Read-only user for Weblogic 6.1 sp2 console
Is there a way to restrict a user to read-only priv. on the weblogic
console? Either by using acl's or other means.
Thanks in advance,
Brown
"Seb" <[email protected]> wrote in message news:3f33c3e2$[email protected]..
>
Hello,
I'd like to create a read-only user for a customer that gives him acces tothe
Console only for reading all the configuration. I don't him to modifyanything
Is there a simple way to do this ?A previous post mentioned that this is not possible in 6.1.
Brown,
This functionality is not available in 6.1. The newest version of wls
8.1 has this feature depending on the role that the user is in.
~satya
Similar Messages
-
Read only user for Weblogic Server Console (6.1)
Hello,
I'd like to create a read-only user for a customer that gives him acces to the
Console only for reading all the configuration. I don't him to modify anything
Is there a simple way to do this ?
Thanks in advance.
--Seb"Seb" <[email protected]> wrote in message news:3f33c3e2$[email protected]..
>
Hello,
I'd like to create a read-only user for a customer that gives him acces tothe
Console only for reading all the configuration. I don't him to modifyanything
Is there a simple way to do this ?A previous post mentioned that this is not possible in 6.1.
Brown,
This functionality is not available in 6.1. The newest version of wls
8.1 has this feature depending on the role that the user is in.
~satya -
Want to create a Read Only user for a given app owner user
Hi Folks,
We have an application owner schema, lets call it OWNER, which has different objects living under it.
Now, for certain reasons, the app group wants a read only user which should be able to view objects living only in OWNER. It would only be able to read things, and have no create or alter types of priv to be able to change anything.
The first idea was to create a new user (e.g. RO) and give this explicit grants (select only) for all objects in OWNER. Though this works, is a maintenance havoc, since everytime there is a new object in OWNER, you have to remember to give explicit grants to all RO (or RW ) kind of users.
What i am looking forward to is, some sort of privilege or role concept that apply on the user level, and not on object level. something that allows me to say, all objects of this schema (e.g. OWNER) are visible to user RO. Other restrictions on RO would control read or write behaviour.
Does this thing exist ? please point me to the documentation/example..
regards
raghav..CREATE OR REPLACE TRIGGER myTest.trg_mytest
AFTER DDL
ON myTest.SCHEMA
DECLARE
lv_obj_type VARCHAR2(20) := TRIM(UPPER(ora_dict_obj_type));
lv_evt_type VARCHAR(20) := TRIM(UPPER(ora_sysevent));
lv_obj_name VARCHAR2(30) := trim(UPPER(ora_dict_obj_name));
lv_role_name VARCHAR2(30) := 'myTest_RO';
lv_stmt VARCHAR2(4000) := NULL;
ln_job_nr NUMBER;
BEGIN
IF lv_evt_type != 'GRANT' --lv_obj_type <> 'OBJECT PRIVILEGE' --
THEN
DBMS_JOB.SUBMIT(ln_job_nr,'begin execute immediate ''grant ' || ' select on ' ||
lv_obj_name || ' to ' || lv_role_name || '''; END;');
END IF;
INSERT INTO TB_EVT_LOG(d_date, description)
VALUES(SYSDATE, lv_obj_name || '~~~~ created ' || lv_obj_type || '~~~~' || lv_evt_type );
EXCEPTION
WHEN OTHERS THEN
RAISE;
END trg_mytest;
/This works. But, my problem is that it is not able to filter out the Grant statement itself, Its logging an entry for the grant (as a ddl operation as well).
what am I doing wrong here ?
regards
raghav.. -
Read only user in weblogic throwing error messages in logs
Hi,
We have a requirement to create a read only user with monitor access.
our requirement is to monitor em console using moniotr user, i.e. this user will login to em console, monitor order flow from instances tab by entering order no. and dates, and logout from em console.
we have done below steps to create monitor user,
Admin Console->Security Realms >myrealm >Users and Groups-> new
created user Monitor_User_1 and assigned group as Monitors.
but whenever this user logs in or searches we are getting below error message:
<Sep 15, 2013 7:25:21 PM EST> <Warning> <oracle.jps.admin> <BEA-000000> <Access denied. Required roles: Operator, Admin, executing subject: principals=[Monitor_User_1, Monitors]
java.lang.SecurityException: Access denied. Required roles: Operator, Admin, executing subject: principals=[Monitor_User_1, Monitors]
we even did below steps:
With admin access login into EM Console. Select soa_infra, right click mouse -> Security -> Application Roles. On right side, click green arrow and see list of Roles shown. Select the role named SOAMonitors, click on this. And add a Monitor_User_1 to this.
but we are still getting same error.
Kindly let us know if we are missing something while creating monitor user and how to get rid of these messages.
Please note that we are already in Production and our log files are filled with these messages.
Thanks & Regards,
Vivek Vishalmoving this discussion to WebLogic Server - General thread.
-
Read only user creation for Oracle EM Console 11.1.1.5
Dear All.
I have created Read only user for Oracle EM Console.
I have followed below link to do the same
http://moshe-soa.blogspot.com/2011/09/blog-post.html.
I have noticed with read only user is that TEST button in EM Console is active means user with read only user can create a trans, in Prod scenario it is a risk.
Raised a CR with Oracle and found that it is a bug
Bug 14082464 - CANNOT DISABLE TEST/TEST WEB SERVICE BUTTON IN SOA EM COSOLE is there in Metalink.
So my question is there any way by which i can disable the TEST button in EM Conasole.
I think there are some WLST script or servlet java class available to resolve this issue.
Can any one confirm this and please suggest if any one aware of any alternative method.
Thanks,Hi, have you got any solution to this problem? I am having exact the same issue in 11.1.1.6.
-
Authorization RADIUS - read-only user on FWSM
Hi support community,
I am experiencing an issue while trying to create some read-only users on my FWSM.
I've setup the authentication on my RADIUS Server, which works fine, and put the aaa authorization command LOCAL command.
I've also set the commands - associated priviege :
privilege show level 3 mode configure command dhcpd
privilege show level 5 mode configure command privilege
All this things works great when i authenticate locally on the FWSM.
However, this is not working whe authenticating via the RADIUS server:
aaa authentication enable console MY_RADIUS LOCAL
aaa authentication http console MY_RADIUS LOCAL
aaa authentication ssh console MY_RADIUS LOCAL
And i set up the authorization locall, because i dont run any TACACS server :
aaa authorization command LOCAL
I managed to make this work on ASA, by sending RADIUS attributes (cf a document that i can't find anymore...).
So what are exactly the differences between asa and FWSM ?
On my ASA there was a command i could not run on the FWSM :
aaa authorization exec authentication-server
(i am running version 4.1 on FWSM and 8.4 on ASA).
Thank you for your help.
FlorianYou really need to see the example given here,
[Read only user for a schema|http://arjudba.blogspot.com/2008/09/create-read-only-user-for-schema.html]
[Global read only user|http://arjudba.blogspot.com/2008/09/how-to-make-global-read-only-user.html] -
SharePoint 2010 List View Web Part not showing for read-only users?
Hello all,
I have List View Webparts on my Blank Web Part page, and it's not showing for Read-Only users.
Is this intended by Microsoft or is it a bug?
Thank you!Hi,
According to your post, my understanding is that the read only user could not see the list view web part.
Per my knowledge, the issue may be cause that the user do not have the proper permission for the list.
1. Check whether the user can access the list.
2. Check whether the user can view all the items instead of partial items in the list.
3. Check whether there are some fields refer to other lists or terms, especially the lookup field or managed metadata filed.
If that is the case, make sure the user can access the lookup list.
Thanks,
Jason
Forum Support
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
[email protected]
Jason Guo
TechNet Community Support -
How hide ribbon bar for read only users from custom master page.
Hi,
I want to hide the ribbon bar for read only users, on my custom master page I put inside of a SharePoint:SPSecurityTrimmedControl this div: <div id="ms-designer-ribbon">, but when I save the changes the master page does not work
anymore.
<!--MS:<SharePoint:SPSecurityTrimmedControl runat="server" AuthenticationRestrictions="AddAndCustomizePages">-->
<div id="ms-designer-ribbon">
<!--SID:02 {Ribbon}-->
<!--PS: Start of READ-ONLY PREVIEW (do not modify) --><div class="DefaultContentBlock" style="background:rgb(0, 114, 198); color:white; width:100%; padding:8px; height:64px; ">The SharePoint ribbon will be here when your file is either previewed on or applied to your site.</div><!--PE: End of READ-ONLY PREVIEW -->
</div>
<!--ME:</SharePoint:SPSecurityTrimmedControl>-->
I'll appreciate any suggestions in order to solve this.
Regards.did you close browse and open a fresh session?
also authericationrestrictions for add & customize people so its more than read...
check this one
http://msdn.microsoft.com/en-us/library/jj822366.aspx
another blog for same stuff:http://spgurunet00.web707.discountasp.net/post/2012/12/13/Hiding-SharePoint-2013-Ribbon-from-Anonymous-Users.aspx
Please remember to mark your question as answered &Vote helpful,if this solves/helps your problem. ****************************************************************************************** Thanks -WS MCITP(SharePoint 2010, 2013) Blog: http://wscheema.com/blog -
Server 2003: make user template with read-only access for shared folders
I have need to make a type of user (like Administrator, Power User, Mobile User, User, etc.) that has read-only acess to shared folders. So when I make a new user and assign the "read-only user" template I wish to have, the user can open files
in the shared folders on the server, but not edit, save or delete files. Other users can and should remain able to edit, save & delete.
