October 28, 2010

Set up read-only access for the BPEL Console 10g

These instructions describe how to set up a read-only BPEL Console on Oracle SOA Suite 10g.

Please note the following:
  • A Viewers role is created and used to provide read-only access
  • Filtering is done via the bpelfilters.txt file (no modification needed to this file)
  • Access to BPEL Admin is denied by default to all read-only users

Instructions

1. Download BPELConsoleFilter.java.txt to your server and rename it to BPELConsoleFilter.java

2. Download bpelfilters.txt to your server

3. Run these steps to compile the class and move both the class and the filter to the appropriate locations:
export CLASSPATH=$ORACLE_HOME/j2ee/home/lib/servlet.jar

$ORACLE_HOME/jdk/bin/javac BPELConsoleFilter.java

mkdir -p $ORACLE_HOME/j2ee/oc4j_soa/applib/com/sawft/applications/bpel

cp BPELConsoleFilter.class $ORACLE_HOME/j2ee/oc4j_soa/applib/com/sawft/applications/bpel

cp bpelfilters.txt $ORACLE_HOME/j2ee/oc4j_soa/applib
4.Edit $ORACLE_HOME/j2ee/oc4j_soa/applications/orabpel/console/WEB-INF/web.xml.

Insert the following before the first <filter>: 
    <filter>
  <filter-name>BPELConsoleFilter</filter-name>
  <filter-class>com.sawft.applications.bpel.BPELConsoleFilter</filter-class>
</filter>
Insert the following before the first <filter-mapping>: 
    <filter-mapping>
  <filter-name>BPELConsoleFilter</filter-name>
  <url-pattern>/*</url-pattern>
</filter-mapping>
Insert the following before the first <security-role>: 
    <security-role>
  <description>BPEL PM User</description>
  <role-name>Viewers</role-name>
</security-role>
5. Edit $ORACLE_HOME/j2ee/oc4j_soa/applications/orabpel/admin/WEB-INF/web.xml.

Insert the following before the first <AdminConsole>: 
    <filter>
  <filter-name>BPELConsoleFilter</filter-name>
  <filter-class>com.sawft.applications.bpel.BPELConsoleFilter</filter-class>
</filter>
    <filter-mapping>
  <filter-name>BPELConsoleFilter</filter-name>
  <url-pattern>/*</url-pattern>
</filter-mapping>
Insert the following before the first <security-role>: 
    <security-role>
  <description>BPEL PM User</description>
  <role-name>Viewers</role-name>
</security-role>
6. Create read-only group and account (repeat on all oc4j_soa containers):
  • Log in to EM (Enterprise Manager)
  • Click on oc4j_soa
  • Click on Administration
  • Click on Security Providers
  • Click on Instance Level Security
  • Click on Realms
  • Click on the number under Roles
  • Click on Create
  • Enter "Viewers" and select the roles BPMDefaultDomainAdmin and BPMSystemAdmin
  • Click OK
  • Click on Instance Level Security
  • Click on the number under Users
  • Click on Create
  • Enter "bpelreadonly" and welcome1 twice, for the username and passsword respectively
  • Select the Viewers role
  • Click OK
7. Restart the container (e.g., opmnctl restartproc process-type=oc4j-soa) and try logging in as bpelreadonly.

Applicable Versions

Oracle SOA Suite 10g (10.1.3.x)

References

http://chintanblog.blogspot.com/2010/04/bpel-readonly-console.html
http://chintanblog.blogspot.com/2007/12/i-saw-numerous-people-asking-about-bpel_290.html

7 comments:

  1. KrishnaDecember 07, 2011

    Hi,

    After updating the all the above steps and we are getting the below Error Message in bpelconsole. Can you please helpus

    500 Internal Server Error
    Servlet error: An exception occurred. The current application deployment descriptors do not allow for including it in this response. Please consult the application log for details.

    ReplyDelete
  2. JohnJuly 01, 2016

    nhl jerseys wholesale
    coach outlet store online
    pandora jewelry outlet
    yeezy boost 350
    ralph lauren uk
    cheap nfl jerseys
    kobe bryant shoes
    adidas gazelle
    rolex watches uk
    gucci handbags outlet
    wholesale nike shoes
    michael kors outlet clearance
    cheap ray bans
    adidas nmd
    ray ban sunglasses
    nike cortez white
    ed hardy uk
    supra shoes
    coach outlet store online
    north face outlet
    red bottoms outlet online
    ghd flat iron
    skechers shoes
    timberland shoes
    michael kors outlet online
    abercrombie kids
    adidas supercolor
    asics gel nimbus
    stephen curry shoes
    louis vuitton outlet online
    vans shoes
    cartier watches for sale
    tiffany jewelry
    designer handbags outlet
    hollister clothing store
    salvatore ferragamo
    201671yuanyuan

    ReplyDelete
  3. UnknownMarch 24, 2017

    moncler jackets
    pandora charms sale clearance
    yeezy boost 350
    pandora jewelry
    michael kors outlet clearance
    michael kors
    cowboys jerseys
    michael kors uk
    ed hardy store
    adidas sneakers
    xushengda0324

    ReplyDelete
  4. UnknownMay 16, 2017

    very interesting article i feel very enthusiastic while reading and the information provided in this article is so useful for me.content in this article guides in clarifying some of my doubts.

    Oracle Fusion SCM Online Training

    ReplyDelete
  5. ninest123July 13, 2017

    fred perry
    true religion outlet
    hermes handbags
    michael kors outlet store
    christian louboutin
    coach factory outlet
    louboutin uk
    michael kors outlet
    longchamp bags
    birkenstock sandals
    MT0713

    ReplyDelete
  6. chenliliApril 08, 2018

    lacoste outlet
    kate spade outlet store
    mont blanc outlet
    polo ralph lauren
    lacoste shoes
    adidas yeezy shoes
    nfl jerseys wholesale
    ralph lauren shirts
    tory burch handbags
    coach factory outlet
    shenyuhang20180409

    ReplyDelete
  7. UnknownJuly 27, 2018

    fila disruptor
    michael kors outlet
    kyrie irving shoes
    zx flux
    vibram five fingers
    kobe basketball shoes
    nba jerseys
    yeezy
    prada sunglasses
    louboutin shoes uk

    ReplyDelete

Subscribe to: Post Comments (Atom)