Configuring Existing WebLogic Domains 6-7
WLST cannot invoke this command from the edit hierarchy, but it can invoke the command from the serverConfig or domainConfig hierarchy.
The following WLST online script invokes createUser on the default authentication provider.
Example 6–6 Creating a User
from weblogic.management.security.authentication import UserEditorMBean print Creating a user ...
atnr=cmo.getSecurityConfiguration.getDefaultRealm.lookupAuthentication ProviderDefaultAuthenticator
atnr.createUsernew_user,welcome1,new_admin print Created user successfully
6.3.3 Adding a User to a Group
To add a user to a group, invoke the GroupEditorMBean.addMemberToGroup method, which is extended by the security realms AuthenticationProvider
MBean. For more information, see the addMemberToGroup method in the Oracle WebLogic Server MBean Reference.
The method requires two input parameters: groupname username
WLST cannot invoke this command from the edit hierarchy, but it can invoke the command from the serverConfig or domainConfig hierarchy.
The following WLST online script invokes addMemberToGroup on the default Authentication Provider. For information on how to run this script, see
Section 2.4.1, Invoking WLST
.
Example 6–7 Adding a User to a Group
from weblogic.management.security.authentication import GroupEditorMBean print Adding a user ...
atnr=cmo.getSecurityConfiguration.getDefaultRealm.lookupAuthenticationProvider DefaultAuthenticator
atnr.addMemberToGroupAdministrators,my_user print Done adding a user
6.3.4 Verifying Whether a User Is a Member of a Group
To verify whether a user is a member of a group, invoke the GroupEditorMBean.isMember method, which is extended by the security realms
AuthenticationProvider MBean. For more information, see the isMember method in the Oracle WebLogic Server MBean Reference.
The method requires three input parameters: groupname username boolean
where boolean specifies whether the command searches within child groups. If you specify true, the command returns true if the member belongs to the group that you
specify or to any of the groups contained within that group.
WLST cannot invoke this command from the edit hierarchy, but it can invoke the command from the serverConfig or domainConfig hierarchy.
6-8 Oracle Fusion Middleware Oracle WebLogic Scripting Tool
The following WLST online script invokes isMember on the default Authentication Provider. For information on how to run this script, see
Section 2.4.1, Invoking WLST
.
Example 6–8 Verifying Whether a User is a Member of a Group
from weblogic.management.security.authentication import GroupEditorMBean user = my_user
print Checking if +user+ is a Member of a group ... atnr=cmo.getSecurityConfiguration.getDefaultRealm.lookupAuthenticationProvider
DefaultAuthenticator if atnr.isMemberAdministrators,user,true == 0:
print user+ is not member of Administrators else:
print user+ is a member of Administrators
6.3.5 Listing Groups to Which a User Belongs