plz give me a proper documentation from where I can get a proper example ?
    I am using LINUX O/S .
    Waiting for kind reply ... ...
    Edited by: shipon_97 on Dec 2, 2009 6:26 PM

    1. select from dba_tab_privs
    2. You can find documentation at tahiti.oracle.com
    You would get better answers if you listed the Oracle version you are using.

  • Error in oim Role creation using Role Manager Service API from Standalone Java client

    Hi,
      Facing the following error when trying to create Role using Role Manager Service API from a standalone java client .
    Tried with the solution of changing ,
    Login into the Web Logic Admin Console --> Servers --> OIM Server --> Protocols --> Modify the Maximum Message from 100000000 to 1000000000, but still the problem persists.
    Exception in thread "main" org.omg.CORBA.BAD_PARAM:   vmcid: 0x0  minor code: 0  completed: No
    at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
    at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
    at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
    at java.lang.reflect.Constructor.newInstance(Unknown Source)
    at java.lang.Class.newInstance0(Unknown Source)
    at java.lang.Class.newInstance(Unknown Source)
    at com.sun.corba.se.impl.protocol.giopmsgheaders.MessageBase.getSystemException(Unknown Source)
    at com.sun.corba.se.impl.protocol.giopmsgheaders.ReplyMessage_1_2.getSystemException(Unknown Source)
    at com.sun.corba.se.impl.protocol.CorbaMessageMediatorImpl.getSystemExceptionReply(Unknown Source)
    at com.sun.corba.se.impl.protocol.CorbaClientRequestDispatcherImpl.processResponse(Unknown Source)
    at com.sun.corba.se.impl.protocol.CorbaClientRequestDispatcherImpl.marshalingComplete(Unknown Source)
    at com.sun.corba.se.impl.protocol.CorbaClientDelegateImpl.invoke(Unknown Source)
    at org.omg.CORBA.portable.ObjectImpl._invoke(Unknown Source)
    at com.sun.org.omg.SendingContext._CodeBaseStub.meta(Unknown Source)
    at com.sun.corba.se.impl.encoding.CachedCodeBase.meta(Unknown Source)
    at com.sun.corba.se.impl.io.IIOPInputStream.getOrderedDescriptions(Unknown Source)
    at com.sun.corba.se.impl.io.IIOPInputStream.inputObjectUsingFVD(Unknown Source)
    at com.sun.corba.se.impl.io.IIOPInputStream.simpleReadObject(Unknown Source)
    at com.sun.corba.se.impl.io.ValueHandlerImpl.readValueInternal(Unknown Source)
    at com.sun.corba.se.impl.io.ValueHandlerImpl.readValue(Unknown Source)
    at com.sun.corba.se.impl.encoding.CDRInputStream_1_0.read_value(Unknown Source)
    at com.sun.corba.se.impl.encoding.CDRInputStream.read_value(Unknown Source)
    at oracle.iam.identity.rolemgmt.api._RoleManager_ogut7n_RoleManagerRemoteRIntf_Stub.createx(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
    at java.lang.reflect.Method.invoke(Unknown Source)
    at weblogic.ejb.container.internal.RemoteBusinessIntfProxy.invoke(RemoteBusinessIntfProxy.java:85)
    at $Proxy2.createx(Unknown Source)
    at oracle.iam.identity.rolemgmt.api.RoleManagerDelegate.create(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
    at java.lang.reflect.Method.invoke(Unknown Source)
    at Thor.API.Base.SecurityInvocationHandler$1.run(SecurityInvocationHandler.java:68)
    at weblogic.security.subject.SubjectProxy.doAs(SubjectProxy.java:64)
    at weblogic.security.subject.SubjectManager.runAs(SubjectManager.java:262)
    at weblogic.security.Security.runAs(Security.java:48)
    at Thor.API.Security.LoginHandler.weblogicLoginSession.runAs(weblogicLoginSession.java:52)
    at Thor.API.Base.SecurityInvocationHandler.invoke(SecurityInvocationHandler.java:79)
    at $Proxy3.create(Unknown Source)
    at com.idm.role.CreateRole.createRole(CreateRole.java:113)
    at com.idm.role.CreateRole.main(CreateRole.java:167)
    Thanks In Advance

    Hi , I have used OIM 11g  R2.
    Please find below the code we have used,
    package com.idm.role;
    import java.util.HashMap;
    import java.util.HashSet;
    import java.util.Hashtable;
    import java.util.Iterator;
    import java.util.Set;
    import java.util.logging.Logger;
    import javax.security.auth.login.LoginException;
    import oracle.iam.identity.exception.NoSuchRoleException;
    import oracle.iam.identity.exception.RoleAlreadyExistsException;
    import oracle.iam.identity.exception.RoleCreateException;
    import oracle.iam.identity.exception.RoleLookupException;
    import oracle.iam.identity.exception.RoleModifyException;
    import oracle.iam.identity.exception.SearchKeyNotUniqueException;
    import oracle.iam.identity.exception.ValidationFailedException;
    import oracle.iam.identity.rolemgmt.api.RoleManager;
    import oracle.iam.identity.rolemgmt.api.RoleManagerConstants;
    import oracle.iam.identity.rolemgmt.vo.Role;
    import oracle.iam.platform.OIMClient;
    import oracle.iam.platform.authz.exception.AccessDeniedException;
    public class CreateRole {
    private final static Logger LOGGER = Logger.getLogger(CreateRole.class .getName());
    OIMClient oimClient = null;
    public OIMClient connectToOIM() {
      LOGGER.info("In connectToOIM ");
      Hashtable env = new Hashtable();
      env.put(OIMClient.JAVA_NAMING_FACTORY_INITIAL,
        "weblogic.jndi.WLInitialContextFactory");
      env.put(OIMClient.JAVA_NAMING_PROVIDER_URL,
        "t3://V-hydidm1.itig.co.in:14000");
      System.setProperty("java.security.auth.login.config",
        "F:\\Projects\\IDM\\Team\\Env_setup\\OIM_Setup\\designconsole\\config\\authwl.conf");
      System.setProperty("java.security.policy",
        "F:\\Projects\\IDM\\Team\\Env_setup\\OIM_Setup\\designconsole\\config\\xl.policy");
      System.setProperty("OIM.AppServerType", "wls");
      System.setProperty("APPSERVER_TYPE", "wls");
      System.setProperty("weblogic.Name", "oim_server1");
      oimClient = new OIMClient(env);
      try {
       oimClient.login("xelsysadm", "Passw0rd".toCharArray());
      } catch (LoginException e) {
       e.printStackTrace();
      System.out.println("Connected");
      return oimClient;
    public void readRoleMetadata() {
      LOGGER.info("in readRoleMetadata ");
      RoleManager roleManagerService = oimClient
        .getService(RoleManager.class);
      try {
       Role roleVo = roleManagerService.getDetails(
         RoleManagerConstants.ROLE_DISPLAY_NAME, "API Role1", null);
       Set attributeNameSet = roleVo.getAttributeNames();
       Iterator it = attributeNameSet.iterator();
       while (it.hasNext()) {
        System.out.println("Attribute Name :: " + it.next());
       // roleVo.setAttribute("ADentitlements", "Security Admin access");
       String adEntitlements = "" + roleVo.getAttribute("ADentitlements");
       System.out.println("AD Entitlements :: " + adEntitlements);
       System.out.println("DB Entitlements :: " + ""
         + roleVo.getAttribute("DBEntitlements"));
       System.out.println("Unix Entitlements :: " + ""
         + roleVo.getAttribute("UnixWindows"));
       System.out.println("VPN :: " + "" + roleVo.getAttribute("VPN"));
      } catch (SearchKeyNotUniqueException e) {
       e.printStackTrace();
      } catch (NoSuchRoleException e) {
       e.printStackTrace();
      } catch (RoleLookupException e) {
       e.printStackTrace();
      } catch (AccessDeniedException e) {
       e.printStackTrace();
    public void createRole() {
      LOGGER.info(" in Create role ");
      RoleManager roleManagerService = oimClient
        .getService(RoleManager.class);
      HashMap<String, Object> roleCreationAttrMap = new HashMap<String, Object>();
      roleCreationAttrMap.put(RoleManagerConstants.ROLE_NAME, "API Role1");
      roleCreationAttrMap.put(RoleManagerConstants.ROLE_DESCRIPTION,
        "This Role is created using API Role1");
      roleCreationAttrMap.put(RoleManagerConstants.ROLE_DISPLAY_NAME,
        "API Role1");
      roleCreationAttrMap.put("ADentitlements", "API Role1 AD Entitlements");
      roleCreationAttrMap.put("DBEntitlements", "API Role1 DB Entitlements");
      roleCreationAttrMap.put("VPN", "No");
      roleCreationAttrMap.put("UnixWindows", "API Role1 Unix Entitlements");
      Role roleVo = new Role(roleCreationAttrMap);
      try {
       System.out.println(" Before Create role *********************************************");
       roleManagerService.create(roleVo);
       System.out.println("Role Created .. ");
      } catch (ValidationFailedException e) {
       e.printStackTrace();
      } catch (RoleAlreadyExistsException e) {
       e.printStackTrace();
      } catch (RoleCreateException e) {
       e.printStackTrace();
      } catch (AccessDeniedException e) {
       e.printStackTrace();
    public void modifyRole() {
      LOGGER.info(" in modifyRole ");
      RoleManager roleManagerService = oimClient
        .getService(RoleManager.class);
      Role roleVo;
      try {
       roleVo = roleManagerService.getDetails(
         RoleManagerConstants.ROLE_DISPLAY_NAME, "API Role1", null);
       String roleKey = roleVo.getEntityId();
       HashMap<String, Object> roleCreationAttrMap = new HashMap<String, Object>();
       roleCreationAttrMap.put("ADentitlements",
         "Updated API Role1 AD Entitlements");
       Set roleKeySet = new HashSet<String>();
       roleKeySet.add(roleKey);
       Role roleVoNew = new Role(roleCreationAttrMap);
       roleManagerService.modify(roleKeySet, roleVoNew);
       System.out.println("Role Modified ..");
      } catch (SearchKeyNotUniqueException e) {
       e.printStackTrace();
      } catch (NoSuchRoleException e) {
       e.printStackTrace();
      } catch (RoleLookupException e) {
       e.printStackTrace();
      } catch (AccessDeniedException e) {
       e.printStackTrace();
      } catch (ValidationFailedException e) {
       e.printStackTrace();
      } catch (RoleModifyException e) {
       e.printStackTrace();
    public static void main(String args[]) {
      CreateRole miscObj = new CreateRole();
      miscObj.connectToOIM();
      miscObj.createRole();
      //miscObj.readRoleMetadata();
    Thanks In Advance .

