SOA Human Task: Applying Assignee – Principal Problem

When you are developing Oracle SOA Suite and working on “Creating And Defining a Human Task” for manual approval, it’s probably you will get below error when applying “Edit Participant” by using Identity Lookup GUI on JDeveloper. Here are the steps how to add Assignee for the Human Task on JDeveloper:

1- Double click on “Human Task” element on composite.xml screen

2- To specify an assignee for the task, click on the Assignment tab.

3- On the Assignment subtab page, double click “Edit Participant” in the diagram

4- In the “Add Participant Type” dialog box, click the green [+] sign next to Participant Names and select Add User.

5- You’ll see a dummy record on “Participant List”. In this case you can specify the value manually or choose from  WebLogic Application Server which is added to your JDeveloper’s Application Resource Palette.

* When you want to select by browsing WebLogic LDAP connection, you will get error (Error Log below)

6- Click on “…” button. (which is numbered as “1” at below screen capture)

1_fevzi_korkutata_edit_participant_type_weblogic_soa_suite_jdeveloper
Edit Participant Type

 

 

 

 

 

 

 

7. On Identity Lookup window select your WebLogic Application Server that you added before. (Screen Capture – Number 2)

8. When you choose application server it connects to WebLogic server and lists the realms. Click on the “Lookup…” button on the right. (Screen Capture – Number 3)

2_fevzi_korkutata_identity_lookup_weblogic_soa_suite_jdeveloper
Identity Lookup

 

 

 

 

 

9. In this steps JDeveloper tries to connect WebLogic’s embedded LDAP and throws below error.

SOLUTION:

10. Login to WebLogic admin console. Then click on “Domain Structure > $Domain_Name (1) > Security (2) > Embedded LDAP (3)” .

11. At “Embedded LDAP” subtab find “Refresh Replica At Startup” properties and enable this feature. (Screen Capture – Number 4)

WebLogic Console Embedded LDAP

 

 

 

 

 

 

 

 

12. By enabling “Refresh Replica At Startup”, all servers must be restarted including managed servers. Restart the entire domain.

13. Go back to JDeveloper Identity Lookup window and click on “Lookup..” button again. Now you are able to list WebLogic users.

14. Select one user from the list. Then click OK on the “Identity Lookup” window. (Screen Capture – Number 1)

4_fevzi_korkutata_weblogic_identity_lookup_search_user_soa_suite_jdeveloper
Identity Lookup > Lookup Users…

 

 

 

 

 

 

 

Error Log:

[2015-04-15T04:39:23.412-04:30] [AdminServer] [NOTIFICATION] [DFW-40105] [oracle.dfw.framework] [tid: oracle.dfw.impl.incident.DiagnosticsDataExtractorImpl - Incident Dump Executor (created: Wed Apr 15 04:39:23 VET 2015)] [userId: <WLS Kernel>] [ecid: 7fa367459c46b6a8:5121a12f:14cb808c64f:-8000-000000000000d35c,0] [APP: soa-infra] failed to execute dump soa.env during creation of incident 7[[
oracle.dfw.dump.DumpExecutionException: Exception [javax.management.RuntimeMBeanException: java.lang.SecurityException: MBean attribute access denied. 
MBean: EMDomain:Name=soa-infra,EMTargetType=oracle_soainfra,type=EMIntegration,Application=soa-infra
Getter for attribute EMInstanceProperties
Detail: Access denied. Required roles: Admin, Operator, Monitor, executing subject: principals=[]] caught when looking up MBean property: EMInstanceProperties, e= [javax.management.RuntimeMBeanException: java.lang.SecurityException: MBean attribute access denied. 
MBean: EMDomain:Name=soa-infra,EMTargetType=oracle_soainfra,type=EMIntegration,Application=soa-infra
Getter for attribute EMInstanceProperties
Detail: Access denied. Required roles: Admin, Operator, Monitor, executing subject: principals=[]].: null
Cause: Access denied. Required roles: Admin, Operator, Monitor, executing subject: principals=[]
at oracle.integration.platform.dfw.dump.SOAEnvDiagnosticDump.executeDump(SOAEnvDiagnosticDump.java:127)
at oracle.dfw.impl.dump.DumpManagerImpl.executeDump(DumpManagerImpl.java:567)
at oracle.dfw.impl.incident.DiagnosticsDataExtractorImpl$SingleDumpExecutor$2.run(DiagnosticsDataExtractorImpl.java:2050)
at oracle.dfw.impl.incident.DiagnosticsDataExtractorImpl$SingleDumpExecutor$2.run(DiagnosticsDataExtractorImpl.java:2046)
at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:324)
at oracle.security.jps.internal.jaas.AccActionExecutor.execute(AccActionExecutor.java:74)
at oracle.security.jps.internal.jaas.AbstractSubjectSecurity$ActionExecutorWrapper.execute(AbstractSubjectSecurity.java:242)
at oracle.security.jps.internal.jaas.CascadeActionExecutor$SubjectPrivilegedExceptionAction.run(CascadeActionExecutor.java:83)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
at weblogic.security.Security.runAs(Security.java:61)
at oracle.security.jps.wls.jaas.WlsActionExecutor.execute(WlsActionExecutor.java:51)
at oracle.security.jps.internal.jaas.CascadeActionExecutor.execute(CascadeActionExecutor.java:56)
at oracle.security.jps.internal.jaas.AbstractSubjectSecurity$ActionExecutorWrapper.execute(AbstractSubjectSecurity.java:242)
at oracle.security.jps.internal.jaas.AbstractSubjectSecurity.executeAs(AbstractSubjectSecurity.java:196)
at oracle.dfw.spi.weblogic.SecurityContextImpl.executeAs(SecurityContextImpl.java:130)
at oracle.dfw.impl.incident.DiagnosticsDataExtractorImpl$SingleDumpExecutor$3.run(DiagnosticsDataExtractorImpl.java:2063)
at oracle.dfw.impl.incident.DiagnosticsDataExtractorImpl$SingleDumpExecutor$3.run(DiagnosticsDataExtractorImpl.java:2059)
at oracle.dfw.impl.incident.DiagnosticsDataExtractorImpl$SingleDumpExecutor.call(DiagnosticsDataExtractorImpl.java:2056)
at oracle.dfw.impl.incident.DiagnosticsDataExtractorImpl$SingleDumpExecutor.call(DiagnosticsDataExtractorImpl.java:1963)
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303)
at java.util.concurrent.FutureTask.run(FutureTask.java:138)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918)
at java.lang.Thread.run(Thread.java:662)
Caused by: javax.management.RuntimeMBeanException: java.lang.SecurityException: MBean attribute access denied. 
MBean: EMDomain:Name=soa-infra,EMTargetType=oracle_soainfra,type=EMIntegration,Application=soa-infra
Getter for attribute EMInstanceProperties
Detail: Access denied. Required roles: Admin, Operator, Monitor, executing subject: principals=[]
at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.rethrow(DefaultMBeanServerInterceptor.java:856)
at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.rethrowMaybeMBeanException(DefaultMBeanServerInterceptor.java:869)
at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.getAttribute(DefaultMBeanServerInterceptor.java:670)
at com.sun.jmx.mbeanserver.JmxMBeanServer.getAttribute(JmxMBeanServer.java:639)
at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$12.run(WLSMBeanServerInterceptorBase.java:326)
at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.getAttribute(WLSMBeanServerInterceptorBase.java:324)
at weblogic.management.mbeanservers.internal.JMXContextInterceptor.getAttribute(JMXContextInterceptor.java:157)
at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$12.run(WLSMBeanServerInterceptorBase.java:326)
at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.getAttribute(WLSMBeanServerInterceptorBase.java:324)
at weblogic.management.mbeanservers.internal.SecurityInterceptor.getAttribute(SecurityInterceptor.java:300)
at weblogic.management.jmx.mbeanserver.WLSMBeanServer.getAttribute(WLSMBeanServer.java:279)
at oracle.as.jmx.framework.generic.BaseMBeanServerInterceptor.getAttribute(BaseMBeanServerInterceptor.java:185)
at oracle.integration.platform.dfw.dump.SOAEnvDiagnosticDump.executeDump(SOAEnvDiagnosticDump.java:122)
at oracle.dfw.impl.dump.DumpManagerImpl.executeDump(DumpManagerImpl.java:567)
at oracle.dfw.impl.incident.DiagnosticsDataExtractorImpl$SingleDumpExecutor$2.run(DiagnosticsDataExtractorImpl.java:2050)
at oracle.dfw.impl.incident.DiagnosticsDataExtractorImpl$SingleDumpExecutor$2.run(DiagnosticsDataExtractorImpl.java:2046)
at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:324)
at oracle.security.jps.internal.jaas.AccActionExecutor.execute(AccActionExecutor.java:74)
at oracle.security.jps.internal.jaas.AbstractSubjectSecurity$ActionExecutorWrapper.execute(AbstractSubjectSecurity.java:242)
at oracle.security.jps.internal.jaas.CascadeActionExecutor$SubjectPrivilegedExceptionAction.run(CascadeActionExecutor.java:83)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
at weblogic.security.Security.runAs(Security.java:61)
at oracle.security.jps.wls.jaas.WlsActionExecutor.execute(WlsActionExecutor.java:51)
at oracle.security.jps.internal.jaas.CascadeActionExecutor.execute(CascadeActionExecutor.java:56)
at oracle.security.jps.internal.jaas.AbstractSubjectSecurity$ActionExecutorWrapper.execute(AbstractSubjectSecurity.java:242)
at oracle.security.jps.internal.jaas.AbstractSubjectSecurity.executeAs(AbstractSubjectSecurity.java:196)
at oracle.dfw.spi.weblogic.SecurityContextImpl.executeAs(SecurityContextImpl.java:130)
at oracle.dfw.impl.incident.DiagnosticsDataExtractorImpl$SingleDumpExecutor$3.run(DiagnosticsDataExtractorImpl.java:2063)
at oracle.dfw.impl.incident.DiagnosticsDataExtractorImpl$SingleDumpExecutor$3.run(DiagnosticsDataExtractorImpl.java:2059)
at oracle.dfw.impl.incident.DiagnosticsDataExtractorImpl$SingleDumpExecutor.call(DiagnosticsDataExtractorImpl.java:2056)
at oracle.dfw.impl.incident.DiagnosticsDataExtractorImpl$SingleDumpExecutor.call(DiagnosticsDataExtractorImpl.java:1963)
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303)
at java.util.concurrent.FutureTask.run(FutureTask.java:139)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:919)
... 1 more
Caused by: java.lang.SecurityException: MBean attribute access denied. 
MBean: EMDomain:Name=soa-infra,EMTargetType=oracle_soainfra,type=EMIntegration,Application=soa-infra
Getter for attribute EMInstanceProperties
Detail: Access denied. Required roles: Admin, Operator, Monitor, executing subject: principals=[]
at oracle.as.jmx.framework.generic.spi.security.AbstractMBeanSecurityInterceptor.checkAttributeAccess(AbstractMBeanSecurityInterceptor.java:275)
at oracle.as.jmx.framework.generic.spi.security.AbstractMBeanSecurityInterceptor.internalGetAttribute(AbstractMBeanSecurityInterceptor.java:126)
at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doGetAttribute(AbstractMBeanInterceptor.java:86)
at oracle.security.jps.ee.jmx.JpsJmxInterceptor$GetAttributeDelegator.delegate(JpsJmxInterceptor.java:843)
at oracle.security.jps.ee.jmx.JpsJmxInterceptor$7.run(JpsJmxInterceptor.java:747)
at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:324)
at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:460)
at oracle.security.jps.ee.jmx.JpsJmxInterceptor.jpsInternalInvoke(JpsJmxInterceptor.java:768)
at oracle.security.jps.ee.jmx.JpsJmxInterceptor.internalGetAttribute(JpsJmxInterceptor.java:230)
at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doGetAttribute(AbstractMBeanInterceptor.java:86)
at oracle.as.jmx.framework.generic.spi.interceptors.ContextClassLoaderMBeanInterceptor.internalGetAttribute(ContextClassLoaderMBeanInterceptor.java:66)
at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doGetAttribute(AbstractMBeanInterceptor.java:86)
at oracle.as.jmx.framework.generic.spi.interceptors.MBeanRestartInterceptor.internalGetAttribute(MBeanRestartInterceptor.java:67)
at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doGetAttribute(AbstractMBeanInterceptor.java:86)
at oracle.as.jmx.framework.standardmbeans.spi.OracleStandardEmitterMBean.getAttribute(OracleStandardEmitterMBean.java:716)
at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.getAttribute(DefaultMBeanServerInterceptor.java:666)
... 33 more
Caused by: java.lang.SecurityException: Access denied. Required roles: Admin, Operator, Monitor, executing subject: principals=[]
at oracle.as.jmx.framework.wls.spi.security.WLSMBeanSecurityHelper.isInWlsGlobalSecurityRoles(WLSMBeanSecurityHelper.java:245)
at oracle.as.jmx.framework.wls.spi.security.WLSMBeanSecurityHelper.checkRuntimeMBeanDefaultAccess(WLSMBeanSecurityHelper.java:213)
at oracle.as.jmx.framework.wls.spi.security.WLSRuntimeMBeanSecurityInterceptor.checkDefaultAccess(WLSRuntimeMBeanSecurityInterceptor.java:56)
at oracle.as.jmx.framework.generic.spi.security.AbstractMBeanSecurityInterceptor.checkAccess(AbstractMBeanSecurityInterceptor.java:335)
at oracle.as.jmx.framework.generic.spi.security.AbstractMBeanSecurityInterceptor.checkAttributeAccess(AbstractMBeanSecurityInterceptor.java:251)
... 48 more

]]

 

Leave a Comment

Your email address will not be published. Required fields are marked *