Role, user and group

Hi, folks:
In order to have separate PROD and DEVL services, I created a role to include all production databases/listeners require 7*24 paging support. Then I assign a user(Administrator) to this role and subscribe to my own notification rule (This rule only checks for important metrics). And this user has a pager for its email address. As for the other DBs, I simply let the OEM provided notification rule take care of it and have some important alerts send to an email address. In the future, if I need have any new database requires 7*24 paging support, I can simply add the DB in this role. Is this a good approach. Can GROUP be used in this setup, like putting all important stuff (Listener, hosts, DB) in this group and simply assign the group to the role??

Yes. Allen. Group is for that purpose only .. simply you can segregate your whole application in to diffrent area .. either or PROD/DEV/UAT or into diff region for eg NA/EMEA/APAC or with diff applications ...

Similar Messages

Assigning Roles to Users and Groups

Hi,
We have installed EP 5.0 SP4...with Content Management...we configured the LDAP to Portal......all the users are maintained through LDAP only...the problem is assigning the Role's to user..here in portal how to assign the roles to the users...we are not getting the Role assignment option under Portal Admin TAB..is there any way to configure the roles to User's are Group's.....
it is an urgent assignment for me..help can be appreciated...
sudhir

Sudhir,
You can assign the roles to users and groups as below.
1. Select the System Administration in the top level navigtion
2. Select user administration
3. You can search for a specific user or a group from this iView.
4. Use the edit button to edit the profie of the user or group.
5. Search for the role in the search iView.
6. Add the role to the user of group and save.

LDAP Users and Groups

Hi,

I have configured an LDAP Authenticator for an external LDAP directory in the security realm of the samples portal. User Management is working, but when I try to access the Group Management for the LDAP Authenticator I get the following error:

com.bea.p13n.usermgmt.hierarchy.TreeNotBuiltException: State: UNINITIALIZED. Tree is uninitialized. Add provider GAAD to list of providers to build. Tree is uninitialized. Add provider GAAD to list of providers to build.


It seems that this needs to be setup. How do I do this?


Some general notes on LDAP:

I think that in a production environment it is of great value to manage users and groups in a LDAP directory. For instance we have a company directory which contains all users. It seems that users from LDAP can not been added to groups which are in the DB. LDAP also has the advantage of supporting dynamic groups.
As in previous weblogic releases the LDAP authenticator is read only. It would be great if the write functionality could be added as well. Actually managing LDAP users and groups in one place would be a tremendous improvement for us.

Another thing on my wishlist are examples for delegated administration and visitor entitlements. For the sample portal these are empty. But I think it would be nice to have some out of the box examples that show what is possible and help developers and business analysts to understand the concepts and create their own roles.

It would be interesting to read what Bea and other developer think about this.

Kind regards,

Kai


Marcus,
Yes, I am using 9.2 TP.
We are already using LDAP for user management with 8.1.
Now, I try to configure 9.2 as well. I am running 9.2 installations on different machines. When I click on Service Administration in the Admin Portal, I get the following error message for each installation:
java.lang.NullPointerException at com.bea.jsptools.serviceadmin.ads.ToolAdServiceBean.cloneFromAdServiceBean(ToolAdServiceBean.java:190) at com.bea.jsptools.serviceadmin.ServiceAdminTreeBuilder.buildAdContentProviderNodes(ServiceAdminTreeBuilder.java:769) at com.bea.jsptools.serviceadmin.ServiceAdminTreeBuilder.buildAdServiceBranch(ServiceAdminTreeBuilder.java:746) at com.bea.jsptools.serviceadmin.ServiceAdminTreeBuilder.createTreeElement(ServiceAdminTreeBuilder.java:184) at com.bea.jsptools.patterns.tree.TreeService$DefaultTreeServiceImpl.buildWholeTree(TreeService.java:234) at com.bea.jsptools.patterns.tree.TreeService$DefaultTreeServiceImpl.buildWholeTree(TreeService.java:235) at com.bea.jsptools.patterns.tree.TreeService$DefaultTreeServiceImpl.buildTree(TreeService.java:122) at util.tree.TreeController.constructTree(TreeController.java:142) at util.tree.TreeController.buildTree(TreeController.java:422) at jrockit.reflect.VirtualNativeMethodInvoker.invoke(Ljava.lang.Object;[Ljava.lang.Object;)Ljava.lang.Object;(Unknown Source) at java.lang.reflect.Method.invoke(Ljava.lang.Object;[Ljava.lang.Object;I)Ljava.lang.Object;(Unknown Source) at org.apache.beehive.netui.pageflow.FlowController.invokeActionMethod(FlowController.java:852) at org.apache.beehive.netui.pageflow.FlowController.getActionMethodForward(FlowController.java:782) at org.apache.beehive.netui.pageflow.FlowController.internalExecute(FlowController.java:456) at org.apache.beehive.netui.pageflow.PageFlowController.internalExecute(PageFlowController.java:285) at org.apache.beehive.netui.pageflow.FlowController.execute(FlowController.java:336) at org.apache.beehive.netui.pageflow.internal.FlowControllerAction.execute(FlowControllerAction.java:48) at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:419) at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor.access$201(PageFlowRequestProcessor.java:97) at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor$ActionRunner.execute(PageFlowRequestProcessor.java:1984) at org.apache.beehive.netui.pageflow.interceptor.action.internal.ActionInterceptors.wrapAction(ActionInterceptors.java:90) at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor.processActionPerform(PageFlowRequestProcessor.java:2055) at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:224) at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor.processInternal(PageFlowRequestProcessor.java:535) at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor.process(PageFlowRequestProcessor.java:821) at org.apache.beehive.netui.pageflow.AutoRegisterActionServlet.process(AutoRegisterActionServlet.java:625) at org.apache.beehive.netui.pageflow.PageFlowActionServlet.process(PageFlowActionServlet.java:156) at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:414) at org.apache.beehive.netui.pageflow.PageFlowUtils.strutsLookup(PageFlowUtils.java:1178)
java.lang.NullPointerException
java.lang.NullPointerException
at com.bea.jsptools.serviceadmin.ads.ToolAdServiceBean.cloneFromAdServiceBean(ToolAdServiceBean.java:190)
at com.bea.jsptools.serviceadmin.ServiceAdminTreeBuilder.buildAdContentProviderNodes(ServiceAdminTreeBuilder.java:769)
at com.bea.jsptools.serviceadmin.ServiceAdminTreeBuilder.buildAdServiceBranch(ServiceAdminTreeBuilder.java:746)
at com.bea.jsptools.serviceadmin.ServiceAdminTreeBuilder.createTreeElement(ServiceAdminTreeBuilder.java:184)
at com.bea.jsptools.patterns.tree.TreeService$DefaultTreeServiceImpl.buildWholeTree(TreeService.java:234)
at com.bea.jsptools.patterns.tree.TreeService$DefaultTreeServiceImpl.buildWholeTree(TreeService.java:235)
at com.bea.jsptools.patterns.tree.TreeService$DefaultTreeServiceImpl.buildTree(TreeService.java:122)
at util.tree.TreeController.constructTree(TreeController.java:142)
at util.tree.TreeController.buildTree(TreeController.java:422)
at jrockit.reflect.VirtualNativeMethodInvoker.invoke(Ljava.lang.Object;[Ljava.lang.Object;)Ljava.lang.Object;(Unknown Source)
at java.lang.reflect.Method.invoke(Ljava.lang.Object;[Ljava.lang.Object;I)Ljava.lang.Object;(Unknown Source)
at org.apache.beehive.netui.pageflow.FlowController.invokeActionMethod(FlowController.java:852)
at org.apache.beehive.netui.pageflow.FlowController.getActionMethodForward(FlowController.java:782)
at org.apache.beehive.netui.pageflow.FlowController.internalExecute(FlowController.java:456)
at org.apache.beehive.netui.pageflow.PageFlowController.internalExecute(PageFlowController.java:285)
at org.apache.beehive.netui.pageflow.FlowController.execute(FlowController.java:336)
at org.apache.beehive.netui.pageflow.internal.FlowControllerAction.execute(FlowControllerAction.java:48)
at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:419)
at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor.access$201(PageFlowRequestProcessor.java:97)
at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor$ActionRunner.execute(PageFlowRequestProcessor.java:1984)
at org.apache.beehive.netui.pageflow.interceptor.action.internal.ActionInterceptors.wrapAction(ActionInterceptors.java:90)
at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor.processActionPerform(PageFlowRequestProcessor.java:2055)
at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:224)
at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor.processInternal(PageFlowRequestProcessor.java:535)
at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor.process(PageFlowRequestProcessor.java:821)
at org.apache.beehive.netui.pageflow.AutoRegisterActionServlet.process(AutoRegisterActionServlet.java:625)
at org.apache.beehive.netui.pageflow.PageFlowActionServlet.process(PageFlowActionServlet.java:156)
at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:414)
at org.apache.beehive.netui.pageflow.PageFlowUtils.strutsLookup(PageFlowUtils.java:1178)

Populating users and groups - design considerations/best practice

We are currently running a 4.5 Portal in production. We are doing requirements/design for the 5.0 upgrade.
We currently have a stored procedure that assigns users to the appropriate groups based on the domain info and role info from an ERP database after they are imported and synched up by the authentication source.
We need to migrate this functionality to the 5.0 portal. We are debating whether to provide this functionality by doing this process via a custom Profile Web service. It was recommended during ADC and other presentation that we should stay away from using the database security/membership tables in the database directy and use the EDK/PRC instead.
Please advise on the best way to approach(With details) this issue. We need to finalize the best approach to take asap.
Thanks.
Vanita

So the best way to do this is to write a custom Authentication Web Service. Database customizations can do much more damage and the EDK/PRC/API are designed to prevent inconsistencies and problems.
Along those lines they also make it really easy to rationalize data from multiple backend systems into an orgainzation you'd like for your portal. For example you could write a Custom Authentication Source that would connect to your NT Domain and get all the users and groups, then connect to your ERP system and do the same work your stored procedure would do. It can then present this information to the portal in the way that the portal expects and let the portal maintain its own database and information store.
Another solution is to write an External Operation that encapsulates the logic in your stored procedure but uses the PRC/Server API to manipulate users and group memberships. I suggest you use the PRC interface since the Server API may change in subtle ways from release to release and is not as well documented.
Either of these solutions would be easier in the long term to maintain than a database stored procedure.
Hope this helps,
-Akash

What is the SYNTAX for the user and group filters??? Is the HTML Ampersand token Amper A m p semicolon required in the filter

There seems to be quite a bit of confusion over the actual syntax for the user and group filters on the Forms Based Authentication Ldap Role and membership providers.. MSFT isn't really clear and there is a universal confusion in the blogsphere.
I the filters should the prefix be the ACTUAL Ampersand or the HTML token for an AMPERSAND.. I realize the in many cases the blogger might have inadvertently specified the html token when the bare naked ampersand was intended.. The question
therefore is : can a filter be taken directly from and ADSIEdit query and used as a filter or must the filter be made HTML safe by swapping out the AMERSAND with the HTML Token for AMERSAND before putting it into the configuration
for the LDAPRole/membership provider...
All science is either physics or stamp collecting

Hi GUYO,
I am not quite sure how we implement this on sharepoint side, as I did research and sharepoint may not have this feature to do this.
most of the LDAP for sharepoint may need to follow these steps in this article:
http://technet.microsoft.com/en-us/library/ee806890(v=office.15).aspx
http://blogs.msdn.com/b/sridhara/archive/2010/01/07/setting-up-fba-claims-in-sharepoint-2010-with-active-directory-membership-provider.aspxhttp://blogs.msdn.com/b/kaevans/archive/2013/01/31/configuring-ldap-for-fba-in-sharepoint-2010-or-sharepoint-2013-with-powershell.aspx
here is an example :
http://blogs.msdn.com/b/sharepoint__cloud/archive/2011/12/20/achieving-fba-with-adlds-amp-sharepoint-2010.aspx
if should this questions was at the ADSIEdit part, perhaps you can help us by opening a new thread at the AD foum
https://social.technet.microsoft.com/Forums/en-US/home?category=windowsserver
Regards,
Aries
Microsoft Online Community Support
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Example of creating a valid LDAP user and group in the Portal tree

I need to create (via bulk LDIP or API) fresh users AND groups into OID that can be used by Portal. In theory it sounds easy - just create an appropriate LDIF file.
What is the best way to achieve this?
I don't the know the structure that should be used in the LDIF file that would create the correct structure held for all the Portal users and groups in OID.
I've looked through the OID admin and dev guides but am still confused as to what exactly I have to do. It seems that Portal accounts are synchronised by a method called Provisioning.
All I want to do is bulk upload Portal compatible users into the repository.
Can somebody please assist.
Cheers,
John

I have below changes in files
1] In jps-config.xml
-- Added identity store and selected it from drop down in Security Context tab.
2] In weblogic-application.xml
In Security tab --> Role assignment mapped valid-users to principle name.
<security>
<realm-name>myrealm</realm-name>
<security-role-assignment>
<role-name>valid-users</role-name>
<principal-name>DERDev</principal-name>
</security-role-assignment>
</security>
3] Same thing done in weblogic.xml . I do not know the difference between weblogic-application.xml and weblogic.xml configuartion and which will work.
4] Added security role "DERDev" along with the default/automatically added role "valid users"
<security-role>
<role-name>DERDev</role-name>
</security-role>
Still no luck ...... i am missing again ? I referred many links but found not a single document mentioning all steps
Mukesh

Need to migrate Shared services users and groups from 9.3.1 to 11.1.2.2 ver

Hi All,
We need to migrate Shared services users and groups from 9.3.1 to 11.1.2.2 version. Any help would be appreciated. Can we use CSS import export utility?
Thanks in advance!!

Hi John, In my another environment I have to migrate the users and groups from Hyperion HSS 11.1.1.2 to Hyperion shared services 11.1.2.2. I am using LCM for that, when I export the users and gropus from 11.1.1.2, it exports fine but when i import it to my 11.1.2.2 using LCM, I am getting the below errors.
Error when I try to import the groups:
ErrorEPMIE-00051: Failed to perform operation on role. Could not locate role matching filter {0} and filter attribute {1}. Please ensure that a role exists matching the filter with filter attribute.
EPMIE-00024: Failed to import all of the membership info for group test group. Invalid group members encountered. Please ensure the validity of members and its existence in their respective providers.
Errors when i try to import the users:
ErrorEPMIE-00051: Failed to perform operation on role. Could not locate role matching filter {0} and filter attribute {1}. Please ensure that a role exists matching the filter with filter attribute.
EPMIE-00020: Failed to update user 04668162 during import. Invalid identity for user. Please ensure that the user is available in the system with the identity specified in the import file.
Any idea?
Thanks in advance.

Using users and groups from LDAP in ADF application

Hi there,
I'm using WebLogic Server 10.3.5.0 and JDev 11.1.2.3.0.
I configured my WL server to use the users and groups defined in my LDAP server (they display when I select the Users or Groups tab). So this works fine (I think).
Now I want to use 1 group, let's call the group ApplicationGroup, and all it's users to give them access to my ADF Application.
But I can't find proper/up-to-date info about how to do this.
I tried 2 major things:
1) I configured ADF Security to use Authentication and Authorization. Defined an Enterprise Role with the same name as in my WL server (so ApplicationGroup) then defined a
Application Role with a custom name and added the Enterprise Role to it. That Application Role I gave access to all my TF's and Web Pages. When I deploy this, It just doesn't work (Migrate Users and Groups is not checked).
2) Used the Authentication option in the ADF Security and the rest is the same as in 1). This works +-, I can login with all users so the role mapping isn't configured right I guess?
Any help or documentation that could help me?

Since we aren't using EM I had to find an other way. And I found it.
In web.xml ADF Security (I suppose) automaticly adds 'valid-users'. In my weblogic.xml I added my enterprise role as a principal to 'valid-users' and this works for me.
Thanks for the help.

Webcenter spaces user and group and WLS security realm

I want to configure external ORACLE DB,
I configed the security realm in WLS, and I can see the user and group list in WLS page, But I cant find any of them in webcenter spaces,
and also can not login with those users.
I added a user with WLS, it works well.
do I need to do other configrations?

First you need to create a Administrator for this new identity stores. Weblogic user is not identified now because its not mapped by first authenticator. See Oracle WebCenter Admin Guide, section 28.4.1.1 Granting the WebCenter Spaces Administrator Role Using FusionMiddleware Control. Once you have done this step, do the same steps for other application user. For this you have to give Application role to other user so that they can login and use WebCenter Space.See Oracle WebCenter Admin Guide, Section 28.4.2.1 Granting Application Roles Using Fusion Middleware Control.
After doing above steps, restart WC_Spaces managed server.

Creating new user and group in BPEL PM.

Hi,
Please tell me how to cerate new user and groups in BPEL PM.
I understand that BPEL PM uses jazn files to keep user information . I would like to know the steps to create new users and gourps in BPEL PM.
Thanks

Please refer this link http://download.oracle.com/docs/cd/E12483_01/integrate.1013/b28982/security.htm#CDDBJCHD and also you can create users/roles through EM (Enterprise Manager). Here even you can able to specify their roles.
regards
Rajesh A

Create worklist user and group's in 11G...

How to create worklist user's and group's in standart 11G instalation...
Thanks...

hI Raj,
It is very easy to create users,groups,roles in soa suite 11g manually .Just login to the weblogic console and you find a security realms tab click on that then next a page will open with my realms then click on it you will find a users and groups tab on top click on that then lock and edit the session and from there you can create users groups and also assign roles.You can also use external ldap if you want,Please let me know if this clarifies your doubt

Invalid WLS user and Group

Hello, i´ve some problems using task worker control.
Some times my application shows an Error, and sometimes, (without code or configuration
change) doesn´t. The user "prueba" belongs to "TaskCreators" group (is logged
at error time).
This is the error, all of it shown at same time:
<Oct 31, 2003 11:13:37 AM GMT-05:00> <Error> <WLI-Worklist> <BEA-610030> <The
parameter prueba is an Invalid WLS user and group.>
<Oct 31, 2003 11:13:37 AM GMT-05:00> <Error> <WLI-Worklist> <BEA-610030> <The
parameter prueba is an Invalid WLS user and group.>
<Oct 31, 2003 11:13:37 AM GMT-05:00> <Error> <WLI-Worklist> <BEA-610066> <You
must be in the worklist admin role or task owner or the task claimant or in the
assignee list to perform this operation.
<Oct 31, 2003 11:13:37 AM GMT-05:00> <Warning> <WLW> <000000> <Id=top-level; Method=common.control.Tareas.getTaskInfo();
Failure=com.bea.control.ControlException: Error in the worklist control[0]>
[cgr] Unhandled exception caught in Global.app:
java.rmi.RemoteException: EJB Exception: ; nested exception is:
com.bea.control.ControlException: Error in the worklist control[0]
at weblogic.ejb20.internal.EJBRuntimeUtils.throwRemoteException(EJBRuntimeUtils.java:103)
at weblogic.ejb20.internal.BaseEJBHome.handleSystemException(BaseEJBHome.java:295)
at weblogic.ejb20.internal.BaseEJBObject.postInvoke(BaseEJBObject.java:253)
at weblogic.ejb20.internal.StatelessEJBObject.postInvoke(StatelessEJBObject.java:141)
at com.bea.wlw.runtime.core.bean.SyncDispatcher_k1mrl8_EOImpl.invoke(SyncDispatcher_k1mrl8_EOImpl.java:110)
at com.bea.wlw.runtime.core.dispatcher.ServiceHandleImpl.invoke(ServiceHandleImpl.java:285)
at com.bea.wlw.runtime.core.dispatcher.WlwProxyImpl.invoke(WlwProxyImpl.java:240)
at $Proxy8.getTaskInfo(Unknown Source)
... 100 more
Caused by: java.lang.ArrayIndexOutOfBoundsException: 0
at com.bea.wli.worklist.control.TaskWorkerControlHelper.invoke(TaskWorkerControlHelper.java:645)
... 64 more

