Oracle SOA Suite – Creating Weblogic users and assign SOA and weblogic roles through WLST:
WLST script can be use to create the required users in Weblogic and to assign the required SOA and weblogic roles to the user.
Here we will use the property file to configure the user details,the WLST script will create the users in the server based on the property file.
Weblogic roles control the access permission of weblogic server and the SOA roles control the access permission of the EM console.
Just edit the UserManagement.properties with the users and group details.
UserManagement_SOADomain.properties
admin.url=t3://xxxxxxxx:8000
admin.userName=weblogic
admin.password=xxxxxxx
total.username=7
#
create.user.name.1=adminuser
create.user.password.1=Test1234
create.user.description.1= This is a Backup Administrator User
#Comma seperated roles
create.user.groups.1=Administrators
create.user.soarole.1=SOAAdmin,SOADesigner
create.user.name.2=soaadminuser
create.user.password.2=Test1234
create.user.description.2= This is a SOA ADMIN User Two
#Comma seperated roles
create.user.groups.2=Deployers,Operators,Monitors,IntegrationDeployers
create.user.soarole.2=SOAAdmin
create.user.name.3=nfttestuser
create.user.password.3=Test1234
create.user.description.3= This is a Test User Three
#Comma seperated roles
create.user.groups.3=Monitors,IntegrationMonitors
create.user.soarole.3=SOAMonitor,SOAAuditViewer
create.user.name.4=devtestuser
create.user.password.4=Test1234
create.user.description.4= This is a DEV User Three
#Comma seperated roles
create.user.groups.4=Deployers,IntegrationDeployers,IntegrationMonitors,Monitors,Operators
create.user.soarole.4=SOADesigner,SOAMonitor
WLST Script:
The below WLST code snippet will create the required users and assign the corresponding roles to the user.
UserManagement_SOADomain.py
from java.io import FileInputStream
from java.util import *
from javax.management import *
domainName=raw_input('Please enter the weblogic domain name for the user creation: ')
print 'domainName:',domainName
propInputStream = FileInputStream("UserManagement_"+domainName+".properties")
configProps = Properties()
configProps.load(propInputStream)
adminURL=configProps.get("admin.url")
adminUserName=configProps.get("admin.userName")
adminPassword=configProps.get("admin.password")
realmName=configProps.get("security.realmName")
totalUsers_to_Create=configProps.get("total.username")
connect(adminUserName, adminPassword, adminURL)
serverConfig()
authenticatorPath= '/SecurityConfiguration/' + domainName + '/Realms/myrealm/AuthenticationProviders/DefaultAuthenticator'
print authenticatorPath
cd(authenticatorPath)
print 'Creating Users . . .'
x=1
while (x <= int(totalUsers_to_Create)):
userName = configProps.get("create.user.name."+ str(x))
userPassword = configProps.get("create.user.password."+ str(x))
userDescription = configProps.get("create.user.description."+ str(x))
try:
cmo.createUser(userName , userPassword , userDescription)
print '-----------User Created With Name : ' , userName
except Exception, e:
print e
x = x + 1
print ' '
print ' '
print 'Adding Group Membership of the Users:'
y=1
while (y <= int(totalUsers_to_Create)):
grpNames = configProps.get("create.user.groups."+ str(y)).split(",")
userName = configProps.get("create.user.name."+ str(y))
for grpName in grpNames:
if grpName=='':
print ''
else:
cmo.addMemberToGroup(grpName,userName)
print 'USER:' , userName , 'Added to GROUP: ' , grpName
y=y+1
print 'Adding SOA Roles Membership of the Users:'
y=1
while (y <= int(totalUsers_to_Create)):
roleNames = configProps.get("create.user.soarole."+ str(y)).split(",")
userName = configProps.get("create.user.name."+ str(y))
for roleName in roleNames:
if roleName=='':
print ''
else:
grantAppRole(appStripe="soa-infra", appRoleName=roleName,principalClass="weblogic.security.principal.WLSUserImpl", principalName=userName)
print 'USER:' , userName , 'Added the Role: ' , roleName
y=y+1
Execute the WLST script that will create the required users and assign the corresponding roles.
>$ORACLE_HOME/common/bin/wlst.sh UserManagement_SOADomain.py
Download: UserManagement_SOADomain.properties UserManagement_SOADomain.py
Download: UserManagement_SOADomain.properties UserManagement_SOADomain.py
Thanks Mate! Great post
ReplyDeleteHi Albin,
ReplyDeleteThanks for the great blog. I am trying to add users to my soa-infra approle using the same steps. But every time I get 'NameError: grantAppRole' exception. Can you please help me, I would be realy very very greatful..
Regards,
Riya.
make sure you are executing the WLST script by using ORACLE_HOME(SOA_HOME)/common/bin/wlst.sh
DeleteRegards
Albin I
Hi Albin
DeleteEven I am getting the same error and I am executing it from Oracle_SOA home only, but stillgetting same error
please let me know how to resolve it
javax.management.MBeanException: javax.management.MBeanException: Cannot add principal to application role.