OPSS: How To Grant A Specific Group To A Weblogic Domain Role If There Are More Than One Groups With Same Name (Doc ID 2718803.1)

Last updated on MARCH 01, 2023

Applies to:

Oracle Platform Security for Java - Version 12.2.1.4.0 and later
Information in this document applies to any platform.

Goal

1. What are the steps add the specific group "TEST_GROUP" from the <OU1> ou to a web logic domain role without it authorizing other groups with the same name in wlst?

2. The group names below are just samples. What are the steps to specify the full distinguished name (DN) or unique attribute value to set the correct principal in the grantAppRole command?

ie:

cn=TEST_GROUP,OU=<OU1>,dc=<COMPANY>,dc=com
cn=TEST_GROUP,OU=<OU2>,dc=<COMPANY>,dc=com

3. As there are two valid ldap groups with same name, then grantAppRole must be something like:

grantAppRole(appStripe="<APP_STRIPE>",appRoleName="<APPLICATION_ROLE_NAME>",principalClass="weblogic.security.principal.WLSGroupImpl",principalName="TEST_GROUP")

But which groups is setting the one under OU=<OU1> or OU=<OU2>.

Solution

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

Goal

Solution

References

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

OPSS: How To Grant A Specific Group To A Weblogic Domain Role If There Are More Than One Groups With Same Name (Doc ID 2718803.1)

Applies to:

Goal

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!