The managePolicyStore This operation creates Application App Roles and adds members to them based on one or more properties files. If App Role exists, create will not be attempted. Also, if App Role already has specific member than grantAppRole will not be attempted. Logs will indicate operations being performed or skipped. Each file describes the application roles App Roles and members of for one application stripe.
...
No roles or members will be deleted by the operation, only creates are performed.
Target Properties
Property Name
Required
Description
Property Name | Property Code | Required | Description |
---|---|---|---|
Oracle Weblogic Home (WL_HOME) |
| Yes | WebLogic Home Directory. (e.g. /u01/oracle/products/fmw/wlserver) |
Weblogic Admin Listen Address |
| Yes | The listener address of the WLS admin server. (e.g. localhost) |
Weblogic Admin Listen Port |
| Yes | The port of the WLS admin server. (e.g. 7001) |
Weblogic Admin SSL Connection |
| No | Indicates whether the admin server is using SSL. |
Weblogic Admin User |
| Yes | The username for the WLS admin server. |
Weblogic Admin Password |
| Yes | The password for |
Oracle Middleware Home (MW_HOME) |
| Yes |
Project Properties
The oracle middleware home (which has subfolders such as oracle_common, wlsserver_10.3, coherence*, etc.). |
Inputs
Input Name | Input Code | Required | Description |
---|---|---|---|
Properties File Path |
| No | Path to the OPSS properties file or folders. If relative paths are given, paths inside of the |
will be assumed. |
The location will be searched for |
.properties files. |
Outputs
Output Name
Required
Artifacts
This operation consumes artifacts from the artifacts repository.
...
This operation will select all available endpoints associated to the environment instance Target which have resource type of WLS Admin Server.
Endpoint Execution
This operation will execute on any one of the selected endpoints and will be random in the determination of which one. It is expected that there be only one WLS Admin Server for the domain.
Property File Explanation
The properties file has specific formatting requirements so that the tool can read it. Please follow these standards:
1 - Include a line like ApplicationRoleList=roleToCreate,roleToCreate2,roleToCreate3
...
2 - Include a line for each of the roles that needs members definition
roleToCreate1.members=membertype1:member1,memberType2:member2,memberType3:member3
...
Valid values for memberType are: APP_ROLE, ENT_ROLE, CUSTOM
.
Tip |
---|
If App Role name has space in it (for example, Finance Team), then members key must escape space using \u0020. ApplicationRoleList=Finance Team appStripe=obi Finance\u0020Team.members=APP_ROLE:BIConsumer |
If you are just creating App Role without any members, then do not add .members property.
Sample Properties File
Code Block | ||
---|---|---|
| ||
#The next line is required. It lists the application roles to create. Each one must have a matching role.members line in the file as well. ApplicationRoleList=BI_Finance_Managers, BI_Finance_Users, BI_HumanResources, BI_Intranet_Users # Roles will be managed for the indicated application # One file for each application stripe is needed appStripe=obi #Roles are designated with their type and the role name. #Valid role types are CUSTOM, APP_ROLE, and ENT_ROLE. BI_Finance_Managers.members=CUSTOM:authenticated-role,ENT_ROLE:BIConsumers,ENTAPP_ROLE:BIConsumers,ENT_ROLE:BIConsumers,ENT_ROLE:BIConsumers,ENT_ROLE:BIConsumersBIConsumer BI_Finance_Users.members=APP_ROLE:BI_Finance_Managers, APP_ROLE:BI_HumanResources,ENT_ROLE:BIConsumers # ApplicationApp Role mapped to Enterprise Role as well as ApplicationApp Roles BI_HumanResources.members=ENT_ROLE:BIConsumers,APP_ROLE:BI_Finance_Managers,APP_ROLE:BI_Finance_Users # ApplicationApp Role mapped to Authenticated Role and Enterprise Role BI_Intranet_Users.members=APP_ROLE:BI_Finance_Managers,APP_ROLE:BI_Finance_Users, APP_ROLE:BI_Finance_ManagersCUSTOM:authenticated-role,ENT_ROLE:BIConsumers |