Wednesday, October 01, 2008

Weblogic: Configure users for Worklist Application

After applying Oracle SOA Suite on top og Weblogic 9.2, all functionality is available. There is a minor issue with the worklist application. The users and roles are not available in the Weblogic Realm. This is because Weblogic is using a ligh-weight LDAP server to store users and roles and policies. The users in the Human Task Worklist are not populated to this LDAP server.
It can only be solved by configure the JAZN of SOA Suite to use an LDAP server and WebLogic as well. This is written in the installation documentation of SOA Suite on Weblogic. But there is a not supported solution to add users to the worklist application.

To see the users that are available in the jazn XML based store you should go to

cd $BPEL_HOME/j2ee/home

and run command :

$BPEL_HOME/jdk/bin/java -jar jazn.jar
-user oc4jadmin -password welcome1 –listusers


Note: Please use the appropriate username and password)

The location of the jazn based XML store is:

$BPEL_HOME/j2ee/home/config/system-jazn-data.xml

To create users (in this case weblogic) that are also configured for BPEL tasklist, you should add the user to the jazn XML store by using the following command:

$BPEL_HOME/jdk/bin/java -jar jazn.jar -user oc4jadmin
-password welcome1 -adduser jazn.com weblogic weblogic


And also create the appropriate user properties in :

$BPEL_HOME/bpel/system/services/config/users-properties.xml

To have the worklist use JAZN based authorization the content of is_config.xml (located in $BPEL_HOME/bpel/system/services/config) should be :

<?xml version = '1.0' encoding = 'UTF-8'?>
<ISConfiguration xmlns="http://www.oracle.com/pcbpel/identityservice/isconfig">
<configurations>
<configuration realmName="jazn.com">
<provider providerType="JAZN" name="XML" service="Identity">
<property name="usersPropertiesFile" value="users-properties.xml"/>
</provider>
</configuration>
</configurations>
</ISConfiguration>


Additional jazn commandsare:

java -jar jazn.jar [-user <username> -password <password> -clustersupport <oracle_home>] [command]

-listusers [<realm> [-role <role>|-perm <permission>]] |
-listroles [<realm> [<user>|-role <role>]] |

Post a Comment