Before I dig in, is this even possible?You could create a Group called ReadOnly, and set that to have Read on the ACLs of the relevant files or folders.
Make that template user a member of that group.
As long as they are not also a member of another group that gives them higher permissions, this would work.
Otherwise set the ReadOnly group to deny Write, which would over ride any other permission set.
So,
Folder A
ACL:
ReadOnly : R
Users: Read/Write
If a user is a member of Users & ReadOnly, they would get read/write to Folder A. As permissions are cumulative.
If you did the following:
Folder A
ACL:
ReadOnly : R
ReadOnly: Deny Write
Users: Read/Write
The users in ReadOnly would be denied write, as it overrides the cumulative permissions.
Robert Pearman SBS MVP
itauthority.co.uk |
Title(Required)
Facebook |
Twitter |
Linked in |
Google+ -
Remove Standby/Read only mode for a database in sql server 2005
Hi,
I have a problem in sql sever . my database is showing standby/read-only mode. i want to remove that mode.please help me for the issue.HI
Did you assign any DB read only user?
check the administrator guide in your SAP Business one->Documntation->system setup->Administrator guide...
but removing DB read only user is impossible..... -
ADF: Read only user access to application role on BTFs
Hi,
My JDeveloper version is 11.1.1.5
I am trying to create read only users in my adf application. But I am unable to give read only permissions to the user on bounded task flows/ .jssf page which have editable tables and forms.
I have searched for the information, I did not find any solution.
Could some one please help me?
Many thanks in Advance
--Anil
Edited by: 977652 on Apr 5, 2013 6:50 AMIf you are using ADF BC, you can protect fields at EO level or protect the entire EO (check the security tab). The frontend will then render fields as read-only if your user is only allowed read permissions.
If you are not using ADF BC, you can implement a custom resource permission as described here (ignore the fact that this is for an entity, the principle remains the same) http://www.oracle.com/technetwork/developer-tools/adf/learnmore/76-insert-update-entity-protection-334421.pdf
You must then add an el expression to each fields readOnly attribute or you can implement a phaselistener that traverses all fields enclosed within a form and make them readonly. -
Hi All,
Although the systems in question run Solaris 8, I am asking in this Solaris 10 forum because the way to implement what I am trying to do will most likely be the same on Solaris 8 as Solaris 10 (basic user, group, and permissions related functions have not changed much). There are also alot more posts and answers in this forum so I'm likely to receive a response more quickly.
My question is: I have been asked to create a "read-only" account for IBM to support some of the applications on a couple of our systems (app support has recently been outsourced to them). I don't really understand why they would be needing a "read-only" account as they wouldn't be able to do anything to resolve problems or install new versions etc., but anyway the question is there and they seem to be insisting on creating such an account. So what is involved with creating a so called "read-only" account? I have never been asked to create one of these before and I've been working with UNIX for quite some time.
I know one could do something like create a very basic user who is only a member of a new group I would create called e.g. "readonly" and then use things like "chmod" to set permissions so that all files on the system have no write or execute permissions for "other" users (e.g. -rwxrwxr--), or I can use restricted shell (e.g. rksh, rbash) etc. However, setting all files globally to no write and execute permissions for "other" can and probably would cause all sorts of problems, and I already gave them a restricted shell but this was not suitable for them as they are unable to change directory or browse other parts of the filesystem they need to check.
Please let me know how I can create one of these so-called "read-only" accounts.
Thanks in advance.
Regards,
David.
Commonwealth Bank
David Stofberg
UNIX Systems Administrator
Enterprise IT Operations
Level 9, 363 George Street
Sydney NSW 2000
P: +61 (2) 9303-2898
M: +61 (434) 220-893
E: [email protected]
Our vision is to be Australia's finest financial services organisation through excelling in customer service.most normal users dont have the ability to write to most critical areas of the system by default. if you need more restrictions, deploy RBAC. you can create custom rights profile to limit what a certain role can do.
[http://docs.sun.com/app/docs/doc/816-4557/prbactm-1?a=view] solaris 10
[http://docs.sun.com/app/docs/doc/805-7229/6j6q8svdf?l=en&a=view] solaris 8 (update 10/01) -
Problem with Read-only user being able to add and delete files and folders.
The setup:
Computer #1
iMac (intel) running 10.5.5
File sharing ON
Sharing folder on external USB drive called 'iTunes' (but not the drive volume itself)
Users:
- Everyone = Read Only
- Admin(me) = Read/write
- UserA = Read Only (with account PW and username identical to local login for computer below)
Computer #2
UserA's iBook G4 running 10.4.11
When I go to finder>network>iMac>connect it prompts me to login which I do and then select 'iTunes' folder which is visible and mounts successfully. I can see all files, access them all. Life seems great. Then I discover that I can also modify and delete files from the iBook, and create and delete directories.
I'm new to networking and although I've setup and managed minimal networking tasks on PCs before, this is my first foray into the Mac networking world. Please help.
What am I doing wrong? What haven't I set?
Thanks in advance.Sorry, I should have clarified this in the first email.
When I login from the iBook, I am logging in under a read-only user (not as myself, who is admin on the iMac). The user on the iBook has only been given read-only permissions on the iMac yet is able to add and delete files.
This read-only login/PW however, is the admin account on the iBook, but that shouldn't allow this person to write on the iMac so far as I understand things...right? -
Restict read only users to certain columns
Hi guys ,
I want to restrict read-only users to read only certain columns on the table.How do I go about restricting?Always include the following information when asking a question:
<ul>
<li>Full APEX version</li>
<li>Full DB/version/edition/host OS</li>
<li>Web server architecture (EPG, OHS or APEX listener/host OS)</li>
<li>Browser(s) and version(s) used</li>
<li>Theme</li>
<li>Template(s)</li>
<li>Region/item type(s)</li>
</ul>
935462 wrote:
Hi guys ,
I want to restrict read-only users to read only certain columns on the table.How do I go about restricting?Who are readonly users? How are they determined?
What exactly are you talking about?
Is it a report, If then which report Interactive or Classic?
In either of them you can do conditional display of column using the same login
Look at this for options http://docs.oracle.com/cd/E23903_01/doc/doc.41/e21674/bldapp_rpt_att.htm#BCEBDIFA -
Can read-only users obtain row locks on non-temporary (i.e,. visible to other users) tables, for example through SELECT FOR UPDATE, even though they couldn't not ultimately modify said tables?
Yes.
Here is an example with Oracle XE 11G and HR schema:
Connecting as user having only CREATE SESSION and SELECT privilege on HR.JOBS table:
SQL> desc hr.jobs;
Name Null? Type
JOB_ID NOT NULL VARCHAR2(10)
JOB_TITLE NOT NULL VARCHAR2(35)
MIN_SALARY NUMBER(6)
MAX_SALARY NUMBER(6)
SQL> select * from session_roles;
no rows selected
SQL> select * from session_privs;
PRIVILEGE
CREATE SESSION
SQL> select owner, table_name, privilege from user_tab_privs;
OWNER TABLE_NAME
PRIVILEGE
HR JOBS
SELECT
SQL> select job_title from hr.jobs for update;
JOB_TITLE
President
Administration Vice President
Administration Assistant
Finance Manager
Accountant
Accounting Manager
Public Accountant
Sales Manager
Sales Representative
Purchasing Manager
Purchasing Clerk
JOB_TITLE
Stock Manager
Stock Clerk
Shipping Clerk
Programmer
Marketing Manager
Marketing Representative
Human Resources Representative
Public Relations Representative
19 rows selected.
SQL>Now connecting as HR following statement hangs:
SQL> connect hr/hr
Connected.
SQL> select * from jobs for update;Going back to first session:
SQL> update hr.jobs set min_salary=0;
update hr.jobs set min_salary=0
ERROR at line 1:
ORA-01031: insufficient privileges
Maybe you are looking for
-
I have a copy of Windows 7, and I am trying to bring up Boot Camp on my MacBook with Snow Leopard.
I have a copy of Windows 7, and I am trying to bring up Boot Camp on my MacBook with Snow Leopard. But my Snow Leopard install disk is too old for Windows 7, so attempted Boot Camp install of drivers fails. I have hand-installed the NVidia graphics d
-
Problem with getting actual data from Detail in Master/Detail
Hi. I'm using master-detail tables (based on Read-Only view objects connected with view link). In those tables some columns are inputText, so that user can change data for the use of stored procedure only (I don't want to change data showed in tables
-
REP-1813 Object 'R_G_Document_Number1' too large to fit in matrix cell.
Dear Concerns, I am facing this problem in my Cash Book Report which is Matrix. Reports runs perfectly but on page 16 its shows the REP-1813 error and on one of our supplier it shows this but in query when i do this and pv.VENDOR_NAME !=('M/s S. B. E
-
Directory problem....(utl_file related)
create directory test_sukanta_dir as 'C:/Oracle/Sukanta';+ when this statement run successfully ..its mean it create a Directory named by Sukanta which is inside C drive , Oracle Directory..is it..if yes when this statement run successfully no such d
-
I was prompted to download the new version of Adobe Reader XI 10.0.03. I now cannot open it
I was prompted to download the new version of Adobe Reader XI 10.0.03. I now cannot open any document. I have never had trouble before. It gives me an error message: "Adobe Reader cannot open in protected mode due to an incompatability with your syst