Creating Users and Groups Using Oracle Internet Directory
19.8.3 Seeding Application Roles using WLST Scripts
For instructions on using the WebLogic Scripting Tool WLST to seed application roles, see Chapter 4, Infrastructure Security Custom WLST Commands of Oracle Fusion Middleware WebLogic Scripting Tool Command Reference.19.8.4 Managing Application Roles in Oracle Enterprise Manager Fusion Middleware Control
This section describes how to manage application roles in Oracle Enterprise Manager Fusion Middleware Control. To manage application roles in Oracle Enterprise Manager Fusion Middleware Control:1. In the navigator, select the appropriate Oracle WebLogic Server under WebLogic
Domain Farm_Domain_name. 2. Right-click the domain name, and select Security Application Roles. 3. Create an application role by performing the following steps:a. Select the Create option in the Application Roles page.
The Create Application Role page appears.b. In the Application list, select the application name server_namesoa-infra
under which to create a role.c. Enter the role name, display name, and description for the application role.
d. Add members by selecting Add Role in the Roles section and Add User in the
Users section. e. Click OK to create the application role.4. Edit application roles by performing the following steps:
a. In the Select Application Name to Search list of the Search section of the
Application Roles page, select an appropriate application for example, soa_ server1soa-infra .b. To the right of the Role Name list, click the Search icon.
This action lists all the application roles created for that application.c. Select the application role to edit for example, select SOADesigner.
d. Click Edit.
The Edit Application Role page appears.e. Add application roles and groups in the Roles section and users in the Users
section for example, assign SOADesigner to a user to which to provide access to Oracle SOA Composer. The user must be defined in the Oracle WebLogic Server realm. Note: Follow these steps if you want to provide nonadministrators with access to Oracle SOA Composer. This is accomplished by assigning the SOADesigner role to users or groups on the Edit Application Role page. The users must exist in the Oracle WebLogic Server realm. 19-28 Oracle Fusion Middleware Administrators Guide for Oracle SOA Suite and Oracle BPM Suitef. Click OK.
5. Delete application roles by performing the following steps:a. In the Select Application Name to Search list of the Search section of the
Application Roles page, select an appropriate application.b. To the right of the Role Name list, click the Search icon.
This action lists all the application roles created for that application. c. Select the application role to delete.d. Click the Delete button to delete the application role.
e. Click Yes in the Confirmation dialog.
19.9 Enabling Case Agnostic Group Names in Human Tasks
By default, only user names in human tasks are case agnostic case insensitive. This behavior is controlled by the value of the caseSensitive property in the System MBeans Browser for users, which is set to false by default. Group names in human tasks must be identical to what is seeded in the user directory. However, if you also want group names in human tasks to be case agnostic, you must set the caseSensitiveGroups property to false. To enable case agnostic behavior for group names in human tasks:1. Right-click soa-infra, and select Administration System Mbean Browser.
The System MBean Browser is displayed on the right side of the page.2. Expand Application Defined MBeans oracle.as.soainfra.config Server:
server_name WorkflowIdentityConfig human-workflow WorkflowIdentityConfig.PropertyType caseSensitiveGroups.3. Click the Operations tab.
4. Click setValue.
5. In the Value field, enter false.
6. Click Invoke.
19.10 Configuring Security Policies for Human Workflow Web Services
A policy set, which can contain multiple policy references, enables you to attach policies globally to a range of endpoints of the same type. Attaching policies globally using policy sets enables you to ensure that all subjects are secured in situations in which multiple users, such as a developer, assembler, or deployer, did not explicitly specify the policies to attach. Policies that are attached using a policy set are considered externally attached. For example, if the developer did not specify policies in annotations or include policy references in deployment descriptors, then the deployer must attach them or risk a potential security risk. By attaching policies globally to a set of subjects by type, the administrator can ensure that all subjects are secured by default independent of, and even before, deployment. For example, the administrator can define a policy set that attaches a security policy to all web service endpoints in a domain. In this case, any new services added to the domain automatically inherit the security configuration defined in the policy set. Configuring Human Workflow Service Components and Engines 19-29 For more information about attaching policies globally using policy sets, see Oracle Fusion Middleware Security and Administrators Guide for Web Services. 19-30 Oracle Fusion Middleware Administrators Guide for Oracle SOA Suite and Oracle BPM Suite 20 Monitoring Human Workflow Service Components and Engines 20-1 20 Monitoring Human Workflow Service Components and Engines This chapter describes how to monitor human task service components and the human workflow service engine. This chapter includes the following topics: ■ Section 20.1, Monitoring Human Task Service Component Instances and Faults ■ Section 20.2, Viewing the Status of Human Workflow Tasks ■ Section 20.3, Monitoring Human Task Service Component Instances ■ Section 20.4, Monitoring Human Workflow Service Engine Instances and Faults ■ Section 20.5, Monitoring Human Workflow Service Engine Active Requests and Operation Statistics ■ Section 20.6, Monitoring Human Workflow Service Engine Instances ■ Section 20.7, Monitoring Deployed Human Workflows in the Service Engine For more information, see the following sections: ■ Section 1.2.4, Introduction to Service Components and Service Component Instances ■ Section 1.2.6, Introduction to Service Engines20.1 Monitoring Human Task Service Component Instances and Faults
You can monitor recent instances and faults for human task service components. Each service component in a SOA composite application has its own instance ID. These IDs are different from the overall instance ID of the SOA composite application of which each service component is a part. To monitor human task service component instances and faults: 1. Access this page through one of the following options: From the SOA Infrastructure Menu... From the SOA Folder in the Navigator... 1. Select Home. 2. Select the Deployed Composites tab. 3. In the Composite section, select a specific SOA composite application. 1. Under soa-infra, select a specific SOA composite application. 20-2 Oracle Fusion Middleware Administrators Guide for Oracle SOA Suite and Oracle BPM Suite2. Select the human task service component in the Component Metrics table.
The upper part of the Dashboard page displays the following details: ■ Recent instances of the human task service component, including the instance ID of the service component, the state of the instance for example, completed or running, the instance start time, the last modification time, and links to log files describing the instances. ■ Recent faults in the human task service component, including the error message, whether the fault is recoverable, the time at which the fault occurred, the instance ID of the human task service component, and links to log files describing the faults.3. In the Recent Instances section, perform the following tasks:
a. In the Instance ID column, click an instance ID for a service component to
monitor the current status of a task on which approval actions are being taken.b. In the Logs column, click a specific log to access the Log Messages page with
filtered messages specific to that instance.c. Click Show All below the section to access the Instances page of the service
component.4. In the Recent Faults section, perform the following tasks:
a. In the Error Message column, click an error message to display complete
information about the fault. If the fault is identified as recoverable, click the Recover Now link to perform fault recovery.b. In the Recovery column, click a fault identified as Recoverable to perform
fault recovery at the component instance level.c. In the Logs column, click a specific log to access the Log Messages page with
filtered messages specific to that instance.d. Click Show All below the section to access the Faults page of the service
component.Parts
» Oracle Fusion Middleware Online Documentation Library
» Introduction to the SOA Infrastructure Application
» Introduction to SOA Composite Applications
» Introduction to SOA Composite Application Instances
» Introduction to Service Components and Service Component Instances
» Introduction to Binding Components
» Introduction to Service Engines
» Introduction to the Service Infrastructure
» Introduction to the Contents of SOA Composite Applications
» What Is Oracle Fusion Middleware? What Is Oracle Business Process Management Suite?
» Introduction to the Order of Precedence for Audit Level Settings
» Monitoring of Oracle SOA Suite and Oracle BPM Suite
» Introduction to Fault Recovery
» Introduction to How Policies are Executed Policies are executed before a message
» Introduction to the Lifecycle State of SOA Composite Applications
» Administration for Application Developers
» Logging In to Oracle Enterprise Manager Fusion Middleware Control
» Navigating Through the SOA Infrastructure Home Page and Menu
» Navigating Through the SOA Composite Application Home Page and Menu
» Navigating Through the Partition Home Page and Menu Navigating to Deployed Java EE Applications
» Logging Out of Oracle Enterprise Manager Fusion Middleware Control
» Disabling Instance and Fault Count Metrics Retrieval with the System MBean Browser
» Waiting for SOA Infrastructure Startup Initialization to Complete
» Changing the SOA Infrastructure Server URL Property Port
» Configuring Log Files Oracle Fusion Middleware Online Documentation Library
» Configuring the Logging File Encoding Property
» Specifying a Nondefault XA Transaction Timeout Value for XA Data Sources
» Monitoring SOA Infrastructure Recent Instances and Faults
» Redeploying Applications Oracle Fusion Middleware Online Documentation Library
» Undeploying Applications Oracle Fusion Middleware Online Documentation Library
» Introduction to Securing SOA Composite Applications
» Configuring Oracle HTTP Server with Oracle BPM Worklist
» Setting up SAML Message-Protected Policy Configuration for the SOA Infrastructure
» Automatically Authenticating Oracle BPM Worklist Users in SAML SSO Environments
» In the Oracle WebLogic Server Administration Console, select Security
» Select the Providers tab, and then the Authentication subtab.
» From the provider list, select the provider with the description SAML 2.0
» Scroll down the page until you see the field Redirect URIs.
» Configuring SOA Composite Applications for Two-Way SSL Communication
» From the SOA Infrastructure menu, select SOA Administration Common
» At the bottom of the page, click More SOA Infra Advanced Configuration
» Click KeystoreLocation. Oracle Fusion Middleware Online Documentation Library
» In the Value column, enter the keystore location.
» Click Apply. Oracle Fusion Middleware Online Documentation Library
» Invoking References in One-Way SSL Environments in Oracle JDeveloper
» Configuring Oracle HTTP Server for SSL Communication
» Configuring Certificates for Oracle Client, Oracle HTTP Server, and Oracle WebLogic Server
» Configuring SSL Between SOA Composite Application Instances and Oracle WebCache
» Using a Custom Trust Store for One-Way SSL During Design Time
» Configuring Security for Human Workflow WSDL Files
» Monitoring SOA Composite Application Recent Instances and Faults
» Specifying RPCLiteral-Style WSDL Files on the Test Page
» Managing the State of All Applications at the SOA Infrastructure Level
» Managing the State of an Application from the SOA Composite Application Home Page
» Starting and Stopping a Managed Oracle WebLogic Server
» Monitoring and Deleting SOA Composite Application Instances from the Application Home Page
» In the Instance ID column, click a specific instance ID to show the message
» In the State column, if an instance state is marked as Unknown, click it to
» Recovering from SOA Composite Application Faults at the SOA Infrastructure Level
» From the View list, select Columns Fault ID to display the fault IDs for each
» In the Composite column, click a specific SOA composite application to access
» In the Fault Location column, click a specific location to access the faults page
» In the Composite Instance ID column, click a specific ID to access the flow
» Example: Single Fault Recovery for BPEL Processes
» Example: Bulk Fault Recovery for BPEL Processes
» Example: Single Fault Recovery for BPMN Processes
» Example: Single Fault Recovery for Oracle Mediator
» Recovering from SOA Composite Application Faults in the Application Home Page
» Automating the Testing of SOA Composite Applications
» WS-RM Sessions Policy Attachments and Local Optimization in Composite-to-Composite Invocations
» Exporting a Running SOA Composite Application
» Creating and Deleting Partitions
» In the Name field, enter a partition name, and click Create.
» Performing Bulk Lifecycle Management Tasks on Composites in Partitions
» Deleting Large Numbers of Instances with the Purge Script
» Referential Integrity and Equipartioning
» Introduction to Partition Key Selection
» Developing a Purging and Partitioning Methodology
» delete_instances Procedure Looped Purge Script
» Purge States Deleting Large Numbers of Instances with the Purge Scripts
» Configuring Partitions Introduction to the Verification Scripts
» Component Tables Partitioning Component Tables
» Executing the Verification Scripts
» Verifying and Dropping Partitions
» Partial Partitioning of Components
» Retrieving the State of a Composite Finding Composite and Component Instances
» Configuring Automatic Recovery Attempts for Invoke and Callback Messages
» Setting the Audit Level at the BPEL Process Service Component Level
» Monitoring BPEL Process Service Component Instances and Faults
» Monitoring BPEL Process Service Component Instances
» Behavior of Activity Sensors in Compensate and CompensateScope Activities in BPEL 2.0
» Monitoring BPEL Process Service Engine Instances
» In the Instance ID column, click an instance ID for a service component to
» In the Component column, click a specific service component to access its
» In the Logs column, click a specific log to access the Log Messages page with
» Monitoring Deployed BPEL Processes in the Service Engine
» Recovering from BPEL Process Service Component Faults
» Click the Show only recoverable faults checkbox to display only faults from
» From the Fault Type list, select to display all faults, system faults, business
» Recovering from BPEL Process Service Engine Faults
» Configuring Oracle Mediator Service Engine Properties
» Configuring Resequenced Messages Oracle Fusion Middleware Online Documentation Library
» Monitoring Oracle Mediator Service Component Instances and Faults
» In the Instance ID column, click an instance ID to view its instance details,
» Introductions to the Sections of the Dashboard Page
» Monitoring Oracle Mediator Instance Information
» Monitoring Oracle Mediator Faults
» Dashboard Page Instances Page Faults Page
» Mediator Resequencing Group Dialog
» Monitoring Resequenced Messages from the Mediator Instance Dialog
» Managing Oracle Mediator Faults
» Managing Oracle Mediator Policies
» Deleting Cross-Reference Values Oracle Fusion Middleware Online Documentation Library
» Monitoring Business Rules Service Engine Instances and Faults
» Monitoring Business Rules Service Engine Statistics
» Monitoring Business Rules Service Engine Instances
» Tracing Rule Execution at the Development Audit Level
» Tracing Rule Execution at the Production Audit Level
» Viewing Decision Service Component Logs
» Setting the Diagnostic Logging Level with a Log Configuration
» Configuring Human Workflow Notification Properties
» Configuring Human Workflow Task Service Properties
» Pluggable Notification Service Implementation Pluggable Notification Service Registration
» Configuring Oracle HTTP Server for Task Form Attachments Configuring Multiple Send Addresses
» Adding an Authentication Provider
» Creating Users and Groups Using WebLogic Console
» Creating Users and Groups Using Oracle Internet Directory
» Configuring the Directory Service
» Changing the Default Password in the Embedded LDAP Server
» Click Edit. Add application roles and groups in the Roles section and users in the Users
» Configuring Security Policies for Human Workflow Web Services
» Monitoring Human Task Service Component Instances and Faults
» Viewing the Status of Human Workflow Tasks
» Monitoring Human Task Service Component Instances
» Monitoring Human Workflow Service Engine Instances and Faults
» Click Show All below the section to access the Instances page of the service
» In the Name column, click a specific service component to access its home
» In the Composite columns, click a specific SOA composite application to
» Click Show All below the section to access the Deployed Components page of
» Monitoring Human Workflow Service Engine Active Requests and Operation Statistics
» Monitoring Deployed Human Workflows in the Service Engine
» Managing Human Task Service Component Policies
» Recovering from Human Workflow Service Engine Faults
» In the Error Message column, click a specific message to display complete
» In the Recovery column, click a fault that is marked as recoverable to invoke
» In the Component Instance ID column, click a specific service component ID
» Managing the URI of the Human Task Service Component Task Details Application
» Recovering from Human Task Service Component Faults
» Managing Outgoing Notifications and Incoming Email Notifications
» Moving Human Workflow Data from Test to Production Environments
» Exporting All Attribute Labels The following example exports all attribute
» Importing Task Payload Mapped Attribute Mappings for All Task Definition IDs The
» Exporting Task Payload Mapped Attribute Mappings for a Specific Task Definition ID
» Importing Task Payload Mapped Attribute Mappings for a Specific Task Definition ID
» Exporting All User Views This example exports all user views.
» Importing All User Views This example imports all user views.
» Exporting a Specific User View This example exports a specific user view.
» Importing a Specific User View This example imports a specific user view.
» Export All Standard Views This example exports all standard views.
» ant Script Data Migration Syntax
» Configuring Oracle BAM Web Applications Properties
» Configuring Oracle BAM Server Properties
» Configuring Data Source JNDI Configuring Application URL
» Configuring Oracle Data Integrator Integration Properties
» Introduction to Configuring Oracle BAM Configuring the Logger
» Configuring Oracle User Messaging Service
» Configuring Oracle BAM Distribution Lists
» Configuring HTTPS for Oracle BAM Adapter
» Configuring Trusted Domains Configuring Credential Mapping
» Configuring Oracle BAM Batching Properties
» Configuring Credential Mapping Configuring Security
» Configuring Oracle BAM User Permissions
» Configuring Secure Socket Layer
» Using Oracle Internet Directory With Oracle BAM
» Securing Oracle BAM JMS Resources
» Protecting Oracle BAM Web Services, An Example
» Configuring Advanced Properties Oracle Fusion Middleware Online Documentation Library
» Oracle BAM Configuration Property Reference
» Monitoring Oracle BAM Active Data Cache
» Monitoring the Event Engine Component
» Monitoring the Report Cache Component Monitoring the Enterprise Message Sources
» Monitoring Oracle BAM Report Server
» Monitoring Open Connections Monitoring Oracle BAM Web Applications
» Introduction to Monitoring Oracle BAM Monitoring Oracle BAM Web Services
» Monitoring Oracle BAM Performance
» Introduction to Managing Oracle BAM
» Managing Oracle BAM Availability
» Using Previously Seeded Group Members
» Adding Members to Application Roles Introduction to Oracle BAM Application Roles
» Using the Oracle WebLogic Server Administration Console
» Adding a Group Configuring Oracle WebLogic Server Embedded LDAP Server
» Adding a User Configuring Oracle WebLogic Server Embedded LDAP Server
» Using the Registerusers Utility
» Managing Oracle BAM Object Ownership Removing Invalid Users from Oracle BAM Administrator
» Components Introduction to User Messaging Service
» Introduction to Oracle User Messaging Service Configuration
» Adding Business Terms Adding or Removing User Messaging Preferences Business Terms
» Introduction to Driver Properties
» Securing Passwords Configuring a Driver
» Driver Application Archive EAR The EAR file is oracle_
» Common Properties These are common driver properties that are indicative of
» Implement and deploy a web service listener endpoint based on the
» Click User Messaging Service Driver Properties.
