Using Authorization Providers To Protect JMX Access
Last updated on NOVEMBER 05, 2016
Applies to:Oracle Weblogic Server - Version 10.3.1 and later
Information in this document applies to any platform.
User with Operator and Deployer Role is not able to create a Data Source in WLS 10.3.x. Steps to replicate the issue:
- Create a WLS 10.3 domain, start the domain and login as administrator.
- Create a user and assign the role as Operator and Deployer.
- Select myrealm -> Configuration -> General.
- Enable Use Authorization Providers to Protect JMX Access.
- Restart the server (manadatory) and relogin as administrator.
- Go to Security Realms -> myrealm -> Roles and Policies.
- Go to Roles and Policies -> Realm Policies.
- Select JMX Policy Editor.
- GLOBAL SCOPE would be enabled by default. Click next.
- You will see a list of MBean Types.
- Expand weblogic.management.configuration tree.
- Select DomainMBean and click next.
- You will see a list of Attributes or Operations.
- Expand Operations: Permission to Invoke tree.
- Select createJDBCSystemResource and click the Create Policy button.
- On the Edit JMX Policies page, click Add Conditions.
- Select Role and add Deployer and Operator Role to the condition.
- Log in to the Console with the user having Operator and Deployer roles. You will not find a new button to create data source.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms