Last updated on AUGUST 07, 2013
Applies to:Oracle Adaptive Access Manager - Version 10.1.4.5 and later
Information in this document applies to any platform.
Although the access permission to Create IP Ranges is denied for the CSR Investigator, the user with role CSR Investigator is able to create an IP Range if the url is accessed or bookmarked.
Steps to reproduce:
1. Make sure there is a user whose role is CSR Investigator
2. Login with the user to find there is "List IP Range" but not "Create IP Range" from Menu Admin --> Groups
3. So far good untill step 3
4. But when you access say 'http://<ipaddress>/arm/createIPCluster.do" directly in the browser, the CSR Investigator is able to create an IP range, which should not be allowed
5. This privilege is not existing for CSR Investigator when checked in BharosaACL.xml as we see below.
6. So the issue is, even though the access permissions are denied for the CSR Investigator, the user with role CSR Investigator only is able to create an IPRange if the url is accessed or bookmarked.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms