Create IP Ranges Link Is Available For CSR Investigator When URL Is Accessed / Bookmarked
(Doc ID 1083622.1)
Last updated on AUGUST 07, 2013
Applies to:Oracle Adaptive Access Manager - Version 10.1.4.5 and later
Information in this document applies to any platform.
Although the access permission to Create IP Ranges is denied for the CSR Investigator, the user with role CSR Investigator is able to create an IP Range if the url is accessed or bookmarked.
Steps to reproduce:
1. Make sure there is a user whose role is CSR Investigator
2. Login with the user to find there is "List IP Range" but not "Create IP Range" from Menu Admin --> Groups
3. So far good untill step 3
4. But when you access say 'http://<ipaddress>/arm/createIPCluster.do" directly in the browser, the CSR Investigator is able to create an IP range, which should not be allowed
5. This privilege is not existing for CSR Investigator when checked in BharosaACL.xml as we see below.
6. So the issue is, even though the access permissions are denied for the CSR Investigator, the user with role CSR Investigator only is able to create an IPRange if the url is accessed or bookmarked.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document