  • Unable to connect Oracle Enterprise Manager 10g

    Good Morning All,
    I using oracle 10g.
    http://dt40562:1158/em/console/logon/logon
    iam connecting successfully in Toad using scott/tiger.
    Whenever im connecting using Oracle Enterprise Manager im getting below error
    "The application requires more database privileges than you have currently been granted. Click on Help to get more version specific information."
    Pls help me on this issue.. How can i connect to database using OEM.
    Thanks..

    Hi,
    CONNECT has been dramatically altered in 10.1.0.x and later releases of Oracle.  The granted privileges have been seriously reduced to nothing more than CREATE SESSION.  In 9.0.1.x and 9.2.0.x the CONNECT role possessed these additional privileges:
    ALTER SESSION
    CREATE CLUSTER
    CREATE DATABASE LINK
    CREATE SEQUENCE
    CREATE SYNONYM
    CREATE TABLE
    CREATE VIEW
    Thus an application which relied upon the CONNECT role in 9iR2 and earlier releases would not properly function against a 10gR1 or later database.
    you need to have these Oracle Roles , so ur problem will be solved.
    EXECUTE_CATALOG_ROLE
    OEM_MONITOR
    EXP_FULL_DATABASE
    Let me know if the issue still persists.

  • User Role Management Setup

    Hi All,
    I'm currently performing a setup in User Role Managment around roles for a department. We've identified 11 roles we need to create and the responsibilities that need to be assigned to the roles.
    We've created a Role Category so all our setups can be easily identified and reported on.
    Then we've created 11 roles in Role & Role Inheritence, then assigned the responsibilities. And from there, assigned the role(s) to the users.
    Is this the general way of creating roles etc? I haven't been able to find a BR100 that i can compare our setup to. I don't want to start progressing the setup into our UAT environment if my setup is fundamentally flawed.
    Cheers,
    Russell H.
    Origin Energy.

    Hi,
    Please refer to "Oracle Applications System Administrator's Guide - Security" manual for the steps and the guidelines you need to follow.
    Oracle Applications Documentation
    http://www.oracle.com/technology/documentation/applications.html
    Regards,
    Hussein

  • Problem installing Sun Role Manager 5.0.3

    Hi All,
    I've set up Sun Role Manager 5.0.3 (The Oracle Identity Analytics branded version)
    I'm using Tomcat 5.5 and Oracle database 11.1.0.6
    The issue occurs during start up. I get a bunch of errors which I'll list below. It looks like a database connectivity problem but I am not exactly sure. I'm pretty sure my jdbc.properties file is correct, except maybe the password.
    Can anyone help work out what exactly is wrong here?
    Cheers,
    Charles
    errors listed:
    Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'quartzSchedulerFactoryBeanTarget' defined in ServletContext resource [WEB-INF/scheduling-context.xml]: Invocation of init method failed; nested exception is org.quartz.SchedulerConfigException: Failure occured during job recovery. [See nested exception: org.quartz.JobPersistenceException: Failed to obtain DB connection from data source 'springNonTxDataSource.quartzSchedulerFactoryBeanTarget': java.sql.SQLException: Connections could not be acquired from the underlying database! [See nested exception: java.sql.SQLException: Connections could not be acquired from the underlying database!]]
    Caused by: org.quartz.SchedulerConfigException: Failure occured during job recovery. [See nested exception: org.quartz.JobPersistenceException: Failed to obtain DB connection from data source 'springNonTxDataSource.quartzSchedulerFactoryBeanTarget': java.sql.SQLException: Connections could not be acquired from the underlying database! [See nested exception: java.sql.SQLException: Connections could not be acquired from the underlying database!]]
    Caused by: org.quartz.JobPersistenceException: Failed to obtain DB connection from data source 'springNonTxDataSource.quartzSchedulerFactoryBeanTarget': java.sql.SQLException: Connections could not be acquired from the underlying database! [See nested exception: java.sql.SQLException: Connections could not be acquired from the underlying database!]
    Caused by: java.sql.SQLException: Connections could not be acquired from the underlying database!
    Caused by: com.mchange.v2.resourcepool.CannotAcquireResourceException: A ResourcePool could not acquire a resource from its primary factory or source.
    Caused by: java.sql.SQLException: Connections could not be acquired from the underlying database!
         at com.mchange.v2.sql.SqlUtils.toSQLException(SqlUtils.java:106)
         at com.mchange.v2.c3p0.impl.C3P0PooledConnectionPool.checkoutPooledConnection(C3P0PooledConnectionPool.java:529)
         at com.mchange.v2.c3p0.impl.AbstractPoolBackedDataSource.getConnection(AbstractPoolBackedDataSource.java:128)
         at org.springframework.scheduling.quartz.LocalDataSourceJobStore$2.getConnection(LocalDataSourceJobStore.java:125)
         at org.quartz.utils.DBConnectionManager.getConnection(DBConnectionManager.java:112)
         at org.quartz.impl.jdbcjobstore.JobStoreCMT.getNonManagedTXConnection(JobStoreCMT.java:164)
         ... 200 more
    Caused by: com.mchange.v2.resourcepool.CannotAcquireResourceException: A ResourcePool could not acquire a resource from its primary factory or source.
         at com.mchange.v2.resourcepool.BasicResourcePool.awaitAvailable(BasicResourcePool.java:1319)
         at com.mchange.v2.resourcepool.BasicResourcePool.prelimCheckoutResource(BasicResourcePool.java:557)
         at com.mchange.v2.resourcepool.BasicResourcePool.checkoutResource(BasicResourcePool.java:477)
         at com.mchange.v2.c3p0.impl.C3P0PooledConnectionPool.checkoutPooledConnection(C3P0PooledConnectionPool.java:525)
         ... 204 more

    Hi,
    Make sure you have the correct URL setup in the jdbc.properties (MSSQL-specific) and make sure the database driver is within the Web-INF/lib folder. Make sure the DB server is running also
    Regards,
    Daniel

  • What is the latest version of Role Manager

    Good day,
    where can I download the latest version of Role Manager, also know if there are any patch for the latest version,
    Very grateful

    Oracle Role Manager (10.1.4.2.0) can be downloaded from
    http://www.oracle.com/technology/software/products/ias/htdocs/101401.html
    Doc:
    http://download.oracle.com/docs/cd/E14592_01/index.htm
    All the patches are available from My Oracle Support

  • Oracle Learning Management responsibilities

    Dear all,
    I am trying to implement OLM and in order to do that I have added many responsibilities like:
    Oracle Learning Management Administrator
    Learning Administrator
    But I did not find any screen related to the setup all what I got are the screens that are related to the concurrent manager which is:
    Reports and other requests
         Submit report
         View report
    is there a step need to be done before I add the above responsibilities?
    Please advice.

    Learning Management uses USER MANAGEMENT to control the access to functions on the Learning Administrator menu. Unless the ROLE of Learning Administrator is given to your user, you will not see any of the other functions in the menu.
    To solve this problem, you will need to use the User Management responsibility to GRANT acccess to these functions.
    There is a sedded ROLE called 'Learning Adminsitrator' which has all the standard privileges which give the funtions to users of this responsibility.
    Allocate the ROLE to your user and you will see the functions in the menu.
    You may have a problem with USER MANAGEMENT. The only seeded role with this responsibility is the SYSTEM ADMI NISTRATOR. If it hasn't already been allocated, the System Administrator will have to use User Management to give the User Management role to another user!
    This will solve your problem!
    Regards
    Tim

  • Oracle Access Manager Webgate

    Hi All,
    I have a little confutation about Oracle Access Manager webgate. Please help me to figure it out.
    There are five web server I need to protected using OAM. Three are IIS 6.0/7.0 in Wondows 2008, one is Apache v2 in RHEL 5 and one in Apache Tomcat in Cent OS 5. All OS are 64 bit platform.
    I need to know which webgate I have to download and install for IIS and Apache? Please provide me the download link.
    I have seen following documentation, but I am unable to find Oracle_Access_Manager10_1_4_3_0_Win64_ISAPI_Webgate.exe or Oracle_Access_Manager10_1_4_3_0_platform_OHS_Webgate
    http://docs.oracle.com/cd/E28271_01/doc.1111/e15478/apch2ihs.htm
    http://docs.oracle.com/cd/E21764_01/doc.1111/e15478/iis_wg.htm
    Thanks
    Tamim Khan

    Hi Chinni,
    Thanks for you help.
    I am downloading oam_int_win_v11_cd1.zip, I have few more question on webgate?
    1. How can I determine which webgate use for which web server considering the version of the server (ie: IIS6/7). I have found oam-3rd.xls file. is it the way to chose webgate for some platform.
    2. Is there any official documentation to perform this operation for third pary webgate.
    3. Please consider the following senior:
    We have one Web application that authentication of RCPS performs from Data base tables. After successfully login, user got different types of roles like Admin, Manager, Guest User, Internal User etc, Base on the that role user menu is populate. For example Admin user has 7 menus but internal user has 4 menus. That menu item load from Database tables after login in to the application.
    As because the application are not authenticating from Database after implementation of OAM, so after authenticating from OAM how the user menu is populate?
    Thanks
    Tamim Khan

  • Issues integrating WebCenter with Oracle Access Manager

    Hi All,
    I am trying to integrate WebCenter 10.1.3.2 with Oracle Access Manager (CoreId). Followed the steps described in the Chapter 11 of the OC4J Security Guide.
    I was able to successfully authenticate WebCenter using IWA with Access Manager.
    Then I proceeded with the below steps:
    - Implemented ADF Security in the application. Created application roles and login page and worked fine on my local machine.
    - Provide the auth-method of "COREIDSSO" in orion-application.xml
    - Renamed the app-jazn-data.xml to give the OID groups
    - Mapped the OID groups to application roles in orion-application.xml
    - Used the jazn migration tool to populate the system-jazn-data.xml
    When trying to access the application, it looks like the ADF Context identifies that this is an authenticated user.
    ADFContext.getCurrent().getSecurityContext().isAuthenticated() retruns true
    ADFContext.getCurrent().getSecurityContext().isAuthorizationEnabled() returns true
    I get the below error message on the server console:
    [CoreIDLoginModule::getUserSessionFromCookie]: This user session for F3iwZhUGgjej9RSrMLSo0wjH5Ec6c2oeC0OBRH12y7%2FvfPVncz6dYoBoFD6q8DWAlMtzah%2FYV4T1t7jztVFYbxwfOyu0VOMXMEIosRrFicfJwoPRrM8MOkFsziQxpUqo98XrC9iBRHffdWSItNHZRZK4ZoCJMi6HZZ6noOc4Z%2BGJDGj3kWndYHTWjiG0cJhkSbL95wMmrXCDElzZHjPMdkuNQUHW1TfAJvgSlDeX6hhhIThlc%2BGmxMP3MQ%2FZoxUysbKieIJgDXo1%2FEMmLmTVjA%3D%3D is not valid or user is not logged in.
    I also tried using the "Headervar" variable to display the obmygroups value, but it comes as blank.
    Any help would be appreciated.
    Thanks
    Aneesh

    We recently integrated Webcenter Application (with ADF Authentication and Authorization) with OAM. May be the following will be of some help to you.
    We did the following steps documented in Chapter 11 Oracle Access Manager in Oracle J2EE security guide.
    OAM
    1. Created ALL specified policies , authentication schemes, protection specified in OAM section of the document.
    OC4J
    1. Ran all configuration listed for the OC4J section.
    Webcenter
    1. Developed the Webcenter Application
    2. Enabled ADF Security (Authentication & Authorization)
    3. Deployed the application. While deploying chose File based provider.
    4. After the deployment, changed orion-application.xml to have COREIDSSO as documented in Oracle documentation
    system-jazn-data.xml
    1. Added login module details as specified in the document. (Changed only the application name. Rest all was same as we used names as specified in the earlier steps of the document)
    OID Migration
    Reference document: "Configuring a WebCenter Application to Use Oracle Access Manager" in Webcenter Framework Developer guide.
    1. Located app-jazn-data.xml in the deployed application
    2. Removed "realm-name" and "type" subelements of "grantee" tags. Removed any realm details in user name.
    3. changed references to "class oracle.security.jazn.spi.xml.XMLRealmRole" to "oracle.security.jazn.realm.CoreIDPrincipal"
    4. ran the JAZN migration tool with "all" options. Migration from app-jazn-data.xml to OID.
    OAM
    Created policies for protecting our application.
    Test the application.
    Debugging.
    1. Enable oracle.adf.share.security , oracle.j2ee.security & oracle.j2ee.security.oc4j loggers to debug if the application is not working the way you expect to work.
    2. Set log level in Enterprise manager.
    3. All logging information are written in log.xml in $ORACLE_HOME/j2ee/OC4J_Webcenter/log/OC4J_WebCenter_default_group_1/oc4j
    Thanks

  • Oracle Access Manager - Identity Injectors

    Hello,
    One of my customer has a critical requirement for Oracle Access Manager.
    At present they are using Novell Access Manager
    With Novell Access Manager they are able to create custom headers with information pulled from LDAP.
    such as x-employeeName=Jason
    Example :
    Some Web applications require more than a name and a value to be injected into the custom header.
    Sometimes they require a custom name, a tag, and a value. Sometimes the application requires a
    custom name with multiple tags and values. The Inject into Custom Header with Tags option
    provides you with the flexibility to add such values to the custom header. For example, your
    application could be expecting the following custom header with tag:
    X-Custom_Role Role=Manager
    You can inject this information by setting the Custom Header Name to X-Custom, the Tag Name to
    Role, and the Tag Value to Manager. The value can be set as a static variable or you can retrieve it
    from various sources such as a Liberty User Profile attribute or the roles assigned to the current user.
    Thanks,
    Ram

    Hi
    Thanks for your reply.
    Can you explain me in steps how it can be achieved in OAM 11g?
    Thanks,
    Ram

  • Error when upgrading Oracle Identity Manager 9.1.0.1 to OIM 9.1.0.2

    Hello friends,
    I upgraded Oracle Identity Manager 9.1.0.1 to Oracle Identity Manager 9.1.0.2,after the running the command to apply the patch:
    OIM_HOME/xellerate/setup/patch_weblogic.cmd/sh WEBLOGIC_ADMIN_PASSWORD OIM_DB_USER_PASSWORD
    I get the error:
    [wldeploy] [BasicOperation.execute():445] : Initiating deploy operation for app, Xellerate, on targets:
    [wldeploy] [BasicOperation.execute():447] : AdminServer
    [wldeploy] Task 2 initiated: [Deployer:149026]deploy application Xellerate on AdminServer.
    [wldeploy] dumping Exception stack
    [wldeploy] Task 2 failed: [Deployer:149026]deploy application Xellerate on AdminServer.
    [wldeploy] Target state: deploy failed on Server AdminServer
    [wldeploy]
    [wldeploy]
    [wldeploy] There are 2 nested errors:
    [wldeploy]
    [wldeploy] weblogic.ejb.container.compliance.ComplianceException: In EJB tcGroupOperations, method getMemberGroups(long,int,int,java.lang.String,boolean) defined in the remote interface either does not exist in the bean class, or it is not a public method. Each method in the remote interface must have a corresponding public method in the bean class.
    [wldeploy] and
    [wldeploy]
    [wldeploy] weblogic.ejb.container.compliance.ComplianceException: In EJB tcGroupOperations, method getMemberGroups(long,int,int,java.lang.String,boolean) defined in the local interface either does not exist in the bean class, or it is not a public method. Each method in the local interface must have a corresponding public method in the bean class.
    [wldeploy] Target Assignments:
    [wldeploy] + Xellerate AdminServer
    [wldeploy] weblogic.deploy.api.tools.deployer.DeployerException: Task 2 failed: [Deployer:149026]deploy application Xellerate on AdminServer.
    [wldeploy] Target state: deploy failed on Server AdminServer
    [wldeploy]
    [wldeploy]
    [wldeploy] There are 2 nested errors:
    [wldeploy]
    [wldeploy] weblogic.ejb.container.compliance.ComplianceException: In EJB tcGroupOperations, method getMemberGroups(long,int,int,java.lang.String,boolean) defined in the remote interface either does not exist in the bean class, or it is not a public method. Each method in the remote interface must have a corresponding public method in the bean class.
    [wldeploy] and
    [wldeploy]
    [wldeploy] weblogic.ejb.container.compliance.ComplianceException: In EJB tcGroupOperations, method getMemberGroups(long,int,int,java.lang.String,boolean) defined in the local interface either does not exist in the bean class, or it is not a public method. Each method in the local interface must have a corresponding public method in the bean class.
    [wldeploy] [ServerConnectionImpl.close():332] : Closing DM connection
    [wldeploy] [ServerConnectionImpl.close():352] : Unregistered all listeners
    [wldeploy] [ServerConnectionImpl.closeJMX():372] : Closed JMX connection
    [wldeploy] [ServerConnectionImpl.closeJMX():384] : Closed Runtime JMX connection
    [wldeploy] [ServerConnectionImpl.closeJMX():396] : Closed Edit JMX connection
    [ant] Exiting C:\oracle\xellerate\setup\weblogic-setup.xml.
    BUILD FAILED
    C:\oracle\xellerate\Setup\setup.xml:448: The following error occurred while executing this line:
    C:\oracle\xellerate\setup\weblogic-setup.xml:310: weblogic.Deployer$DeployerException: weblogic.deploy.api.tools.deployer.DeployerException: Task 2 failed: [Deployer:149026]deploy application Xellerate on AdminServer.
    Target state: deploy failed on Server AdminServer
    There are 2 nested errors:
    weblogic.ejb.container.compliance.ComplianceException: In EJB tcGroupOperations, method getMemberGroups(long,int,int,java.lang.String,boolean) defined in the remote interface either does not exist in the bean class, or it is not a public method. Each method in the remote interface must have a corresponding public method in the bean class.
    and
    weblogic.ejb.container.compliance.ComplianceException: In EJB tcGroupOperations, method getMemberGroups(long,int,int,java.lang.String,boolean) defined in the local interface either does not exist in the bean class, or it is not a public method. Each method in the local interface must have a corresponding public method in the bean class.
    Caused by: C:\oracle\xellerate\setup\weblogic-setup.xml:310: weblogic.Deployer$DeployerException: weblogic.deploy.api.tools.deployer.DeployerException: Task 2 failed: [Deployer:149026]deploy application Xellerate on AdminServer.
    Target state: deploy failed on Server AdminServer
    There are 2 nested errors:
    weblogic.ejb.container.compliance.ComplianceException: In EJB tcGroupOperations, method getMemberGroups(long,int,int,java.lang.String,boolean) defined in the remote interface either does not exist in the bean class, or it is not a public method. Each method in the remote interface must have a corresponding public method in the bean class.
    and
    weblogic.ejb.container.compliance.ComplianceException: In EJB tcGroupOperations, method getMemberGroups(long,int,int,java.lang.String,boolean) defined in the local interface either does not exist in the bean class, or it is not a public method. Each method in the local interface must have a corresponding public method in the bean class.
