Last updated on MAY 01, 2015
Applies to:Oracle WebLogic Server - Version 10.3.6 and later
Information in this document applies to any platform.
Application (.ear file) has custom roles and policies and is deployed to WLS server using Security Model "Advanced".
After the application is successfully deployed (ACTIVE state), we see Roles and Policies from DD are displayed in console under
Deployments -> <Application name> -> Corresponding module -> Security -> Roles and Policies
The Weblogic Server console also gives an opportunity to create new roles under
Deployments ->Application name -> Corresponding module ->Security -> Roles and Policies -> New
The DD roles and policies and the newly created roles and policies (from console) are all imported to <Managedserver>.ldif file under DOMAIN_HOME/servers/<server_name>/data/ldap
Now, change the roles and policies in DD to a different name (remove old roles and policies and create new ones). Re-package the application and replace it with the existing .ear file in the application source location.
Restart the managed servers.
Now, in the console under
Deployments ->Application name ->Corresponding module ->Security -> Roles and Policies
you will see both the old and new policies. The expected behavior is that only new policies and roles should be displayed and that the old references should be gone.
How do we delete the old policies that are dangling in the ldif file even though the application DD's do not have it anymore?
Simply deleting the roles and policies from the console or using WLST does not remove their references from <ManagerServer>.ldif file
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
Million Knowledge Articles and hundreds of Community platforms