October 28, 2010

Set up read-only access for the BPEL Console 10g

These instructions describe how to set up a read-only BPEL Console on Oracle SOA Suite 10g.

Please note the following:
  • A Viewers role is created and used to provide read-only access
  • Filtering is done via the bpelfilters.txt file (no modification needed to this file)
  • Access to BPEL Admin is denied by default to all read-only users

Instructions

1. Download BPELConsoleFilter.java.txt to your server and rename it to BPELConsoleFilter.java

2. Download bpelfilters.txt to your server

3. Run these steps to compile the class and move both the class and the filter to the appropriate locations:
export CLASSPATH=$ORACLE_HOME/j2ee/home/lib/servlet.jar

$ORACLE_HOME/jdk/bin/javac BPELConsoleFilter.java

mkdir -p $ORACLE_HOME/j2ee/oc4j_soa/applib/com/sawft/applications/bpel

cp BPELConsoleFilter.class $ORACLE_HOME/j2ee/oc4j_soa/applib/com/sawft/applications/bpel

cp bpelfilters.txt $ORACLE_HOME/j2ee/oc4j_soa/applib
4.Edit $ORACLE_HOME/j2ee/oc4j_soa/applications/orabpel/console/WEB-INF/web.xml.

Insert the following before the first <filter>: 
    <filter>
  <filter-name>BPELConsoleFilter</filter-name>
  <filter-class>com.sawft.applications.bpel.BPELConsoleFilter</filter-class>
</filter>
Insert the following before the first <filter-mapping>: 
    <filter-mapping>
  <filter-name>BPELConsoleFilter</filter-name>
  <url-pattern>/*</url-pattern>
</filter-mapping>
Insert the following before the first <security-role>: 
    <security-role>
  <description>BPEL PM User</description>
  <role-name>Viewers</role-name>
</security-role>
5. Edit $ORACLE_HOME/j2ee/oc4j_soa/applications/orabpel/admin/WEB-INF/web.xml.

Insert the following before the first <AdminConsole>: 
    <filter>
  <filter-name>BPELConsoleFilter</filter-name>
  <filter-class>com.sawft.applications.bpel.BPELConsoleFilter</filter-class>
</filter>
    <filter-mapping>
  <filter-name>BPELConsoleFilter</filter-name>
  <url-pattern>/*</url-pattern>
</filter-mapping>
Insert the following before the first <security-role>: 
    <security-role>
  <description>BPEL PM User</description>
  <role-name>Viewers</role-name>
</security-role>
6. Create read-only group and account (repeat on all oc4j_soa containers):
  • Log in to EM (Enterprise Manager)
  • Click on oc4j_soa
  • Click on Administration
  • Click on Security Providers
  • Click on Instance Level Security
  • Click on Realms
  • Click on the number under Roles
  • Click on Create
  • Enter "Viewers" and select the roles BPMDefaultDomainAdmin and BPMSystemAdmin
  • Click OK
  • Click on Instance Level Security
  • Click on the number under Users
  • Click on Create
  • Enter "bpelreadonly" and welcome1 twice, for the username and passsword respectively
  • Select the Viewers role
  • Click OK
7. Restart the container (e.g., opmnctl restartproc process-type=oc4j-soa) and try logging in as bpelreadonly.

Applicable Versions

Oracle SOA Suite 10g (10.1.3.x)

References

http://chintanblog.blogspot.com/2010/04/bpel-readonly-console.html
http://chintanblog.blogspot.com/2007/12/i-saw-numerous-people-asking-about-bpel_290.html

9 comments:

  1. KrishnaDecember 07, 2011

    Hi,

    After updating the all the above steps and we are getting the below Error Message in bpelconsole. Can you please helpus

    500 Internal Server Error
    Servlet error: An exception occurred. The current application deployment descriptors do not allow for including it in this response. Please consult the application log for details.

    ReplyDelete
  2. UnknownMay 16, 2017

    very interesting article i feel very enthusiastic while reading and the information provided in this article is so useful for me.content in this article guides in clarifying some of my doubts.

    Oracle Fusion SCM Online Training

    ReplyDelete
  3. UnknownJuly 13, 2017

    fred perry
    true religion outlet
    hermes handbags
    michael kors outlet store
    christian louboutin
    coach factory outlet
    louboutin uk
    michael kors outlet
    longchamp bags
    birkenstock sandals
    MT0713

    ReplyDelete
  4. UnknownJuly 27, 2018

    fila disruptor
    michael kors outlet
    kyrie irving shoes
    zx flux
    vibram five fingers
    kobe basketball shoes
    nba jerseys
    yeezy
    prada sunglasses
    louboutin shoes uk

    ReplyDelete
  5. Confirm Your ProfileJanuary 30, 2020

    CCTV Wholesaler-These CCTVS Are A Must Buy. Their CCTV has high resolution, and they sell the products without any wear and tear. You will not find even a single scratch on their CCTVs. And they are priced as well quite nominal. Also, they are actually a CCTV wholesaler, and not just retailer.

    ReplyDelete
  6. Confirm Your ProfileFebruary 07, 2020

    CCTV Wholesaler-These CCTVS Are A Must Buy. Their CCTV has high resolution, and they sell the products without any wear and tear. You will not find even a single scratch on their CCTVs. And they are priced as well quite nominal. Also, they are actually a CCTV wholesaler, and not just retailer.

    ReplyDelete
  7. Confirm Your ProfileFebruary 27, 2020

    CCTV Wholesaler-These CCTVS Are A Must Buy. Their CCTV has high resolution, and they sell the products without any wear and tear. You will not find even a single scratch on their CCTVs. And they are priced as well quite nominal. Also, they are actually a CCTV wholesaler, and not just retailer.

    ReplyDelete
  8. Confirm Your ProfileMarch 12, 2020

    CCTV Wholesaler-These CCTVS Are A Must Buy. Their CCTV has high resolution, and they sell the products without any wear and tear. You will not find even a single scratch on their CCTVs. And they are priced as well quite nominal. Also, they are actually a CCTV wholesaler, and not just retailer.

    ReplyDelete
  9. Confirm Your ProfileMarch 21, 2020

    CCTV Wholesaler-These CCTVS Are A Must Buy. Their CCTV has high resolution, and they sell the products without any wear and tear. You will not find even a single scratch on their CCTVs. And they are priced as well quite nominal. Also, they are actually a CCTV wholesaler,and not just retailer.

    ReplyDelete

Subscribe to: Post Comments (Atom)