    Caused by: weblogic.Deployer$DeployerException: weblogic.deploy.api.tools.deployer.DeployerException: Task 2 failed: [Deployer:149026]deploy application Xellerate on AdminServer.
    Target state: deploy failed on Server AdminServer
    There are 2 nested errors:
    weblogic.ejb.container.compliance.ComplianceException: In EJB tcGroupOperations, method getMemberGroups(long,int,int,java.lang.String,boolean) defined in the remote interface either does not exist in the bean class, or it is not a public method. Each method in the remote interface must have a corresponding public method in the bean class.
    and
    weblogic.ejb.container.compliance.ComplianceException: In EJB tcGroupOperations, method getMemberGroups(long,int,int,java.lang.String,boolean) defined in the local interface either does not exist in the bean class, or it is not a public method. Each method in the local interface must have a corresponding public method in the bean class.
    Caused by: weblogic.deploy.api.tools.deployer.DeployerException: Task 2 failed: [Deployer:149026]deploy application Xellerate on AdminServer.
    Target state: deploy failed on Server AdminServer
    There are 2 nested errors:
    weblogic.ejb.container.compliance.ComplianceException: In EJB tcGroupOperations, method getMemberGroups(long,int,int,java.lang.String,boolean) defined in the remote interface either does not exist in the bean class, or it is not a public method. Each method in the remote interface must have a corresponding public method in the bean class.
    and
    weblogic.ejb.container.compliance.ComplianceException: In EJB tcGroupOperations, method getMemberGroups(long,int,int,java.lang.String,boolean) defined in the local interface either does not exist in the bean class, or it is not a public method. Each method in the local interface must have a corresponding public method in the bean class.
    --- Nested Exception ---
    C:\oracle\xellerate\setup\weblogic-setup.xml:310: weblogic.Deployer$DeployerException: weblogic.deploy.api.tools.deployer.DeployerException: Task 2 failed: [Deployer:149026]deploy application Xellerate on AdminServer.
    Target state: deploy failed on Server AdminServer
    There are 2 nested errors:
    weblogic.ejb.container.compliance.ComplianceException: In EJB tcGroupOperations, method getMemberGroups(long,int,int,java.lang.String,boolean) defined in the remote interface either does not exist in the bean class, or it is not a public method. Each method in the remote interface must have a corresponding public method in the bean class.
    and
    weblogic.ejb.container.compliance.ComplianceException: In EJB tcGroupOperations, method getMemberGroups(long,int,int,java.lang.String,boolean) defined in the local interface either does not exist in the bean class, or it is not a public method. Each method in the local interface must have a corresponding public method in the bean class.
    Caused by: weblogic.Deployer$DeployerException: weblogic.deploy.api.tools.deployer.DeployerException: Task 2 failed: [Deployer:149026]deploy application Xellerate on AdminServer.
    Target state: deploy failed on Server AdminServer
    There are 2 nested errors:
    weblogic.ejb.container.compliance.ComplianceException: In EJB tcGroupOperations, method getMemberGroups(long,int,int,java.lang.String,boolean) defined in the remote interface either does not exist in the bean class, or it is not a public method. Each method in the remote interface must have a corresponding public method in the bean class.
    and
    weblogic.ejb.container.compliance.ComplianceException: In EJB tcGroupOperations, method getMemberGroups(long,int,int,java.lang.String,boolean) defined in the local interface either does not exist in the bean class, or it is not a public method. Each method in the local interface must have a corresponding public method in the bean class.
    Caused by: weblogic.deploy.api.tools.deployer.DeployerException: Task 2 failed: [Deployer:149026]deploy application Xellerate on AdminServer.
    Target state: deploy failed on Server AdminServer
    There are 2 nested errors:
    weblogic.ejb.container.compliance.ComplianceException: In EJB tcGroupOperations, method getMemberGroups(long,int,int,java.lang.String,boolean) defined in the remote interface either does not exist in the bean class, or it is not a public method. Each method in the remote interface must have a corresponding public method in the bean class.
    and
    weblogic.ejb.container.compliance.ComplianceException: In EJB tcGroupOperations, method getMemberGroups(long,int,int,java.lang.String,boolean) defined in the local interface either does not exist in the bean class, or it is not a public method. Each method in the local interface must have a corresponding public method in the bean class.
    --- Nested Exception ---
    weblogic.Deployer$DeployerException: weblogic.deploy.api.tools.deployer.DeployerException: Task 2 failed: [Deployer:149026]deploy application Xellerate on AdminServer.
    Target state: deploy failed on Server AdminServer
    There are 2 nested errors:
    weblogic.ejb.container.compliance.ComplianceException: In EJB tcGroupOperations, method getMemberGroups(long,int,int,java.lang.String,boolean) defined in the remote interface either does not exist in the bean class, or it is not a public method. Each method in the remote interface must have a corresponding public method in the bean class.
    and
    weblogic.ejb.container.compliance.ComplianceException: In EJB tcGroupOperations, method getMemberGroups(long,int,int,java.lang.String,boolean) defined in the local interface either does not exist in the bean class, or it is not a public method. Each method in the local interface must have a corresponding public method in the bean class.
    Caused by: weblogic.deploy.api.tools.deployer.DeployerException: Task 2 failed: [Deployer:149026]deploy application Xellerate on AdminServer.
    Target state: deploy failed on Server AdminServer
    There are 2 nested errors:
    weblogic.ejb.container.compliance.ComplianceException: In EJB tcGroupOperations, method getMemberGroups(long,int,int,java.lang.String,boolean) defined in the remote interface either does not exist in the bean class, or it is not a public method. Each method in the remote interface must have a corresponding public method in the bean class.
    and
    weblogic.ejb.container.compliance.ComplianceException: In EJB tcGroupOperations, method getMemberGroups(long,int,int,java.lang.String,boolean) defined in the local interface either does not exist in the bean class, or it is not a public method. Each method in the local interface must have a corresponding public method in the bean class.
    Total time: 4 minutes 35 seconds
    How do I deal with this question?
    Thanks.