» Under Driver-Specific Configuration, add a new extension endpoint
» Under Common Configuration, update Supported Protocols with a Click OK to save the configuration.
» Configuring User Messaging Service Access to LDAP User Profile
» Troubleshooting Oracle User Messaging Service
» Using Message Status Monitoring Oracle User Messaging Service
» Viewing Metrics and Statistics
» Deploying Drivers Using Oracle Enterprise Manager Fusion Middleware Control
» Deploying Drivers Using the Oracle Fusion Middleware Configuration Wizard
» Undeploying and Unregistering Drivers
» Click Invoke. Oracle Fusion Middleware Online Documentation Library
» Adding Predefined Properties for an Inbound Adapter
» Creating a New Property for an Inbound Adapter
» Deleting a Property for an Inbound Adapter
» Click the Properties tab to see a list of the currently defined binding
» Select the property you want to delete, and then click Delete.
» Reverting a Property Value for an Inbound Adapter
» Editing a Predefined Property for an Outbound Adapter
» Select the property you want to edit.
» Adding a Predefined Property for an Outbound Adapter
» Click the Select Value icon in the Name field of the new row.
» Creating a New Property for an Outbound Adapter
» Specify the property name and value in the Name and the Value fields of the
» Deleting a Property for an Outbound Adapter
» Reverting a Property Value for an Outbound Adapter
» Click OK to confirm. Click the Properties tab to see a list of the currently defined binding
» Select the property you want to revert, and then click Revert. Click OK to confirm.
» Click Save. Oracle Fusion Middleware Online Documentation Library
» Searching for Rejected Messages for an Inbound Adapter
» Monitoring Properties for an Inbound Adapter Click Properties.
» Click Dashboard. Oracle Fusion Middleware Online Documentation Library
» View the recent faults listed in the Recent Faults section.
» Monitoring Faults for an Outbound Adapter
» Monitoring Adapter Logs Oracle Fusion Middleware Online Documentation Library
» Configuring Oracle B2B Server Properties Configuring Oracle B2B Operations
» Configuring Oracle B2B Attributes
» Monitoring the Oracle B2B Infrastructure
» Introduction to the Event Delivery Network
» Subscribing to Business Events
» Managing Business Event Subscribers
» Recovering from Business Event Faults
» Configuring Properties for Web Services
» Oracle AQ Adapter Configuring Properties for Oracle JCA Adapters
» Oracle Database Adapter Configuring Properties for Oracle JCA Adapters
» Oracle File Adapter Configuring Properties for Oracle JCA Adapters
» Oracle FTP Adapter Configuring Properties for Oracle JCA Adapters
» Oracle JMS Adapter Configuring Properties for Oracle JCA Adapters
» Oracle Socket Adapter Configuring Properties for Oracle JCA Adapters
» Oracle JCA Adapters Endpoint Properties
» Configuring Caching of WSDL URLs
» Monitoring Binding Component Instances and Faults
» Monitoring Binding Component Rejected Messages
» Configuring the Environment for Publishing Web Services to UDDI
» Enter the following syntax and provide host, port, and proxy host details
» Run setDomainEnv.sh or setDomainEnv.bat.
» Publishing a Web Service to the UDDI Registry
» Configuring BPMN Process Service Engine Properties
» Task 1: Configure the Oracle BAM Adapter on Oracle BPM Server
» Task 2: Enable Oracle BAM on the Oracle BPM Server
» Viewing the Audit Trail and Process Flow of a BPMN Process Service Component
» Monitoring BPMN Process Service Component Instances and Faults
» Monitoring BPMN Process Service Engine Request and Thread Statistics
» Monitoring BPMN Process Service Engine Instances
» Monitoring Deployed BPMN Processes in the Service Engine
» Recovering from BPMN Process Service Component Faults
» Managing BPMN Process Service Component Policies
» Recovering from BPMN Process Service Engine Faults
Show more