Friday, March 22, 2013

Creating Weblogic users and assign SOA and weblogic roles through WLST

http://www.albinsblog.com/2011/10/oracle-soa-11g-creating-users-and.html



 Creating Weblogic users and assign SOA and weblogic roles through WLST


Creating users and assign SOA and weblogic roles through WLST:-





WLST script can be use to create the required users in SOA 11g and to assign the required SOA and weblogic roles to the user.



Here we will use the property file to configure the user details,the WLST script will create the users in the server based on the property file.





Weblogic roles control the access permission of weblogic server and the SOA roles control the access permission of the EM console.



Just edit the UserManagement.properties with the users and group details.



UserManagement_SOADomain.properties





admin.url=t3://xxxxxxxx:8000



admin.userName=weblogic



admin.password=xxxxxxx





total.username=7





#



create.user.name.1=adminuser



create.user.password.1=Test123



create.user.description.1= This is a Backup Administrator User



#Comma seperated roles



create.user.groups.1=Administrators



create.user.soarole.1=SOAAdmin,SOADesigner









create.user.name.2=soaadminuser



create.user.password.2=Test1234



create.user.description.2= This is a SOA ADMIN User Two



#Comma seperated roles



create.user.groups.2=Deployers,Operators,Monitors,IntegrationDeployers



create.user.soarole.2=SOAAdmin









create.user.name.3=nfttestuser



create.user.password.3=Test1234



create.user.description.3= This is a Test User Three



#Comma seperated roles



create.user.groups.3=Monitors,IntegrationMonitors



create.user.soarole.3=SOAMonitor,SOAAuditViewer









create.user.name.4=devtestuser



create.user.password.4=Test1234



create.user.description.4= This is a DEV User Three



#Comma seperated roles



create.user.groups.4=Deployers,IntegrationDeployers,IntegrationMonitors,Monitors,Operators



create.user.soarole.4=SOADesigner,SOAMonitor





WLST Script:





The below WLST code snippet will create the required users and assign the corresponding roles to the user.



UserManagement_SOADomain.py



from java.io import FileInputStream



from java.util import *



from javax.management import *





domainName=raw_input('Please enter the weblogic domain name for the user creation: ')



print 'domainName:',domainName





propInputStream = FileInputStream("UserManagement_"+domainName+".properties")



configProps = Properties()



configProps.load(propInputStream)



adminURL=configProps.get("admin.url")



adminUserName=configProps.get("admin.userName")



adminPassword=configProps.get("admin.password")



realmName=configProps.get("security.realmName")





totalUsers_to_Create=configProps.get("total.username")





connect(adminUserName, adminPassword, adminURL)



serverConfig()



authenticatorPath= '/SecurityConfiguration/' + domainName + '/Realms/myrealm/AuthenticationProviders/DefaultAuthenticator'



print authenticatorPath



cd(authenticatorPath)



print 'Creating Users . . .'



x=1



while (x <= int(totalUsers_to_Create)):



userName = configProps.get("create.user.name."+ str(x))



userPassword = configProps.get("create.user.password."+ str(x))



userDescription = configProps.get("create.user.description."+ str(x))



try:



cmo.createUser(userName , userPassword , userDescription)



print '-----------User Created With Name : ' , userName



except:



print '*************** Check If the User With the Name : ' , userName ,' already Exists...'



x = x + 1



print ' '



print ' '









print 'Adding Group Membership of the Users:'



y=1



while (y <= int(totalUsers_to_Create)):



grpNames = configProps.get("create.user.groups."+ str(y)).split(",")



userName = configProps.get("create.user.name."+ str(y))



for grpName in grpNames:



if grpName=='':



print ''



else:



cmo.addMemberToGroup(grpName,userName)



print 'USER:' , userName , 'Added to GROUP: ' , grpName



y=y+1









print 'Adding SOA Roles Membership of the Users:'



y=1



while (y <= int(totalUsers_to_Create)):



roleNames = configProps.get("create.user.soarole."+ str(y)).split(",")



userName = configProps.get("create.user.name."+ str(y))



for roleName in roleNames:



if roleName=='':



print ''



else:



grantAppRole(appStripe="soa-infra", appRoleName=roleName,principalClass="weblogic.security.principal.WLSUserImpl", principalName=userName)



print 'USER:' , userName , 'Added the Role: ' , roleName



y=y+1





Execute the WLST script that will create the required users and assign the corresponding roles.



>$ORACLE_HOME/common/bin/wlst.sh UserManagement_SOADomain.py

No comments:

Post a Comment