    This error generally occur if your server is up and you are running patch for upgrade, and its very common error.
    follow the troubleshoot step and get it done.
    page 36
    Troubleshooting the Application of the Patch on Oracle WebLogic Server
    http://docs.oracle.com/cd/E14899_01/doc.9102/e14764.pdf

Maybe you are looking for

  • Problem with filePathSeperator and /

    Problem with fileSeperatorChar and /. When I use fileSeperatorChar (to lacate a folder), the path is specified wrong. I want my program to run on different OS, so I need this to work. If I do this: JLabel label = new JLabel("", new ImageIcon("Images/

  • Can I transfer files to sub folders in itune apps.i It seems I can't.

    I have the app office2hd and I'm trying to transfer files and folders to the app from my win 7 pc within iTunes. I can transfer files okay but when I try yo double click a folder to get it to open the sub folder under it, but it does not open. I have

  • Video upload to Ipod

    Can you upload DVD video onto your computer and transfer that video to an Ipod? These are not copywrited DVDs but home videos.

  • Are there any recent tutorials or information for integrating Adobe Flex with Ruby on Rails 4?

    I've combed and searched extensively and most of the documentation is anywhere from 4 to 7 years old.  A lot of it focuses on outdated gems or libraries.  I've even seen Rails 2.0 as a focus for a lot of this information. I would just like to know if

  • Numbers formula, if value is greater

    Can somene tell me how to make the following formula: If sum of cells is greater than 59, add 30 In different words If sum B2:B7 > 59, than +30 Might be simple, but I tried so many options without success!