Sun Role manager question.

Hi,
1. Does Sun IDM 7.1 support SRM 5.0.3?
2. Does Sun IDM 8.1 support SRM 4.1?
I am not able to find this information anywhere. Please assist.
Thanks,
Santoshanand

IDM is used for managing the identities (User). It manages the full cycle of user CREATE -> MODIFY - > DELETE
Role Manager manages the entitlements of the target applications.
Integration of both tools are required because if someone has 3k-5K-10K roles/entitlements then it is very difficult to manage through IDM. So we manage these through Role Manager (OIA). We can also generate reports and do certification on role through Role Manager.
For detailed description, go through OIA docs.

Similar Messages

  • SUN ROLE MANAGER INSTALLATION HASSLE

    I am installing Sun Role Manager 5.0 on Tomcat 6.0.2
    I am facing context initialization error when i deploye rbacx.war filerbacx.log file's content is as shown below. (This log file gets created in log folder of the tomcat server after deployment)
    12:19:34,289 ERROR [ContextLoader] Context initialization failedorg.springframework.beans.factory.BeanCreationException: Error creating bean with name 'certificationEventListener' defined in ServletContext resource [WEB-INF/idc-context.xml]: Cannot resolve reference to bean 'rbacxIDCService' while setting bean property 'rbacxIDCService'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'rbacxIDCService' defined in ServletContext resource [WEB-INF/idc-context.xml]: Cannot resolve reference to bean 'rbacxIDWService' while setting bean property 'rbacxIDWService'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'rbacxIDWService' defined in ServletContext resource [WEB-INF/idw-context.xml]: Cannot resolve reference to bean 'mLRbacxRoleMiningService' while setting bean property 'roleMiningService'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'mLRbacxRoleMiningService' defined in ServletContext resource [WEB-INF/rolemining-context.xml]: Cannot resolve reference to bean 'roleMiningServiceTarget' while setting bean property 'target'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'roleMiningServiceTarget' defined in ServletContext resource [WEB-INF/rolemining-context.xml]: Cannot create inner bean 'mLRbacxRoleMiningServiceImpl' of type [com.vaau.rbacx.rolemining.service.impl.MLRbacxRoleMiningServiceImpl] while setting bean property 'rbacxRoleMiningService'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'mLRbacxRoleMiningServiceImpl' defined in ServletContext resource [WEB-INF/rolemining-context.xml]: Cannot resolve reference to bean 'roleMiningConfigurationManager' while setting bean property 'roleMiningConfigurationManager'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'roleMiningConfigurationManager' defined in ServletContext resource [WEB-INF/rolemining-context.xml]: Error setting property values; nested exception is org.springframework.beans.PropertyBatchUpdateException; nested PropertyAccessExceptions (1) are:
    PropertyAccessException 1: org.springframework.beans.MethodInvocationException: Property 'normalize' threw exception; nested exception is com.thoughtworks.xstream.io.StreamException: : only whitespace content allowed before start tag and not \u0 (position: START_DOCUMENT seen \u0... @1:1)
         at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:275)
         at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:104)
         at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1245)
         at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1010)
         at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:472)
         at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory$1.run(AbstractAutowireCapableBeanFactory.java:409)
         at java.security.AccessController.doPrivileged(Native Method)
         at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:380)
         at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:264)
         at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
         at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:261)
         at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:185)
         at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:164)
         at org.springframework.beans.factory.support.DefaultListableBeanFactory.getBeansOfType(DefaultListableBeanFactory.java:308)
         at org.springframework.context.support.AbstractApplicationContext.getBeansOfType(AbstractApplicationContext.java:947)
         at org.springframework.context.support.AbstractApplicationContext.registerListeners(AbstractApplicationContext.java:701)
         at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:377)
         at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:255)
         at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:199)
         at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:45)
         at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3934)
         at org.apache.catalina.core.StandardContext.start(StandardContext.java:4429)
         at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:791)
         at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:771)
         at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:526)
         at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:850)
         at org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:724)
         at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:493)
         at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1206)
         at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:314)
         at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119)
         at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1053)
         at org.apache.catalina.core.StandardHost.start(StandardHost.java:722)
         at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
         at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
         at org.apache.catalina.core.StandardService.start(StandardService.java:516)
         at org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
         at org.apache.catalina.startup.Catalina.start(Catalina.java:583)
         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
         at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
         at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
         at java.lang.reflect.Method.invoke(Unknown Source)
         at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288)
         at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
    Edited by: chhavi.saluja on Jan 25, 2010 2:35 AM

    is com.thoughtworks.xstream.io.StreamException: : only whitespace content allowed before
    start tag and not \u0 (position: START_DOCUMENT seen \u0... @1:1) Well, looks like one of these xml thingies is broken.

  • Problem installing Sun Role Manager 5.0.3

    Hi All,
    I've set up Sun Role Manager 5.0.3 (The Oracle Identity Analytics branded version)
    I'm using Tomcat 5.5 and Oracle database 11.1.0.6
    The issue occurs during start up. I get a bunch of errors which I'll list below. It looks like a database connectivity problem but I am not exactly sure. I'm pretty sure my jdbc.properties file is correct, except maybe the password.
    Can anyone help work out what exactly is wrong here?
    Cheers,
    Charles
    errors listed:
    Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'quartzSchedulerFactoryBeanTarget' defined in ServletContext resource [WEB-INF/scheduling-context.xml]: Invocation of init method failed; nested exception is org.quartz.SchedulerConfigException: Failure occured during job recovery. [See nested exception: org.quartz.JobPersistenceException: Failed to obtain DB connection from data source 'springNonTxDataSource.quartzSchedulerFactoryBeanTarget': java.sql.SQLException: Connections could not be acquired from the underlying database! [See nested exception: java.sql.SQLException: Connections could not be acquired from the underlying database!]]
    Caused by: org.quartz.SchedulerConfigException: Failure occured during job recovery. [See nested exception: org.quartz.JobPersistenceException: Failed to obtain DB connection from data source 'springNonTxDataSource.quartzSchedulerFactoryBeanTarget': java.sql.SQLException: Connections could not be acquired from the underlying database! [See nested exception: java.sql.SQLException: Connections could not be acquired from the underlying database!]]
    Caused by: org.quartz.JobPersistenceException: Failed to obtain DB connection from data source 'springNonTxDataSource.quartzSchedulerFactoryBeanTarget': java.sql.SQLException: Connections could not be acquired from the underlying database! [See nested exception: java.sql.SQLException: Connections could not be acquired from the underlying database!]
    Caused by: java.sql.SQLException: Connections could not be acquired from the underlying database!
    Caused by: com.mchange.v2.resourcepool.CannotAcquireResourceException: A ResourcePool could not acquire a resource from its primary factory or source.
    Caused by: java.sql.SQLException: Connections could not be acquired from the underlying database!
         at com.mchange.v2.sql.SqlUtils.toSQLException(SqlUtils.java:106)
         at com.mchange.v2.c3p0.impl.C3P0PooledConnectionPool.checkoutPooledConnection(C3P0PooledConnectionPool.java:529)
         at com.mchange.v2.c3p0.impl.AbstractPoolBackedDataSource.getConnection(AbstractPoolBackedDataSource.java:128)
         at org.springframework.scheduling.quartz.LocalDataSourceJobStore$2.getConnection(LocalDataSourceJobStore.java:125)
         at org.quartz.utils.DBConnectionManager.getConnection(DBConnectionManager.java:112)
         at org.quartz.impl.jdbcjobstore.JobStoreCMT.getNonManagedTXConnection(JobStoreCMT.java:164)
         ... 200 more
    Caused by: com.mchange.v2.resourcepool.CannotAcquireResourceException: A ResourcePool could not acquire a resource from its primary factory or source.
         at com.mchange.v2.resourcepool.BasicResourcePool.awaitAvailable(BasicResourcePool.java:1319)
         at com.mchange.v2.resourcepool.BasicResourcePool.prelimCheckoutResource(BasicResourcePool.java:557)
         at com.mchange.v2.resourcepool.BasicResourcePool.checkoutResource(BasicResourcePool.java:477)
         at com.mchange.v2.c3p0.impl.C3P0PooledConnectionPool.checkoutPooledConnection(C3P0PooledConnectionPool.java:525)
         ... 204 more

    Hi,
    Make sure you have the correct URL setup in the jdbc.properties (MSSQL-specific) and make sure the database driver is within the Web-INF/lib folder. Make sure the DB server is running also
    Regards,
    Daniel

  • Need Sun Role Manager 5.0.3  Database Schema

    Hi All,
    Is there any link/document to understand the Sun Role Manager Database Schema? if yes, then please share the link/document.
    Regards,
    Sunny Ajmera

    Hi,
    Look into the Database Admin Guide in the below link
    http://wikis.sun.com/display/Srm503Docs/Database+Administrator%27s+Guide
    Regards,
    JK

  • Sun Role Manager 4.1 – WebLogic server not getting started

    We are using Sun RM 4.1, WebLogic 10.3
    In the recent past we are seeing a strange issue only in our production environment. When we wanted to restart the server, the server doesn’t come up at the first time, it fails will below listed errors, and when started second time it comes up.
    Any help is greatly appreciated!
    Error message:
    User defined listener org.springframework.web.context.ContextLoaderListener failed: java.lang.ClassCastException: java.lang.Class cannot be cast to java.lang.String.
    -AND-
    Unable to set the activation state to true for the application 'rbacx'
    Detailed Log:
    ####<Sep 26, 2011 8:53:19 PM EDT> <Info> <ServletContext-/rbacx> <srmprod> <SRM_MT_SRMPROD_7003> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <> <1317084799663> <BEA-000000> <Initializing Spring root WebApplicationContext>
    ####<Sep 26, 2011 8:53:36 PM EDT> <Warning> <HTTP> <srmprod> <SRM_MT_SRMPROD_7003> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1317084816581> <BEA-101162> <*User defined listener org.springframework.web.context.ContextLoaderListener failed: java.lang.ClassCastException: java.lang.Class cannot be cast to java.lang.String.*
    java.lang.ClassCastException: java.lang.Class cannot be cast to java.lang.String
         at org.springframework.beans.factory.support.AbstractBeanDefinition.getBeanClassName(AbstractBeanDefinition.java:364)
         at org.springframework.beans.factory.support.AbstractBeanDefinition.resolveBeanClass(AbstractBeanDefinition.java:377)
         at org.springframework.beans.factory.support.AbstractBeanFactory.resolveBeanClass(AbstractBeanFactory.java:1135)
         at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.predictBeanType(AbstractAutowireCapableBeanFactory.java:522)
         at org.springframework.beans.factory.support.AbstractBeanFactory.isFactoryBean(AbstractBeanFactory.java:1174)
         at org.springframework.beans.factory.support.AbstractBeanFactory.isFactoryBean(AbstractBeanFactory.java:754)
         at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:422)
         at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:729)
         at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:381)
         at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:255)
         at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:199)
         at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:45)
         at weblogic.servlet.internal.EventsManager$FireContextListenerAction.run(EventsManager.java:465)
         at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
         at weblogic.security.service.SecurityManager.runAs(Unknown Source)
         at weblogic.servlet.internal.EventsManager.notifyContextCreatedEvent(EventsManager.java:175)
         at weblogic.servlet.internal.WebAppServletContext.preloadResources(WebAppServletContext.java:1784)
         at weblogic.servlet.internal.WebAppServletContext.start(WebAppServletContext.java:2999)
         at weblogic.servlet.internal.WebAppModule.startContexts(WebAppModule.java:1371)
         at weblogic.servlet.internal.WebAppModule.start(WebAppModule.java:468)
         at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:204)
         at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:37)
         at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:60)
         at weblogic.application.internal.flow.ScopedModuleDriver.start(ScopedModuleDriver.java:200)
         at weblogic.application.internal.flow.ModuleListenerInvoker.start(ModuleListenerInvoker.java:117)
         at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:204)
         at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:37)
         at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:60)
         at weblogic.application.internal.flow.StartModulesFlow.activate(StartModulesFlow.java:27)
         at weblogic.application.internal.BaseDeployment$2.next(BaseDeployment.java:635)
         at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:37)
         at weblogic.application.internal.BaseDeployment.activate(BaseDeployment.java:212)
         at weblogic.application.internal.SingleModuleDeployment.activate(SingleModuleDeployment.java:16)
         at weblogic.application.internal.DeploymentStateChecker.activate(DeploymentStateChecker.java:162)
         at weblogic.deploy.internal.targetserver.AppContainerInvoker.activate(AppContainerInvoker.java:79)
         at weblogic.deploy.internal.targetserver.BasicDeployment.activate(BasicDeployment.java:184)
         at weblogic.deploy.internal.targetserver.BasicDeployment.activateFromServerLifecycle(BasicDeployment.java:361)
         at weblogic.management.deploy.internal.DeploymentAdapter$1.doActivate(DeploymentAdapter.java:51)
         at weblogic.management.deploy.internal.DeploymentAdapter.activate(DeploymentAdapter.java:196)
         at weblogic.management.deploy.internal.AppTransition$2.transitionApp(AppTransition.java:30)
         at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:233)
         at weblogic.management.deploy.internal.ConfiguredDeployments.activate(ConfiguredDeployments.java:169)
         at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:123)
         at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:173)
         at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:89)
         at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
         at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
         at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
    >
    ####<Sep 26, 2011 8:53:36 PM EDT> <Info> <Deployer> <srmprod> <SRM_MT_SRMPROD_7003> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1317084816585> <BEA-149059> <Module rbacx of application rbacx is transitioning from STATE_ADMIN to STATE_PREPARED on server SRM_MT_SRMPROD_7003.>
    ####<Sep 26, 2011 8:53:36 PM EDT> <Info> <ServletContext-/rbacx> <srmprod> <SRM_MT_SRMPROD_7003> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <> <1317084816589> <BEA-000000> <Closing Spring root WebApplicationContext>
    ####<Sep 26, 2011 8:53:36 PM EDT> <Info> <ServletContext-/rbacx> <srmprod> <SRM_MT_SRMPROD_7003> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <> <1317084816589> <BEA-000000> <Shutting down log4j>
    ####<Sep 26, 2011 8:53:36 PM EDT> <Info> <Deployer> <srmprod> <SRM_MT_SRMPROD_7003> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1317084816611> <BEA-149060> <Module rbacx of application rbacx successfully transitioned from STATE_ADMIN to STATE_PREPARED on server SRM_MT_SRMPROD_7003.>
    ####<Sep 26, 2011 8:53:36 PM EDT> <Error> <Deployer> <srmprod> <SRM_MT_SRMPROD_7003> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1317084816611> <BEA-149231> <*Unable to set the activation state to true for the application 'rbacx'.*
    weblogic.application.ModuleException:
         at weblogic.servlet.internal.WebAppModule.startContexts(WebAppModule.java:1373)
         at weblogic.servlet.internal.WebAppModule.start(WebAppModule.java:468)
         at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:204)
         at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:37)
         at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:60)
         at weblogic.application.internal.flow.ScopedModuleDriver.start(ScopedModuleDriver.java:200)
         at weblogic.application.internal.flow.ModuleListenerInvoker.start(ModuleListenerInvoker.java:117)
         at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:204)
         at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:37)
         at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:60)
         at weblogic.application.internal.flow.StartModulesFlow.activate(StartModulesFlow.java:27)
         at weblogic.application.internal.BaseDeployment$2.next(BaseDeployment.java:635)
         at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:37)
         at weblogic.application.internal.BaseDeployment.activate(BaseDeployment.java:212)
         at weblogic.application.internal.SingleModuleDeployment.activate(SingleModuleDeployment.java:16)
         at weblogic.application.internal.DeploymentStateChecker.activate(DeploymentStateChecker.java:162)
         at weblogic.deploy.internal.targetserver.AppContainerInvoker.activate(AppContainerInvoker.java:79)
         at weblogic.deploy.internal.targetserver.BasicDeployment.activate(BasicDeployment.java:184)
         at weblogic.deploy.internal.targetserver.BasicDeployment.activateFromServerLifecycle(BasicDeployment.java:361)
         at weblogic.management.deploy.internal.DeploymentAdapter$1.doActivate(DeploymentAdapter.java:51)
         at weblogic.management.deploy.internal.DeploymentAdapter.activate(DeploymentAdapter.java:196)
         at weblogic.management.deploy.internal.AppTransition$2.transitionApp(AppTransition.java:30)
         at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:233)
         at weblogic.management.deploy.internal.ConfiguredDeployments.activate(ConfiguredDeployments.java:169)
         at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:123)
         at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:173)
         at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:89)
         at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
         at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
         at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
    java.lang.ClassCastException: java.lang.Class cannot be cast to java.lang.String
         at org.springframework.beans.factory.support.AbstractBeanDefinition.getBeanClassName(AbstractBeanDefinition.java:364)
         at org.springframework.beans.factory.support.AbstractBeanDefinition.resolveBeanClass(AbstractBeanDefinition.java:377)
         at org.springframework.beans.factory.support.AbstractBeanFactory.resolveBeanClass(AbstractBeanFactory.java:1135)
         at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.predictBeanType(AbstractAutowireCapableBeanFactory.java:522)
         at org.springframework.beans.factory.support.AbstractBeanFactory.isFactoryBean(AbstractBeanFactory.java:1174)
         at org.springframework.beans.factory.support.AbstractBeanFactory.isFactoryBean(AbstractBeanFactory.java:754)
         at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:422)
         at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:729)
         at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:381)
         at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:255)
         at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:199)
         at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:45)
         at weblogic.servlet.internal.EventsManager$FireContextListenerAction.run(EventsManager.java:465)
         at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
         at weblogic.security.service.SecurityManager.runAs(Unknown Source)
         at weblogic.servlet.internal.EventsManager.notifyContextCreatedEvent(EventsManager.java:175)
         at weblogic.servlet.internal.WebAppServletContext.preloadResources(WebAppServletContext.java:1784)
         at weblogic.servlet.internal.WebAppServletContext.start(WebAppServletContext.java:2999)
         at weblogic.servlet.internal.WebAppModule.startContexts(WebAppModule.java:1371)
         at weblogic.servlet.internal.WebAppModule.start(WebAppModule.java:468)
         at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:204)
         at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:37)
         at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:60)
         at weblogic.application.internal.flow.ScopedModuleDriver.start(ScopedModuleDriver.java:200)
         at weblogic.application.internal.flow.ModuleListenerInvoker.start(ModuleListenerInvoker.java:117)
         at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:204)
         at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:37)
         at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:60)
         at weblogic.application.internal.flow.StartModulesFlow.activate(StartModulesFlow.java:27)
         at weblogic.application.internal.BaseDeployment$2.next(BaseDeployment.java:635)
         at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:37)
         at weblogic.application.internal.BaseDeployment.activate(BaseDeployment.java:212)
         at weblogic.application.internal.SingleModuleDeployment.activate(SingleModuleDeployment.java:16)
         at weblogic.application.internal.DeploymentStateChecker.activate(DeploymentStateChecker.java:162)
         at weblogic.deploy.internal.targetserver.AppContainerInvoker.activate(AppContainerInvoker.java:79)
         at weblogic.deploy.internal.targetserver.BasicDeployment.activate(BasicDeployment.java:184)
         at weblogic.deploy.internal.targetserver.BasicDeployment.activateFromServerLifecycle(BasicDeployment.java:361)
         at weblogic.management.deploy.internal.DeploymentAdapter$1.doActivate(DeploymentAdapter.java:51)
         at weblogic.management.deploy.internal.DeploymentAdapter.activate(DeploymentAdapter.java:196)
         at weblogic.management.deploy.internal.AppTransition$2.transitionApp(AppTransition.java:30)
         at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:233)
         at weblogic.management.deploy.internal.ConfiguredDeployments.activate(ConfiguredDeployments.java:169)
         at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:123)
         at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:173)
         at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:89)
         at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
         at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
         at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
    >
    ####<Sep 26, 2011 8:53:36 PM EDT> <Info> <Deployer> <srmprod> <SRM_MT_SRMPROD_7003> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1317084816612> <BEA-149059> <Module rbacx of application rbacx is transitioning from STATE_PREPARED to STATE_NEW on server SRM_MT_SRMPROD_7003.>
    ####<Sep 26, 2011 8:53:36 PM EDT> <Info> <Deployer> <srmprod> <SRM_MT_SRMPROD_7003> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1317084816612> <BEA-149060> <Module rbacx of application rbacx successfully transitioned from STATE_PREPARED to STATE_NEW on server SRM_MT_SRMPROD_7003.>

    Thiago, Thanks for your response.
    For your 1st answer - this application is in production for couple of years and we are seeing this error only for past few days. do you still think it might be a deployment issue.
    For your 2nd Ans: this seems to be related to our env. can you give some more details on this as to what exactly needs to be done. sorry I've not worked much on WebLogic.
    Below is the exception stack trace i got from stdout log, please see if you get any clue out of this. this seems to be some class loader issue but i don't know the fix. I have also seen in different forums that this might be a defect in Quartz Scheduler. We are getting a NoClassDefFoundError but the specified class file is in WEB-INF\lib dir, and also the missing class file name in the error is different when each time this error occurs, in the sense, this time the error is com.vaau.rbacx.scheduling.executor.rme.RoleStatusAndMembershipMaintenanceJobExecutor not found and when we restarted the server next time it gives org/springframework/orm/ibatis/SqlMapClientTemplate$10 is not found and so on.
    Exception in thread "QuartzScheduler_Worker-2" java.lang.NoClassDefFoundError: com/vaau/rbacx/scheduling/executor/rme/RoleStatusAndMembershipMaintenanceJobExecutor
         at com.vaau.rbacx.scheduling.manager.providers.quartz.jobs.RoleStatusAndMembershipMaintenanceJob.getJobExecutor(RoleStatusAndMembershipMaintenanceJob.java:16)
         at com.vaau.rbacx.scheduling.manager.providers.quartz.jobs.AbstractQuartzJob.execute(AbstractQuartzJob.java:50)
         at org.quartz.core.JobRunShell.run(JobRunShell.java:203)
         at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:520)
    Caused by: java.lang.ClassNotFoundException: com.vaau.rbacx.scheduling.executor.rme.RoleStatusAndMembershipMaintenanceJobExecutor
         at weblogic.utils.classloaders.GenericClassLoader.findLocalClass(GenericClassLoader.java:283)
         at weblogic.utils.classloaders.GenericClassLoader.findClass(GenericClassLoader.java:256)
         at weblogic.utils.classloaders.ChangeAwareClassLoader.findClass(ChangeAwareClassLoader.java:54)
         at java.lang.ClassLoader.loadClass(ClassLoader.java:306)
         at java.lang.ClassLoader.loadClass(ClassLoader.java:251)
         at weblogic.utils.classloaders.GenericClassLoader.loadClass(GenericClassLoader.java:176)
         at weblogic.utils.classloaders.ChangeAwareClassLoader.loadClass(ChangeAwareClassLoader.java:35)
         at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:319)
         ... 4 more
    Exception in thread "QuartzScheduler_Worker-3" java.lang.NoClassDefFoundError: com/vaau/rbacx/scheduling/executor/workflow/WorkflowSLAJobExecutor
         at com.vaau.rbacx.scheduling.manager.providers.quartz.jobs.WorkflowStepSLAJob.getJobExecutor(WorkflowStepSLAJob.java:17)
         at com.vaau.rbacx.scheduling.manager.providers.quartz.jobs.AbstractQuartzJob.execute(AbstractQuartzJob.java:50)
         at org.quartz.core.JobRunShell.run(JobRunShell.java:203)
         at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:520)
    Caused by: java.lang.ClassNotFoundException: com.vaau.rbacx.scheduling.executor.workflow.WorkflowSLAJobExecutor
         at weblogic.utils.classloaders.GenericClassLoader.findLocalClass(GenericClassLoader.java:283)
         at weblogic.utils.classloaders.GenericClassLoader.findClass(GenericClassLoader.java:256)
         at weblogic.utils.classloaders.ChangeAwareClassLoader.findClass(ChangeAwareClassLoader.java:54)
         at java.lang.ClassLoader.loadClass(ClassLoader.java:306)
         at java.lang.ClassLoader.loadClass(ClassLoader.java:251)
         at weblogic.utils.classloaders.GenericClassLoader.loadClass(GenericClassLoader.java:176)
         at weblogic.utils.classloaders.ChangeAwareClassLoader.loadClass(ChangeAwareClassLoader.java:35)
         at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:319)
         ... 4 more
    Exception in thread "QuartzScheduler_Worker-0" java.lang.NoClassDefFoundError: com/vaau/rbacx/scheduling/executor/workflow/WorkflowSLAJobExecutor
         at com.vaau.rbacx.scheduling.manager.providers.quartz.jobs.WorkflowStepSLAJob.getJobExecutor(WorkflowStepSLAJob.java:17)
         at com.vaau.rbacx.scheduling.manager.providers.quartz.jobs.AbstractQuartzJob.execute(AbstractQuartzJob.java:50)
         at org.quartz.core.JobRunShell.run(JobRunShell.java:203)
         at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:520)
    Exception in thread "QuartzScheduler_Worker-1" java.lang.NoClassDefFoundError: com/vaau/rbacx/scheduling/executor/workflow/WorkflowSLAJobExecutor
         at com.vaau.rbacx.scheduling.manager.providers.quartz.jobs.WorkflowStepSLAJob.getJobExecutor(WorkflowStepSLAJob.java:17)
         at com.vaau.rbacx.scheduling.manager.providers.quartz.jobs.AbstractQuartzJob.execute(AbstractQuartzJob.java:50)
         at org.quartz.core.JobRunShell.run(JobRunShell.java:203)
         at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:520)
    Exception in thread "QuartzScheduler_Worker-4" java.lang.NoClassDefFoundError: com/vaau/rbacx/scheduling/executor/rme/RoleStatusAndMembershipMaintenanceJobExecutor
         at com.vaau.rbacx.scheduling.manager.providers.quartz.jobs.RoleStatusAndMembershipMaintenanceJob.getJobExecutor(RoleStatusAndMembershipMaintenanceJob.java:16)
         at com.vaau.rbacx.scheduling.manager.providers.quartz.jobs.AbstractQuartzJob.execute(AbstractQuartzJob.java:50)
         at org.quartz.core.JobRunShell.run(JobRunShell.java:203)
         at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:520)

  • SUN Role Manager (SRM)(OIA) Oracle Identity Manager (OIM) Data Import Error

    Hi Team,
    Need ur help asap on following,
    I have integrated SRM - OIM and trying to import data. I'm getting following errors:
    ERROR [JBOSSLOGINHANDLER] Error in creating login context
    javax.security.auth.login.LoginException: unable to find LoginModule class: org.jboss.security.ClientLoginModule
    ERROR [ACCOUNTMANAGEMENT] Class/Method: tcUtilityFactory/tcUtilityFactory(Hashtable env, String psUserId, String psPassword) encounter some problems: javax.naming.NoInitialContextException: Cannot instantiate class: org.jnp.interfaces.NamingContextFactory [Root exception is java.lang.ClassNotFoundException: org.jnp.interfaces.NamingContextFactory]
    com.thortech.xl.security.tcLoginException: javax.naming.NoInitialContextException: Cannot instantiate class: org.jnp.interfaces.NamingContextFactory [Root exception is java.lang.ClassNotFoundException: org.jnp.interfaces.NamingContextFactory]
    ERROR [OIMIAMSolution] Error Connecting to OIM Server
    Thor.API.Exceptions.tcAPIException: com.thortech.xl.security.tcLoginException: javax.naming.NoInitialContextException: Cannot instantiate class: org.jnp.interfaces.NamingContextFactory [Root exception is java.lang.ClassNotFoundException: org.jnp.interfaces.NamingContextFactory]
    ERROR [OIMIAMSolution] Error Connecting to OIM Server : : Error Connecting to OIM Server  : com.thortech.xl.security.tcLoginException: javax.naming.NoInitialContextException: Cannot instantiate class: org.jnp.interfaces.NamingContextFactory [Root exception is java.lang.ClassNotFoundException: org.jnp.interfaces.NamingContextFactory]Please let me know solutions, if any.
    Thanks in advance.
    Cheers:
    Amar

    Following is the error in proper format:
    ERROR [JBOSSLOGINHANDLER] Error in creating login context
    javax.security.auth.login.LoginException: unable to find LoginModule class: org.jboss.security.ClientLoginModule
    ERROR [ACCOUNTMANAGEMENT] Class/Method: tcUtilityFactory/tcUtilityFactory(Hashtable env, String psUserId, String psPassword) encounter some problems: javax.naming.NoInitialContextException: Cannot instantiate class: org.jnp.interfaces.NamingContextFactory [Root exception is java.lang.ClassNotFoundException: org.jnp.interfaces.NamingContextFactory]
    com.thortech.xl.security.tcLoginException: javax.naming.NoInitialContextException: Cannot instantiate class: org.jnp.interfaces.NamingContextFactory [Root exception is java.lang.ClassNotFoundException: org.jnp.interfaces.NamingContextFactory]
    ERROR [OIMIAMSolution] Error Connecting to OIM Server
    Thor.API.Exceptions.tcAPIException: com.thortech.xl.security.tcLoginException: javax.naming.NoInitialContextException: Cannot instantiate class: org.jnp.interfaces.NamingContextFactory [Root exception is java.lang.ClassNotFoundException: org.jnp.interfaces.NamingContextFactory]
    ERROR [OIMIAMSolution] Error Connecting to OIM Server : : Error Connecting to OIM Server : com.thortech.xl.security.tcLoginException: javax.naming.NoInitialContextException: Cannot instantiate class: org.jnp.interfaces.NamingContextFactory [Root exception is java.lang.ClassNotFoundException: org.jnp.interfaces.NamingContextFactory]

  • Sun Role Manager v5.0.3 performance tuning on Apache Tomcat server

    hello everyone,
    We currently have SRM v4.1 in production running on Tomcat. This has major performance issues. A single page for app owner certfication takes approx 10 minutes to load. The current version is now being upgraded to 5.0.3 on Tomcat 6. Are there any new features/configurations available in SRM 5.0.3 for better performance (on tomcat)? Has anyone tried optimizing the performance of v5? Any server settings I need to look at? Any pointers will be highly helpful.

    Where's your database for this located? On the same server or another server? It is more likely the database than Glassfish being the weak and slow link here unless badly tuned GC is taking up all the CPU cycles.

  • Deployment and Deployer Role; a question

    Hi All,
    I have a question about the Deployer Role in WLS8.1/WLI8.1. I was playing around
    with this Deployer Role and created a user with it. This is in WLS8.1. what i
    was thinking was that this user (a deployer user) could be able to deploy/undeploy/redeploy
    applications .....which worked fine.....BUT this is what i have found to be incorrect
    since i want this my Deployer user to have the priviledge for deployments ONLY.
    The user that i created can also change JMS, JDBC connection pool settings .........which
    in my case is incorrect.
    can somebody please suggest some workaround for this .....i want my Deployer user
    to do ONLY deployment stuff and not ANYTHING ELSE(like JMS,JDBC stuff or etc).
    -steve

    1. The AM agent can return ldap attributes after authentication. What you can do is use Sun Directory Server Proxy to provide a virtual view of both LDAP and your DB to AM.
    2. Sun Role Manager is a tool for role mining and attestation, ie it helps with compliancy verifications which is required by many businesses these days. Sun Identity Manager does not need Sun Role Manager if you just want to provision roles for your users, however, as it appears to be the case in your envirionment, the roles created by IDM are exported to SRM for compliance verifications.

  • Sun Identity Compliance Manager Questions

    Hi Everyone,
    We are looking for a complete list of supported managed resources for the Sun Identity Compliance Manager (SICM) tool.
    Also we have the following specific questions:
    1.     Does SICM have connectors/adapters to Solaris 8/9/10 and Oracle EBS (as managed resources) to perform access certification of user accounts and associated entitlements/privileges/roles.
    For example: Can SICM be used to analyze/report on the status of current and newly provisioned Solaris unix-level accounts and associated RBAC roles (say) -or- Oracle EBS accounts and associated roles /responsibilities to identify if they have been certified or have any SOD conflicts?
    2.     Can SICM be implemented as a fully functional stand-alone product as opposed to it being integrated with Sun Identity Manager (SIM) ?
    3.     In a scenario where SIM and SICM are integrated, can SIM do a hand-off to SICM for SOD analysis and checking as part of it account provisioning workflows?
    Any insight and/or pointers will be greatly appreciated!
    Thanks in advance and please let me know if there is a more relevant forum to post this question.
    -TS

    I have resolved the problem, the problem is because of the idmmanager attribute. In onsite they are using some other idm 6.0 with some patch, so they are getting the idm manager attribute but in offshore we dont have any patch installed for getting the idm manager attribute. Do you have any idea about how to get the idm manager attribute in the idm 6.0 with some patch? Thanks for your help ya.

  • Integrate IdM roles with Sun Access Manager roles

    Hi all,
    I am currently working on a solution involving Sun Identity Manager 7.1 and Sun Access Manager 7.1 as well. We use AM for overall authentication and SSO across the application, and IdM for user provisioning.
    I need to create roles in Identity Manager, and I would like that when I assign a role to a user in Identity Manager, he gets the same role in my Access Manager repository (Sun LDAP). Identity Manager does provide a way to set attribute values in resources when a role is set. Access Manager on the other hand has both dynamic roles, based on an LDAP search, and static roles.
    What are the important differences between static and dynamic roles in AM?
    Does anybody know a good way to propagate roles from Identity Manager to Access Manager?
    Thanks.

    I found answers to my question. I succeeded in setting the Access Manager role from Identity Manager using the nsRoleDN attribute. Here are some references to begin with:
    About directory server roles:
    http://docs.sun.com/app/docs/doc/820-2493/fvbrn?a=view
    Forum thread reference:
    http://forums.sun.com/thread.jspa?threadID=5208694
    Here are roughly the steps I followed to get this working.
    Access Manager roles setup:
    1. In Access Manager, create a new static role named test_role under the identities realm (in Subjects > Role).
    Identity Manager roles setup:
    1. Create a new role in Identity Manager: tab Roles, click New....
    2. Assign the LDAP resource to synchronize the role with.
    3. On the Assigned Resources line, click the Set Attributes Values button. This shows up the attributes listing allowing you to bind your IdM role to your LDAP repository.
    4. Set the attribute nsRoleDN to the LDAP DN of the role that was created in AM (nsRoleDN must be added in the resource attributes mapping before).
    * In the column Value override, select Text.
    * In the column How to set, select Authoritative merge with value, clear existing. (* See IDM Admin guide about this setting, I am still not sure how it reacts with multi-value attributes)
    * In the text box, enter the role DN text (ex: cn=test_role,dc=com).
    5. Save the role. You can now add the role to a user.

  • Securing web services with Sun Access Manager

    Hi!
    I have gone through some documentation about Sun Access Manager, and I'm a little bit confused.
    What I want is to secure some web services which are deployed on a BEA WebLogic 9.1 server (WLS). Two solutions are possible: To install some kind of plugin into WLS or to place some kind of proxy in front of WLS. In both cases, the purpose would be to authenticate the caller based on some kind of ticket (SAML or similar) and authorize access to the web service.
    I have read about the "Sun Java System Access Manager Policy Agent 2.2 for Weblogic 9.1" (those guys really like long names....), but in this documentation web services aren't mentioned at all. They only seem to care about HTTP requests from a browser.
    I have also read about the Policy Agent 2.2 in the documentation called "Sun Java System Access Manager Policy Agent 2.2 Guide for Sun Java System Application Server 9.0/Web Services" (puh...). This document explicitly talks about securing web services the way I want.
    My questions are:
    1) Is it possible to secure WLS based web services in the same way using the Policy Agent for WLS?
    2) Are there any documentation/tutorials/etc?
    Thanks in advance :-)
    Anders

    what you need is a webservices agent that would enable you to "protect" your webservice provider, which I assume is on a BEA weblogic provider.
    the "Sun Java System Access Manager Policy Agent 2.2 for Weblogic 9.1" is "NOT" awebservices agent, but a normal J2EE policy agent.
    So.. having said that. here's what I'd recommend.
    1. install the webservices agent on bea weblogic. (note: NOT the J2EE policy agent)
    2. configure it to use your access manager instance for authentication.
    3. configure your webservices client to use the webservice provider. (note: you'd need the webservices APi's available on the client too... so the quick dirty method would be to install the webservices agent on your client too....) you can later bundle the webservices client independently and provide your"customers" with a webservices client bundle...
    4. voila... your webservices are not "protected" by acces manager ;-)

  • Error in oim Role creation using Role Manager Service API from Standalone Java client

    Hi,
      Facing the following error when trying to create Role using Role Manager Service API from a standalone java client .
    Tried with the solution of changing ,
    Login into the Web Logic Admin Console --> Servers --> OIM Server --> Protocols --> Modify the Maximum Message from 100000000 to 1000000000, but still the problem persists.
    Exception in thread "main" org.omg.CORBA.BAD_PARAM:   vmcid: 0x0  minor code: 0  completed: No
    at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
    at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
    at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
    at java.lang.reflect.Constructor.newInstance(Unknown Source)
    at java.lang.Class.newInstance0(Unknown Source)
    at java.lang.Class.newInstance(Unknown Source)
    at com.sun.corba.se.impl.protocol.giopmsgheaders.MessageBase.getSystemException(Unknown Source)
    at com.sun.corba.se.impl.protocol.giopmsgheaders.ReplyMessage_1_2.getSystemException(Unknown Source)
    at com.sun.corba.se.impl.protocol.CorbaMessageMediatorImpl.getSystemExceptionReply(Unknown Source)
    at com.sun.corba.se.impl.protocol.CorbaClientRequestDispatcherImpl.processResponse(Unknown Source)
    at com.sun.corba.se.impl.protocol.CorbaClientRequestDispatcherImpl.marshalingComplete(Unknown Source)
    at com.sun.corba.se.impl.protocol.CorbaClientDelegateImpl.invoke(Unknown Source)
    at org.omg.CORBA.portable.ObjectImpl._invoke(Unknown Source)
    at com.sun.org.omg.SendingContext._CodeBaseStub.meta(Unknown Source)
    at com.sun.corba.se.impl.encoding.CachedCodeBase.meta(Unknown Source)
    at com.sun.corba.se.impl.io.IIOPInputStream.getOrderedDescriptions(Unknown Source)
    at com.sun.corba.se.impl.io.IIOPInputStream.inputObjectUsingFVD(Unknown Source)
    at com.sun.corba.se.impl.io.IIOPInputStream.simpleReadObject(Unknown Source)
    at com.sun.corba.se.impl.io.ValueHandlerImpl.readValueInternal(Unknown Source)
    at com.sun.corba.se.impl.io.ValueHandlerImpl.readValue(Unknown Source)
    at com.sun.corba.se.impl.encoding.CDRInputStream_1_0.read_value(Unknown Source)
    at com.sun.corba.se.impl.encoding.CDRInputStream.read_value(Unknown Source)
    at oracle.iam.identity.rolemgmt.api._RoleManager_ogut7n_RoleManagerRemoteRIntf_Stub.createx(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
    at java.lang.reflect.Method.invoke(Unknown Source)
    at weblogic.ejb.container.internal.RemoteBusinessIntfProxy.invoke(RemoteBusinessIntfProxy.java:85)
    at $Proxy2.createx(Unknown Source)
    at oracle.iam.identity.rolemgmt.api.RoleManagerDelegate.create(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
    at java.lang.reflect.Method.invoke(Unknown Source)
    at Thor.API.Base.SecurityInvocationHandler$1.run(SecurityInvocationHandler.java:68)
    at weblogic.security.subject.SubjectProxy.doAs(SubjectProxy.java:64)
    at weblogic.security.subject.SubjectManager.runAs(SubjectManager.java:262)
    at weblogic.security.Security.runAs(Security.java:48)
    at Thor.API.Security.LoginHandler.weblogicLoginSession.runAs(weblogicLoginSession.java:52)
    at Thor.API.Base.SecurityInvocationHandler.invoke(SecurityInvocationHandler.java:79)
    at $Proxy3.create(Unknown Source)
    at com.idm.role.CreateRole.createRole(CreateRole.java:113)
    at com.idm.role.CreateRole.main(CreateRole.java:167)
    Thanks In Advance

    Hi , I have used OIM 11g  R2.
    Please find below the code we have used,
    package com.idm.role;
    import java.util.HashMap;
    import java.util.HashSet;
    import java.util.Hashtable;
    import java.util.Iterator;
    import java.util.Set;
    import java.util.logging.Logger;
    import javax.security.auth.login.LoginException;
    import oracle.iam.identity.exception.NoSuchRoleException;
    import oracle.iam.identity.exception.RoleAlreadyExistsException;
    import oracle.iam.identity.exception.RoleCreateException;
    import oracle.iam.identity.exception.RoleLookupException;
    import oracle.iam.identity.exception.RoleModifyException;
    import oracle.iam.identity.exception.SearchKeyNotUniqueException;
    import oracle.iam.identity.exception.ValidationFailedException;
    import oracle.iam.identity.rolemgmt.api.RoleManager;
    import oracle.iam.identity.rolemgmt.api.RoleManagerConstants;
    import oracle.iam.identity.rolemgmt.vo.Role;
    import oracle.iam.platform.OIMClient;
    import oracle.iam.platform.authz.exception.AccessDeniedException;
    public class CreateRole {
    private final static Logger LOGGER = Logger.getLogger(CreateRole.class .getName());
    OIMClient oimClient = null;
    public OIMClient connectToOIM() {
      LOGGER.info("In connectToOIM ");
      Hashtable env = new Hashtable();
      env.put(OIMClient.JAVA_NAMING_FACTORY_INITIAL,
        "weblogic.jndi.WLInitialContextFactory");
      env.put(OIMClient.JAVA_NAMING_PROVIDER_URL,
        "t3://V-hydidm1.itig.co.in:14000");
      System.setProperty("java.security.auth.login.config",
        "F:\\Projects\\IDM\\Team\\Env_setup\\OIM_Setup\\designconsole\\config\\authwl.conf");
      System.setProperty("java.security.policy",
        "F:\\Projects\\IDM\\Team\\Env_setup\\OIM_Setup\\designconsole\\config\\xl.policy");
      System.setProperty("OIM.AppServerType", "wls");
      System.setProperty("APPSERVER_TYPE", "wls");
      System.setProperty("weblogic.Name", "oim_server1");
      oimClient = new OIMClient(env);
      try {
       oimClient.login("xelsysadm", "Passw0rd".toCharArray());
      } catch (LoginException e) {
       e.printStackTrace();
      System.out.println("Connected");
      return oimClient;
    public void readRoleMetadata() {
      LOGGER.info("in readRoleMetadata ");
      RoleManager roleManagerService = oimClient
        .getService(RoleManager.class);
      try {
       Role roleVo = roleManagerService.getDetails(
         RoleManagerConstants.ROLE_DISPLAY_NAME, "API Role1", null);
       Set attributeNameSet = roleVo.getAttributeNames();
       Iterator it = attributeNameSet.iterator();
       while (it.hasNext()) {
        System.out.println("Attribute Name :: " + it.next());
       // roleVo.setAttribute("ADentitlements", "Security Admin access");
       String adEntitlements = "" + roleVo.getAttribute("ADentitlements");
       System.out.println("AD Entitlements :: " + adEntitlements);
       System.out.println("DB Entitlements :: " + ""
         + roleVo.getAttribute("DBEntitlements"));
       System.out.println("Unix Entitlements :: " + ""
         + roleVo.getAttribute("UnixWindows"));
       System.out.println("VPN :: " + "" + roleVo.getAttribute("VPN"));
      } catch (SearchKeyNotUniqueException e) {
       e.printStackTrace();
      } catch (NoSuchRoleException e) {
       e.printStackTrace();
      } catch (RoleLookupException e) {
       e.printStackTrace();
      } catch (AccessDeniedException e) {
       e.printStackTrace();
    public void createRole() {
      LOGGER.info(" in Create role ");
      RoleManager roleManagerService = oimClient
        .getService(RoleManager.class);
      HashMap<String, Object> roleCreationAttrMap = new HashMap<String, Object>();
      roleCreationAttrMap.put(RoleManagerConstants.ROLE_NAME, "API Role1");
      roleCreationAttrMap.put(RoleManagerConstants.ROLE_DESCRIPTION,
        "This Role is created using API Role1");
      roleCreationAttrMap.put(RoleManagerConstants.ROLE_DISPLAY_NAME,
        "API Role1");
      roleCreationAttrMap.put("ADentitlements", "API Role1 AD Entitlements");
      roleCreationAttrMap.put("DBEntitlements", "API Role1 DB Entitlements");
      roleCreationAttrMap.put("VPN", "No");
      roleCreationAttrMap.put("UnixWindows", "API Role1 Unix Entitlements");
      Role roleVo = new Role(roleCreationAttrMap);
      try {
       System.out.println(" Before Create role *********************************************");
       roleManagerService.create(roleVo);
       System.out.println("Role Created .. ");
      } catch (ValidationFailedException e) {
       e.printStackTrace();
      } catch (RoleAlreadyExistsException e) {
       e.printStackTrace();
      } catch (RoleCreateException e) {
       e.printStackTrace();
      } catch (AccessDeniedException e) {
       e.printStackTrace();
    public void modifyRole() {
      LOGGER.info(" in modifyRole ");
      RoleManager roleManagerService = oimClient
        .getService(RoleManager.class);
      Role roleVo;
      try {
       roleVo = roleManagerService.getDetails(
         RoleManagerConstants.ROLE_DISPLAY_NAME, "API Role1", null);
       String roleKey = roleVo.getEntityId();
       HashMap<String, Object> roleCreationAttrMap = new HashMap<String, Object>();
       roleCreationAttrMap.put("ADentitlements",
         "Updated API Role1 AD Entitlements");
       Set roleKeySet = new HashSet<String>();
       roleKeySet.add(roleKey);
       Role roleVoNew = new Role(roleCreationAttrMap);
       roleManagerService.modify(roleKeySet, roleVoNew);
       System.out.println("Role Modified ..");
      } catch (SearchKeyNotUniqueException e) {
       e.printStackTrace();
      } catch (NoSuchRoleException e) {
       e.printStackTrace();
      } catch (RoleLookupException e) {
       e.printStackTrace();
      } catch (AccessDeniedException e) {
       e.printStackTrace();
      } catch (ValidationFailedException e) {
       e.printStackTrace();
      } catch (RoleModifyException e) {
       e.printStackTrace();
    public static void main(String args[]) {
      CreateRole miscObj = new CreateRole();
      miscObj.connectToOIM();
      miscObj.createRole();
      //miscObj.readRoleMetadata();
    Thanks In Advance .

