Read Only Monitor Users are having Privilege Like Admin when -Dweblogic.disableMBeanAuthorization=true JAVA_OPTION is Set (Doc ID 2418917.1)

Last updated on FEBRUARY 10, 2025

Applies to:

Oracle WebLogic Server - Version 12.2.1.2.0 and later
Information in this document applies to any platform.

Symptoms

On 12.2.1.2.0 version, monitors role users are having edit privilege when -Dweblogic.disableMBeanAuthorization=true JAVA_OPTION is Set.

The monitors role users are having edit privilege.

The issue can be reproduced at will with the following steps:
1. Boot the Admin server
2. Go to Security Realms -> myrealm -> Users and Groups -> [Add new user]
3. Select the user -> click the [Groups] -> select Monitors
4. Now close and open a new browser and access the Admin Console and login using the newly created user.
5. Once login to Admin console using the new user and navigate to any tab, and can see there is edit option enable like the admin user.

Changes

Cause

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

Read Only Monitor Users are having Privilege Like Admin when -Dweblogic.disableMBeanAuthorization=true JAVA_OPTION is Set (Doc ID 2418917.1)

Applies to:

Symptoms

Changes

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!