Read only user for Weblogic Server Console (6.1)

Similar Messages

• Read-only user for Weblogic 6.1 sp2 console

  Is there a way to restrict a user to read-only priv. on the weblogic
  console? Either by using acl's or other means.
  Thanks in advance,
  Brown

  "Seb" <[email protected]> wrote in message news:3f33c3e2$[email protected]..
  >
  Hello,
  I'd like to create a read-only user for a customer that gives him acces tothe
  Console only for reading all the configuration. I don't him to modifyanything
  Is there a simple way to do this ?A previous post mentioned that this is not possible in 6.1.
  Brown,
  This functionality is not available in 6.1. The newest version of wls
  8.1 has this feature depending on the role that the user is in.
  ~satya

• Read only user in weblogic throwing error messages in logs

  Hi,
  We have a requirement to create a read only user with monitor access.
  our requirement is to monitor em console using moniotr user, i.e. this user will login to em console, monitor order flow from instances tab by entering order no. and dates, and logout from em console.
  we have done below steps to create monitor user,
  Admin Console->Security Realms >myrealm >Users and Groups-> new
  created user Monitor_User_1 and assigned group as Monitors.
  but whenever this user logs in or searches we are getting below error message:
  <Sep 15, 2013 7:25:21 PM EST> <Warning> <oracle.jps.admin> <BEA-000000> <Access denied. Required roles: Operator, Admin, executing subject: principals=[Monitor_User_1, Monitors]
  java.lang.SecurityException: Access denied. Required roles: Operator, Admin, executing subject: principals=[Monitor_User_1, Monitors]
  we even did below steps:
  With admin access login into EM Console. Select soa_infra, right click mouse -> Security -> Application Roles. On right side, click green arrow and see list of Roles shown. Select the role named SOAMonitors, click on this. And add a Monitor_User_1 to this.
  but we are still getting same error.
  Kindly let us know if we are missing something while creating monitor user and how to get rid of these messages.
  Please note that we are already in Production and our log files are filled with these messages.
  Thanks & Regards,
  Vivek Vishal

  moving this discussion to WebLogic Server - General thread.

• Want to create a Read Only user for a given app owner user

  Hi Folks,
  We have an application owner schema, lets call it OWNER, which has different objects living under it.
  Now, for certain reasons, the app group wants a read only user which should be able to view objects living only in OWNER. It would only be able to read things, and have no create or alter types of priv to be able to change anything.
  The first idea was to create a new user (e.g. RO) and give this explicit grants (select only) for all objects in OWNER. Though this works, is a maintenance havoc, since everytime there is a new object in OWNER, you have to remember to give explicit grants to all RO (or RW ) kind of users.
  What i am looking forward to is, some sort of privilege or role concept that apply on the user level, and not on object level. something that allows me to say, all objects of this schema (e.g. OWNER) are visible to user RO. Other restrictions on RO would control read or write behaviour.
  Does this thing exist ? please point me to the documentation/example..
  regards
  raghav..

  CREATE OR REPLACE TRIGGER myTest.trg_mytest
  AFTER DDL
  ON myTest.SCHEMA
  DECLARE
       lv_obj_type VARCHAR2(20) := TRIM(UPPER(ora_dict_obj_type));
       lv_evt_type VARCHAR(20)      := TRIM(UPPER(ora_sysevent));
       lv_obj_name     VARCHAR2(30) := trim(UPPER(ora_dict_obj_name));
       lv_role_name     VARCHAR2(30) := 'myTest_RO';
       lv_stmt          VARCHAR2(4000) := NULL;
       ln_job_nr     NUMBER;
  BEGIN
       IF lv_evt_type != 'GRANT' --lv_obj_type <> 'OBJECT PRIVILEGE' --
       THEN
            DBMS_JOB.SUBMIT(ln_job_nr,'begin execute immediate ''grant ' || ' select on ' ||
                                     lv_obj_name || ' to ' || lv_role_name || '''; END;');
       END IF;
     INSERT INTO TB_EVT_LOG(d_date, description)
     VALUES(SYSDATE,  lv_obj_name || '~~~~ created ' || lv_obj_type || '~~~~' || lv_evt_type );
     EXCEPTION
       WHEN OTHERS THEN
         RAISE;
  END trg_mytest;
  /This works. But, my problem is that it is not able to filter out the Grant statement itself, Its logging an entry for the grant (as a ddl operation as well).
  what am I doing wrong here ?
  regards
  raghav..

• How to create a user with read only access for ESB / BPEL Console

  I need to create a user with read only access to ESB Console & BPEL Console. I have created a user
  (esbreadonly) and assigned ascontrol_monitor role but user is still able to
  delete services from ESB systems (such as DefaultSystem). Is there any way to
  create a user that has strickly read only access to ESB Console & BPEL
  Console
  Thanks
  Dinesh Patel

  Check out this post.. I'm in the process of testing.
  http://chintanblog.blogspot.com/2007/12/i-saw-numerous-people-asking-about-bpel_290.html

• Read Only privileges for Access Server and Identity Server - OAM 10g

  Hi,
  I am working on Oracle Access Manager 10g version 10.1.4.
  I use an administrative account that is a member of the 'COREid Administrators' group to log into the access console and identity console of OAM.
  Since this is the administrative account, it has the rights to modify and update all access/identity entities.
  How can I set up an account that has "view only" privileges over all access and identity objects in OAM?
  I need to log into the access and identity consoles of OAM and view all policy domains/policies/access system configuration/user manager config/group manager config etc bt not be able to modify any of them.
  Is there a way to setup such an account in OAM?
  Regards,
  Abhishek.

  Hi Abhishek,
  It is possible to define different levels of administrator, but it is not possible to give an admin read access (to objects in the consoles) without also giving modify access. I do not believe that there is a straightforward way to meet this requirement - for the Access System you could use the Policy Manager API and write your own interface (which does not have the ability to modify) but obviously this would be some development effort.
  Regards,
  Colin

• How enable read only access for ACS server itself

  Hi,
  We would like to know whether its possible to create a read only access to the ACS server. Currenlty ACS server has a generic login with full admin rights.
  We need to create a login to couple of users to log into ACS to check the "Report and Activity" tab. Access to all other tabs should be disabled.
  We are using ACS4.0 verison. Please let me know whether its possible.
  Thanks
  Nachi

  Hi,alexchy8
  We can make use of 2 PowerShell commands to achieve this goal.
  Add-MailboxPermission and Add-MailboxFolderPermission.
  Execute the Add-MailboxPermission command to delegate the read permission at mailbox level.
  Execute the Add-MailboxFolderPermission command to delegate the required permissions on specific folders inside the mailbox.
  You can read the following article as reference:
  http://www.exchangedictionary.com/articles/assign-read-only-mailbox-permission-on-exchange-2010-2013-powershell
  Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety,
  or suitability of any software or information found there. Please make sure that you completely understand the risk before retrieving any suggestions from the above link.
  Best Regards.

• Read only user creation for Oracle EM Console 11.1.1.5

  Dear All.
  I have created Read only user for Oracle EM Console.
  I have followed below link to do the same
  http://moshe-soa.blogspot.com/2011/09/blog-post.html.
  I have noticed with read only user is that TEST button in EM Console is active means user with read only user can create a trans, in Prod scenario it is a risk.
  Raised a CR with Oracle and found that it is a bug
  Bug 14082464 - CANNOT DISABLE TEST/TEST WEB SERVICE BUTTON IN SOA EM COSOLE is there in Metalink.
  So my question is there any way by which i can disable the TEST button in EM Conasole.
  I think there are some WLST script or servlet java class available to resolve this issue.
  Can any one confirm this and please suggest if any one aware of any alternative method.
  Thanks,

  Hi, have you got any solution to this problem? I am having exact the same issue in 11.1.1.6.

• Authorization RADIUS - read-only user on FWSM

  Hi support community,
  I am experiencing an issue while trying to create some read-only users on my FWSM.
  I've setup the authentication on my RADIUS Server, which works fine, and put the aaa authorization command LOCAL  command.
  I've also set the commands - associated priviege :
  privilege show level 3 mode configure command dhcpd
  privilege show level 5 mode configure command privilege
  All this things works great when i authenticate locally on the FWSM.
  However, this is not working whe authenticating via the RADIUS server:
  aaa authentication enable console MY_RADIUS LOCAL
  aaa authentication http console MY_RADIUS LOCAL
  aaa authentication ssh console MY_RADIUS LOCAL
  And i set up the authorization locall, because i dont run any TACACS server :
  aaa authorization command LOCAL
  I managed to make this work on ASA, by sending RADIUS attributes (cf a document that i can't find anymore...).
  So what are exactly the differences between asa and FWSM ?
  On my ASA there was a command i could not run on the FWSM :
  aaa authorization exec authentication-server
  (i am running version 4.1 on FWSM and 8.4 on ASA).
  Thank you for your help.
  Florian

  You really need to see the example given here,
  [Read only user for a schema|http://arjudba.blogspot.com/2008/09/create-read-only-user-for-schema.html]
  [Global read only user|http://arjudba.blogspot.com/2008/09/how-to-make-global-read-only-user.html]

• Server 2003: make user template with read-only access for shared folders

  I have need to make a type of user (like Administrator, Power User, Mobile User, User, etc.) that has read-only acess to shared folders. So when I make a new user and assign the "read-only user" template I wish to have, the user can open files
  in the shared folders on the server, but not edit, save or delete files. Other users can and should remain able to edit, save & delete.
  Before I dig in, is this even possible?

  You could create a Group called ReadOnly, and set that to have Read on the ACLs of the relevant files or folders.
  Make that template user a member of that group.
  As long as they are not also a member of another group that gives them higher permissions, this would work.
  Otherwise set the ReadOnly group to deny Write, which would over ride any other permission set.
  So,
  Folder A
  ACL:
  ReadOnly : R
  Users: Read/Write
  If a user is a member of Users & ReadOnly, they would get read/write to Folder A. As permissions are cumulative.
  If you did the following:
  Folder A
  ACL:
  ReadOnly : R
  ReadOnly: Deny Write
  Users: Read/Write
  The users in ReadOnly would be denied write, as it overrides the cumulative permissions.
  Robert Pearman SBS MVP
  itauthority.co.uk |
  Title(Required)
  Facebook |
  Twitter |
  Linked in |
  Google+

• I want to give a user to read only rights on sql server agent 2008

  I want to give a user to read only rights on sql server agent 2008.When I giving SQLAgentuser Role then user is only able to view SQL Server agent as Green but no job visible in job activity monitor.Currently he has db_reader rights on one user database.
  What rights should I give?
  Thanks

  There are 3 SQL server Agent fixed database roles in sql server.
  1.SQL AgentUSerRole:- To create and manage jobs
  2.SQLAgentReaderRole: To grant read acces.
  3.SQLAgentOperatorRole : to run and delete jobs.
  For you question you can create a user and grant him SQLAgentReaderRole.
  Example:
  Create LOGIN test with Password='abc'
  Use msdb;
  GO
  Create User test for login test
  use msdb;
  EXECUTE sp_addrolemember @rolename='SQLAgentReaderRole',@membername='test'
  Hope this solves your problem!!!

• How hide ribbon bar for read only users from custom master page.

  Hi,
  I want to hide the ribbon bar for read only users, on my custom master page I put inside of a SharePoint:SPSecurityTrimmedControl this div: <div id="ms-designer-ribbon">, but when I  save the changes the master page does not work
  anymore.
  <!--MS:<SharePoint:SPSecurityTrimmedControl runat="server" AuthenticationRestrictions="AddAndCustomizePages">-->
  <div id="ms-designer-ribbon">
  <!--SID:02 {Ribbon}-->
  <!--PS: Start of READ-ONLY PREVIEW (do not modify) --><div class="DefaultContentBlock" style="background:rgb(0, 114, 198); color:white; width:100%; padding:8px; height:64px; ">The SharePoint ribbon will be here when your file is either previewed on or applied to your site.</div><!--PE: End of READ-ONLY PREVIEW -->
  </div>
  <!--ME:</SharePoint:SPSecurityTrimmedControl>-->
  I'll appreciate any suggestions in order to solve this.
  Regards.

  did you close browse and open a fresh session?
  also authericationrestrictions for add & customize people so its more than read...
  check this one
  http://msdn.microsoft.com/en-us/library/jj822366.aspx
  another blog for same stuff:http://spgurunet00.web707.discountasp.net/post/2012/12/13/Hiding-SharePoint-2013-Ribbon-from-Anonymous-Users.aspx
  Please remember to mark your question as answered &Vote helpful,if this solves/helps your problem. ****************************************************************************************** Thanks -WS MCITP(SharePoint 2010, 2013) Blog: http://wscheema.com/blog

• SharePoint 2010 List View Web Part not showing for read-only users?

  Hello all,
  I have List View Webparts on my Blank Web Part page, and it's not showing for Read-Only users.
  Is this intended by Microsoft or is it a bug?
  Thank you!

  Hi,
  According to your post, my understanding is that the read only user could not see the list view web part.
  Per my knowledge, the issue may be cause that the user do not have the proper permission for the list.
  1. Check whether the user can access the list.
  2. Check whether the user can view all the items instead of partial items in the list.
  3. Check whether there are some fields refer to other lists or terms, especially the lookup field or managed metadata filed.
       If that is the case, make sure the user can access the lookup list.
  Thanks,
  Jason
  Forum Support
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
  [email protected]
  Jason Guo
  TechNet Community Support

• Remove Standby/Read only mode for a database in sql server 2005

  Hi,
        I have a problem in sql sever . my database is showing standby/read-only mode. i want to remove that mode.please help me for the issue.

  HI
  Did you assign any DB read only user?
  check the administrator guide in your SAP Business one->Documntation->system setup->Administrator guide...
  but removing DB read only user is impossible.....

• Jsafe unsatisfied link error calling CyberSource credit card service for Weblogic Server 5.1 on Linux

  Hi,
  I'm running Weblogic Server 5.1 on Linux, when we make CyberSource credit card request, the server console shows errors: jsafe unsatisfied link: jsafe not found in java.library.path .....
  However, when we run Weblogic Server 5.1 on Window 2000, it does not show any errors and goes well with CyberSource credit card services.
  Anybody can help me?
  Thanks!
  Jean

  Did you modify your scripts to actually use SP6?
  jean chen wrote:
  >
  I just applied service pack 6 (weblogic510sp6.zip) on my WLS on Red Hat Linux 6.1, it still shows the same error in weblogic server console. I saw newsgroup Install section somebody said it is a RSA bug and BEA is working with them to fix it and right now just ignore the error print stack, is that true?
  Jean
  "Jesus M. Salvo Jr." <[email protected]> wrote:
  Service Packs include filss for all supported platforms, including
  Linux. I am using them here.
  John
  jean chen wrote:
  Jesus,
  I'm running Weblogic on Linux, is there any SP6 for this platform at all?
  Thanks!
  Jean
  "Jesus M. Salvo Jr." <[email protected]> wrote:
  That error about "no jsafe" occurs if you have not applied any service
  pack at all ( as you have said ). Get the latest SP ( SP6 ) and it
  should go away.
  John
  jean chen wrote:
  I have weblogicaux.jar in my Java CLASSPATH and Weblogic CLASSPATH, but I put it together with my other jar files under another directory instead of lib directory
  Jean
  "Alf" <alf> wrote:
  Do you have /lib/weblogicaux.jar in your classpath? COM.rsa.jsafe is found
  in this file.
  "jean chen" <[email protected]> wrote in message
  news:[email protected]...
  Hi,
  I'm running Weblogic Server 5.1 on Linux, when we make CyberSource creditcard request, the server console shows errors: jsafe unsatisfied link: jsafe
  not found in java.library.path .....
  However, when we run Weblogic Server 5.1 on Window 2000, it does not showany errors and goes well with CyberSource credit card services.
  Anybody can help me?
  Thanks!
  Jean
  Jesus M. Salvo, Jr.
  Senior Consultant
  PowerServe Pty Ltd
  Level 2, 116 Miller Street
  North Sydney 2060
  New South Wales, Australia
  Ph: (61-2) 9492 4800
  Direct (61-2) 9492 4853
  Fax: (61-2) 9492 4899
  http://www.powerserve.com.au
  Email: [email protected]
  This email is from PowerServe Pty Limited (ACN 069 037 056)
  The information contained in this email (including any attached files)
  may be privileged and confidential intended for the use of the
  person/persons named above. If you are not the intended recipient, you
  are advised that any use, distribution or copying of the information is
  strictly prohibited. If you have received this transmission in error,
  please notify PowerServe Pty Limited immediately on (61 3) 9618 1222 or
  reply by email to the sender.
  PowerServe Pty Limited does not represent or warrant that this email or
  any attached files are free from computer viruses or other defects. Any
  attached files are provided, and may only be used, on the basis that the
  user assumes all responsibility for