"The login user does not have view permission on the master repository" Error Received when Using Enterprise Roles in Oracle Data Integrator (ODI) 12c
(Doc ID 2488722.1)
Last updated on DECEMBER 09, 2024
Applies to:
Oracle Data Integrator - Version 12.2.1.3.0 and laterOracle Data Integrator on Marketplace - Version 1.0.2 and later
Data Integration Platform Cloud Classic - Version 17.3.5 and later
Oracle Data Integrator Cloud Service - Version 17.1.3 and later
Information in this document applies to any platform.
Symptoms
External Authentication has been successfully enabled for Oracle Data Integrator (ODI), and Enterprise Roles defined in the Microsoft Active Directory (AD) authentication LDAP have been mapped to Oracle Data Integrator (ODI) Roles.
However, the following error is received when trying to connect with an AD user that belongs to the mapped Enterprise Role:
com.sunopsis.core.SecurityAccessException: The login user does not have view permission on the master repository. You need to grant the user CONNECT profile first.
at oracle.odi.core.security.SecurityManager.createAuthentication(SecurityManager.java:971)
at oracle.odi.core.security.SecurityManager.createAuthentication(SecurityManager.java:385)
at com.sunopsis.graphical.dialog.SnpsDialogLoginDetail.testConnection(SnpsDialogLoginDetail.java:784)
at com.sunopsis.graphical.dialog.SnpsDialogLoginDetail.access$400(SnpsDialogLoginDetail.java:71)
at com.sunopsis.graphical.dialog.SnpsDialogLoginDetail$2.performAction(SnpsDialogLoginDetail.java:311)
at oracle.odi.ui.framework.event.OdiActionListener.actionPerformed(OdiActionListener.java:69)
at javax.swing.AbstractButton.fireActionPerformed(AbstractButton.java:2022)
at javax.swing.AbstractButton$Handler.actionPerformed(AbstractButton.java:2348)
at javax.swing.DefaultButtonModel.fireActionPerformed(DefaultButtonModel.java:402)
at javax.swing.DefaultButtonModel.setPressed(DefaultButtonModel.java:259)
at ...
at java.security.AccessController.doPrivileged(Native Method)
at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:74)
at ...
Steps to reproduce the behavior:
- Configure Oracle Data Integrator (ODI) to use Microsoft Active Directory (AD) for user authentication.
- Create a user in Oracle Data Integrator (ODI) Studio to match the Microsoft AD user, and successfully authenticate the user via AD.
- Define a GROUP in AD called "ODI-AD1" and assign user "A" to this group.
- Create a role in Oracle Data Integrator (ODI) called "ODI -AD1– ROLE"” and associate AD Group "ODI-AD1" and set Role Profiles.
- Login to Oracle Data Integrator (ODI) client with User "A". Observe the error message.
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |