My Oracle Support Banner

Portal Members are not Removed from a Portal After Revoking Permissions Using revokeAppRole WLST Command (Doc ID 2531475.1)

Last updated on JANUARY 27, 2023

Applies to:

Oracle WebCenter Portal - Version 12.2.1.1.0 to 12.2.1.3.0
Information in this document applies to any platform.

Symptoms


ACTUAL BEHAVIOR

Portal Members are not Removed from a Portal After Revoking Permissions Using revokeAppRole WLST Command.


EXPECTED BEHAVIOR

Users should be removed from Portal UI.


STEPS

  1. Create a portal.
    e.g.:
    MC-PortalPermissions


  2. Add a user as member of the portal.
    e.g.:
    testuser1 with Portal Manager Role.


  3. Go to the Portal Administration -> General page and note down the portal internal ID.


  4. Revoke the testuser1 permissions using wlst.

    • Start wlst.

    • Connect to the AdminServer:

      connect()
       

    • Using the Portal Internal ID list the members of the portal with Portal Manager Role.

      wls:/wc_domain/domainRuntime/>listAppRoleMembers(appStripe="webcenter", appRoleName="<Portal-Internal-ID>#-#Moderator")
      Already in Domain Runtime Tree
      [Principal Clz Name : weblogic.security.principal.WLSUserImpl, Principal Name : WCADMIN, Type : ENT_USER]

      [Principal Clz Name : weblogic.security.principal.WLSUserImpl, Principal Name : TESTUSER1, Type : ENT_USER]

       

    • Revoke the Moderator Role from testuser1.

      wls:/wc_domain/domainRuntime/> revokeAppRole(appStripe="webcenter", 
      appRoleName="<Portal-Internal-ID>#-#Moderator", principalClass="weblogic.security.principal.WLSUserImpl", principalName="testuser1")
       

    • Refresh the portal cache.

      wls:/wc_domain/domainRuntime/> refreshGroupSpaceCache(appName='webcenter', spaceNames='MC-PortalPermissions', syncMode=1, updateType='all' ,cleanCache=0, server= 'WC_Portal')
       


    • Confirm the testuser1 is no longer a member of Moderator role.

      wls:/wc_domain/domainRuntime/>listAppRoleMembers(appStripe="webcenter", appRoleName="<Portal-Internal-ID>#-#Moderator")
      Already in Domain Runtime Tree
      [Principal Clz Name : weblogic.security.principal.WLSUserImpl, Principal Name : WCADMIN, Type : ENT_USER]

       

  5. Connect to WebCenter portal.

    • Go to Administer the portal.
      MC-PortalPermissions in this case.

    • Select the Security portal settings.


    • Select the Members Tab.
      Note testuser1 is still as member of the portal.
      However the user doesn't has any roles assigned.

 

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
Symptoms
Changes
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.