Has anybody got the solution for this problem? We have exactly the same problem.
Any suggestions to solve this problem will be appreciated.
thanks,
Jin,
"Leonardo Contreras" <[email protected]> wrote:
>
Hello, i´ve some problems using task worker control.
Some times my application shows an Error, and sometimes, (without code
or configuration
change) doesn´t. The user "prueba" belongs to "TaskCreators" group (is
logged
at error time).
This is the error, all of it shown at same time:
<Oct 31, 2003 11:13:37 AM GMT-05:00> <Error> <WLI-Worklist> <BEA-610030>
<The
parameter prueba is an Invalid WLS user and group.>
<Oct 31, 2003 11:13:37 AM GMT-05:00> <Error> <WLI-Worklist> <BEA-610030>
<The
parameter prueba is an Invalid WLS user and group.>
<Oct 31, 2003 11:13:37 AM GMT-05:00> <Error> <WLI-Worklist> <BEA-610066>
<You
must be in the worklist admin role or task owner or the task claimant
or in the
assignee list to perform this operation.
<Oct 31, 2003 11:13:37 AM GMT-05:00> <Warning> <WLW> <000000> <Id=top-level;
Method=common.control.Tareas.getTaskInfo();
Failure=com.bea.control.ControlException: Error in the worklist control[0]>
[cgr] Unhandled exception caught in Global.app:
java.rmi.RemoteException: EJB Exception: ; nested exception is:
com.bea.control.ControlException: Error in the worklist control[0]
at weblogic.ejb20.internal.EJBRuntimeUtils.throwRemoteException(EJBRuntimeUtils.java:103)
at weblogic.ejb20.internal.BaseEJBHome.handleSystemException(BaseEJBHome.java:295)
at weblogic.ejb20.internal.BaseEJBObject.postInvoke(BaseEJBObject.java:253)
at weblogic.ejb20.internal.StatelessEJBObject.postInvoke(StatelessEJBObject.java:141)
at com.bea.wlw.runtime.core.bean.SyncDispatcher_k1mrl8_EOImpl.invoke(SyncDispatcher_k1mrl8_EOImpl.java:110)
at com.bea.wlw.runtime.core.dispatcher.ServiceHandleImpl.invoke(ServiceHandleImpl.java:285)
at com.bea.wlw.runtime.core.dispatcher.WlwProxyImpl.invoke(WlwProxyImpl.java:240)
at $Proxy8.getTaskInfo(Unknown Source)
... 100 more
Caused by: java.lang.ArrayIndexOutOfBoundsException: 0
at com.bea.wli.worklist.control.TaskWorkerControlHelper.invoke(TaskWorkerControlHelper.java:645)
... 64 more

LDAP User and Group import

My client has OAM as SSO provider. They want the LDAP Agent to import only users and groups but not the group memberships.
What setting should I Use for LDAP authentication ?

I have below changes in files
1] In jps-config.xml
-- Added identity store and selected it from drop down in Security Context tab.
2] In weblogic-application.xml
In Security tab --> Role assignment mapped valid-users to principle name.
<security>
<realm-name>myrealm</realm-name>
<security-role-assignment>
<role-name>valid-users</role-name>
<principal-name>DERDev</principal-name>
</security-role-assignment>
</security>
3] Same thing done in weblogic.xml . I do not know the difference between weblogic-application.xml and weblogic.xml configuartion and which will work.
4] Added security role "DERDev" along with the default/automatically added role "valid users"
<security-role>
<role-name>DERDev</role-name>
</security-role>
Still no luck ...... i am missing again ? I referred many links but found not a single document mentioning all steps
Mukesh

LDAP user and group configuration in ADF application

Hi All,
I have to use LDAP user and groups in my ADF application. I have configured the LDAP on WLS server successfully and can see all users/groups under tab "User and Groups". I have added the Enterprise Role in jazn-data.xml matching the name of groups. Created Application role in jazn-data.xml and assigned a role of Enterprise Role.
However not added any user in jazn-data.xml. Which i guess not required because it will picked from LDAP.
Now how to configure the JDeveloper to use those users ? What changes need to make in jazn-data.xml ? or in jps-config.xml / web.xml/ weblogic-application.xml
Am i missing nay configuration step. i have referred ADF Security set up - step by step tutorial - quick question but not found useful
I am using JDeveloper 11.1.1.5.
Thanking you all in advance.
Mukesh.

I have below changes in files
1] In jps-config.xml
-- Added identity store and selected it from drop down in Security Context tab.
2] In weblogic-application.xml
In Security tab --> Role assignment mapped valid-users to principle name.
<security>
<realm-name>myrealm</realm-name>
<security-role-assignment>
<role-name>valid-users</role-name>
<principal-name>DERDev</principal-name>
</security-role-assignment>
</security>
3] Same thing done in weblogic.xml . I do not know the difference between weblogic-application.xml and weblogic.xml configuartion and which will work.
4] Added security role "DERDev" along with the default/automatically added role "valid users"
<security-role>
<role-name>DERDev</role-name>
</security-role>
Still no luck ...... i am missing again ? I referred many links but found not a single document mentioning all steps
Mukesh

Hi I do not want iTunes to open up automatically when I turn on my macbook pro. I tried going to System Preferences Users and Groups Login Items and then I took iTunes off the list but it still opens up automatically when I turn on my laptop.

Hi I do not want iTunes to open up automatically when I turn on my macbook pro. I tried going to System Preferences>Users and Groups>Login Items and then I took iTunes off the list but it still opens up automatically when I turn on my laptop. What should I do?

Hi r,
Make sure you close iTunes before shutdown. And you're quite welcome.

Role, user and group

Similar Messages

Maybe you are looking for