  • GRC AC 10.0  Risk Analysis -Risk Terminator Vs BRM-Role Management

    Hi All,
    After having seen the configuration for Risk Analysis- Risk Terminator and Role Management , I observed that there is very little difference  for eg parameters 1085 and 3011 ,3014 .  If we configure all three parameters to TRUE which one would take effect ?Can anyone let us know under what circumstances we must configure RT and Role Management . BRM to has a whole lot of new features which supercede RT. 
    Best Regards,
    Vishal

    Hi Vishal,
    The parameters will be invoked in different scenarios. 1085 is specific to when roles are generated in the SAP Backend system using risk terminator and therefore this will have no impact if you are using BRM to generate the roles.
    3011 & 3014 are specific to BRM and govern different behaviours. 3011 will facilitate the risk analysis prior to triggering the generation steps in the methodology and 3014 will allow the roles to be generated despite any permission risks that are returned.
    They are not exclusive and actually work together. For instance, you may want to have a block on generation of roles when there are open conflicts identified and therefore you should have 3011 set to YES and 3014 set to NO. If both are set to YES, then you could propagate conflicts in the roles.
    You can use Risk Terminator if you wish to continue to develop roles within the SAP system itself rather than to rely on the GRC BRM system wholly.
    There are still wide discussions and differing opinions about which represents the best approach for this and so it depends on your organisation as to which process you follow.
    The parameter descriptions in question are:  
    1085 - Stop Role Generation if violations exist
    3011 - Conduct Risk Analysis before Role Generation
    3014 - Allow role generation with Permission Level violations
    Regards, Simon

  • Recover Sun Download Manager SDMWorkQueue.properties file

    First I downloaded and installed sdm-1_2-windows-i586.exe file (the Sun Download Manager ) and then tried to use it to download the jdk-1_5_0_04-windows-i586-p.exe file. After a few hours I paused the download and then had trouble exiting the Download Manager.
    Later when I tried to restart the Download Manager, it would exit immediately. The only way I could get it to stay up was to rename C:\Documents and Settings\<...>\.SunDownloadManager\SDMWorkQueue.properties file. So I assume that this file was not saved properly when I had trouble exiting the Download Manager.
    Is there someone at Sun that can help me recover SDMWorkQueue.properties file?

    Thanks for your interest in Sun Download Manager. However, I must point out that SDM is NOT an open source product and is covered by a restrictive license agreement. You accepted the agreement when you installed SDM, and you may also see a copy of it in the SDM directory on your system. The file name is SDMTranslatedLicense.html. This license does not grant the right to use SDM in the manner you are proposing, so please do not proceed further.
    I believe there are a number of open source download managers available and would suggest you do a bit of research and use one of those instead. That will also have the advantage of a community around the project that can hopefully help you get set up and answer any questions you run into.
    If you have further questions or would like to discuss options further, we'd be happy to advise. Please send an email to sdm-support AT sun DOT com. Thank you.

  • Sun Update Manager Entitlement Permissions

    I recently ran "smpatch analyze" and "smpatch update" on a W1100z workstation running Solaris 10 (x86) [03/05]. Five patches were loaded including 119103-03 which upgraded Patch Manager to Update Manager.
    Now, it is my understanding that without a Service Plan, I am entitled to the Security Updates, but that's it (Recommended Updates require a service plan???). That seems OK to me, but if this is the case, what happens when a Securtiy Update depends on s Recommended Update?
    Update Manager shows a list of 8 new available updates this morning - 5 of them are securiy updates that all seem to rely on Recommended Update 119684-01. However, when I try to install 119684-01, I am given the following warning:
    Failed Installation - update specified does not have entitlement permissions
    Not sure if something else is going on or if this is due to the fact that I do not have a service plan and only require the security updates - however, it doesn't make much sense to release security updates for free if the recommended update it relies on is not also available.
    I like the fact that Sun is trying to ease patch management, but I really question the need of a service plan to keep the systems up-to-date.
    Am I missing something or do I have to forget about all these Security Updates unless I subscribe to a Service Plan
    JB

    From Sun's Website describing Update Manager:
    http://www.sun.com/service/sunupdate/gettingstarted.html
    "Customers who have not purchased a valid Sun Service Plan can use the Sun Update Manager software to access security fixes and device drivers."
    This applies to my situation. I have not subscribed to a Service Plan and really see no need to if what is described above is true - I would assume the "security fixes" refer to patches of Type=Security. However, this tool is useless if I am not allowed to also install patches of Type=Recommended that the Security Patches depend on.
    I can understand Sun wanting users to pay for the Recommended Patches, but if a Security Patch depends on a Recommend Patch, that Recommended Patch should probably also be labelled as a Security Fix.
    JB

Maybe you are looking for

  • IIS7 with jrun4 on windows server2008(64 bit)

    Hi, I have windows server 2008(64 bit) with jrun4 updater 7 installed. I want to use IIS 7 with these. when i launch webServer configuration to add iis,foll happens: 1.i get a window with values:host:localhost , server:default , webserver:iis IIS web

  • On iCloud I have Item called JishoPlus. What is it?

    It's not a big file 11k, but it has a blank icon and was not there before. It's appeared on my iCloud list of backup items and it's on both my iPhone and iPad. Could be part of an App? But I don't have an App called JishoPlus or anything like. Anyone

  • Lower than expected speeds due to high SNR

    Hi, my connection was activated nearly 2 weeks ago. Current router stats are; Line state Connected Connection time 1 day, 14:29:00 Downstream 1,728 Kbps Upstream 448 Kbps ADSL settings VPI/VCI 0/38 Type PPPoA Modulation ITU-T G.992.1 Latency type Int

  • How can I move menus etc to side of screen?

    I'm working on a laptop with Vista and a fairly wide screen, 1366 x 768 pixels. Most websites don't use the full width of the screen, but the height of web page viewable is limited by the various toolbars on top - tabs, navigation, menu and bookmarks

  • Having Trouble Opening Catalog

    I recently subscribed to the Adobe Creative Cloud.  When the new LightRoom CC was announced, I upgraded to that from my older LR 4.  Now I am having trouble opening the LR Catalog.  The box that pops up says it is note writable and cannot be opened.