Skip Headers
Oracle® Fusion Middleware Administrator's Guide for Oracle Entitlements Server
11g Release 1 (11.1.1)

Part Number E14096-05
Go to Documentation Home
Home
Go to Book List
Book List
Go to Table of Contents
Contents
Go to Index
Index
Go to Master Index
Master Index
Go to Feedback page
Contact Us

Go to previous page
Previous
Go to next page
Next
View PDF

5 Querying Security Objects

Oracle Entitlements Server enables querying for policies and policy objects from within the Oracle Entitlements Server Administration Console. This chapter explains the types of search functionalities and for what purposes they can be used. It contains the following topics:

5.1 Searching with the Administration Console

Oracle Entitlements Server enables different kinds of search queries using the Administration Console.

5.2 Finding Objects with a Simple Search

A simple query matches names and display names only. The fields in the top portion of the Authorization Management tab in the Navigation Panel, as shown in Figure 5-2, are used to specify simple queries.

Figure 5-2 Simple Search Fields in Navigation Panel

Description of Figure 5-2 follows
Description of "Figure 5-2 Simple Search Fields in Navigation Panel"

To specify a simple search, proceed as follows:

  1. Select the policy object for which you are searching from the For list.

    The following object types are available:

    • Application Roles

    • External Roles

    • Users

    • Resources

    • Resource Types

    • Entitlements

    • Attributes

  2. Select the search scope from the In list.

    The search scope defines the level at which the search will take place. When searching for Application Roles, Resources, Resource Types, Entitlements and Attributes, the search scope is an Application. For External Roles and Users, the search scope is Global. For Entitlements and Resources, the search scope is the Policy Domain within an Application.

    Note:

    If performing a Resource search, you also select the Resource Type from the Type list.

  3. Optionally, enter a string to match in the text box.

    Wildcard characters percent (%) and asterisk (*) are supported for a simple search.

  4. Click the arrow icon next to the text box to begin the search.

    Names and display names matching the specified criteria are returned and displayed in the Search Results tab. If no search string was entered, a list of all objects of the specified type is returned.

    Description of search_tab.gif follows
    Description of the illustration search_tab.gif

  5. Double-click the object to edit, right click the object and select New to create, or click the object's information icon for details.

    For more information on managing policy objects, see Chapter 4, "Managing Policies and Roles."

5.3 Finding Objects with an Advanced Search

An advanced search is generally initiated by double-clicking the object name in the Navigation Panel, or from the Search link for the object in the Home area. An advanced search can use the following operators:

There is no support for wildcard characters in an advanced search. In particular, the asterisk (*) or percent (%) characters are treated as plain text in any advanced search parameter. The following sections have information on searching for policy objects with an advanced search.

5.3.1 Searching External Roles

To search External Roles, proceed as follows:

  1. Select from the following methods to display the Search External Roles page:

    • In the Navigation Panel, expand Global and double-click External Roles. (Alternately, right-click External Roles and select Open.)

    • In the Home area, click Search - External Roles from the Search and Create section.

  2. Enter the following query parameters:

    • Name: Select an operator from the list and enter a string to match.

    • Display Name: Select an operator from the list and enter a string to match.

    Optionally, select from the Saved Search drop-down list of previously saved searches. Its query parameters automatically populate the search fields. Select Personalize... to set options for previously saved searches.

  3. Optionally, click Save... to name the current query parameters.

    The named search is added to the Saved Search list.

  4. Click Search.

    The results are displayed in Search Results.

5.3.2 Searching Applications

To search applications, proceed as follows:

  1. Select from the following methods to display the Search Applications page:

    • In the Navigation Panel, double-click Applications to display the Search Applications page. (Alternately, right-click Applications and select Open.)

    • In the Home area, click Search - Applications from the Search and Create section.

  2. Enter the following query parameters:

    • Name: Select an operator from the list and enter a string to match.

    • Display Name: Select an operator from the list and enter a string to match.

    Optionally, select from the Saved Search drop-down list of previously saved searches. Its query parameters automatically populate the search fields. Select Personalize... to set options for previously saved searches.

  3. Optionally, click Save... to name the current query parameters.

    The named search is added to the Saved Search list.

  4. Click Search.

    The results are displayed in Search Results.

5.3.3 Searching Resource Types

To search Resource Types, proceed as follows:

  1. Select from the following methods to display the Search Resource Types page as in Figure 5-3.

    • In the Navigation Panel, expand the Application node and double-click Resource Types. (Alternately, right-click Resource Types and select Open.)

    • In the Home area, select the appropriate Application Name and click Search under Resource Types.

      Figure 5-3 Searching for Resource Types

      Description of Figure 5-3 follows
      Description of "Figure 5-3 Searching for Resource Types"

  2. Enter the following query parameters:

    • Display Name: Select an operator from the list and enter a string to match.

    • Name: Select an operator from the list and enter a string to match.

    • Actions: Select an operator from the list and enter a string to match.

    Optionally, select from the Saved Search drop-down list of previously saved searches. Its query parameters automatically populate the search fields. Select Personalize... to set options for previously saved searches.

  3. Optionally, click Save... to name the current query parameters.

    The named search is added to the Saved Search list.

  4. Click Search.

    All results matching the query specifications are displayed in the Search Results table as illustrated in Figure 5-4.

    Figure 5-4 Resource Type Search Results

    Description of Figure 5-4 follows
    Description of "Figure 5-4 Resource Type Search Results"

5.3.4 Searching Application Roles

To search Application Roles, proceed as follows:

  1. Select from the following methods to display the Search Role Catalog page.

    • In the Navigation Panel, expand Applications and the named Application node applicable to the search, and double-click Role Catalog. (Alternately, right-click Role Catalog and select Open.)

    • In the Home area, select the Application Name and click Search from Application Roles.

    The Search Role Catalog tab is displayed as in Figure 5-5.

    Figure 5-5 Searching for Application Roles in a Role Catalog

    Description of Figure 5-5 follows
    Description of "Figure 5-5 Searching for Application Roles in a Role Catalog"

  2. Enter the following query parameters:

    • Role Name: Select an operator from the list and enter a string to match.

    • Display Name: Select an operator from the list and enter a string to match.

    • Category: Select a Role Category from the list. (Oracle Entitlements Server only supports an equals search for Role Category.)

    Optionally, select from the Saved Search drop-down list of previously saved searches. Its query parameters automatically populate the search fields. Select Personalize... to set options for previously saved searches.

  3. Optionally, click Save... to name the current query parameters.

    The named search is added to the Saved Search list.

  4. Click Search.

    All results matching the query specifications are displayed in the Search Results table as in Figure 5-6.

    Figure 5-6 Application Role Search Results

    Description of Figure 5-6 follows
    Description of "Figure 5-6 Application Role Search Results"

5.3.5 Searching Role Mapping Policies

  1. Select from the following methods to display the Search Role Mapping Policies page:

    • In the Navigation Panel, expand Applications and the named Application node applicable to the search, and double-click Role Mapping Policies. (Alternately, right-click Role Mapping Policies and select Open.)

    • In the Home area, select the Application Name and click Search from Role Mapping Policies.

      The Search Role Policies page is displayed as in Figure 5-7.

      Figure 5-7 Searching for Role Mapping Policies

      Description of Figure 5-7 follows
      Description of "Figure 5-7 Searching for Role Mapping Policies"

  2. In the Search section, enter the query parameters as follows:

    • Effect: Select the policy effect (Grant/Deny) from the list.

    • Display Name: Select an operator from the list and enter a string to match.

    • Name: Select an operator from the list and enter a string to match.

    • Role: Select an operator from the list and enter a string to match.

    • Principal: Select an operator from the list and enter a string to match.

    • Target: Select an operator from the list and enter a string to match.

  3. Click Search.

    All results matching the query specifications are displayed in the Search Results table as in Figure 5-8.

    Figure 5-8 Role Mapping Policy Search Results

    Description of Figure 5-8 follows
    Description of "Figure 5-8 Role Mapping Policy Search Results"

5.3.6 Searching Resources

A Resource can be hierarchical (a scenario in which the sub resource inherits attributes from the parent resource) or non-hierarchical. If a Resource is hierachical, its tiered-organization is shown in the Search results. To search Resources, proceed as follows:

  1. Select from the following methods to display the Search Role Mapping Policies page:

    • In the Navigation Panel, expand Applications and the named Application node applicable to the search. Expand the appropriate Policy Domain and Resource Catalog and double-click Resources. (Alternately, right-click Resources and select Open.)

    • In the Home area, select the Application Name and click Search from Resources.

      The Search Resources page is displayed as in Figure 5-9.

      Figure 5-9 Searching for Resources

      Description of Figure 5-9 follows
      Description of "Figure 5-9 Searching for Resources"

  2. Enter the following query parameters:

    • Resource Type: Select a resource type from the list. This parameter is required.

    • Display Name: Select an operator from the list and enter a string to match.

    • Name: Select an operator from the list and enter a string to match.

  3. Click Search.

    All results matching the query specifications are displayed in the Search Results table.

5.3.7 Searching Entitlements

To search Entitlements, proceed as follows:

  1. Select from the following methods to display the Search Entitlements page:

    • In the Navigation Panel, expand Applications and the named Application node applicable to the search. Expand the appropriate Policy Domain and Resource Catalog and double-click Entitlements. (Alternately, right-click Entitlements and select Open.)

    • In the Home area, select the Application Name and click Search from Entitlements. (In this case, the search is done only within the Default Policy Domain.)

    The Search Entitlements tab is displayed in the Home area as in Figure 5-10.

    Figure 5-10 Searching for Entitlements

    Description of Figure 5-10 follows
    Description of "Figure 5-10 Searching for Entitlements"

  2. Enter the following query parameters:

    • Entitlement Name: Select an operator from the list and enter a string to match.

    • Display Name: Select an operator from the list and enter a string to match.

    • Resource name: Select an operator from the list and enter a string to match.

    Optionally, select from the Saved Search drop-down list of previously saved searches. Its query parameters automatically populate the search fields. Select Personalize... to set options for previously saved searches.

  3. Optionally, click Save... to name the current query parameters.

    The name search is added to the Saved Search list.

  4. Click Search.

    All results matching the query specifications are displayed in the Search Results table.

5.3.8 Searching Authorization Policies

Authorization Policies can be searched by specifying a policy name, a principal, or a target. To search Authorization Policies, proceed as follows:

  1. Select from the following methods to display the Search Policies page:

    • In the Navigation Panel, expand Applications and the named Application node applicable to the search. Expand the appropriate Policy Domain and Resource Catalog and double-click Authorization Policies. (Alternately, right-click Authorization Policies and select Open.)

    • In the Home area, select the Application Name, and click Search under Authorization Policies. (In this case, the search is done within the Default Policy Domain.)

    The Search Policies tab is displayed in Figure 5-11.

    Figure 5-11 Searching Policies

    Description of Figure 5-11 follows
    Description of "Figure 5-11 Searching Policies"

  2. Select the search type from the Find By list.

    The query parameters change according to the selection. Options include Policy, Principal or Target. Figure 5-11 is a screenshot in which Policy is selected. Figure 5-12 is a screenshot in which Target is selected.

    Figure 5-12 Searching Polices by Target

    Description of Figure 5-12 follows
    Description of "Figure 5-12 Searching Polices by Target"

  3. Search using the option based on your previous selection.

    • To Find By: Policy, enter the following query parameters.

      • Effect: Select the policy effect (Grant/Deny) from the list.

      • Display Name: Select an operator from the list and enter a string to match.

      • Name: Select an operator from the list and enter a string to match.

      • Principal: Select an operator from the list and enter a string to match.

      • Target: Select an operator from the list and enter a string to match.

    • To Find By: Principal or Find By: Target, select an operator from the list, and enter a string to match.

      A Resource Type must be provided if the Resource or Resource Type operator is selected.

  4. Click Search.

5.3.9 Searching Attributes

To search Attributes, proceed as follows:

  1. In the Navigation Panel, expand Applications and the named Application node applicable to the search.

  2. Expand Extensions and double-click Attributes.

    Alternately, right-click Attributes and select Open. The Search Attributes page is displayed.

  3. Enter the following query parameters.

    • Display Name: Select an operator from the list and enter a string to match.

    • Name: Select an operator from the list and enter a string to match.

    • Type: Select an operator from the list and enter a string to match.

    Optionally, select from the Saved Search drop-down list of previously saved searches. Its query parameters automatically populate the search fields. Select Personalize... to set options for previously saved searches.

  4. Optionally, click Save... to name the current query parameters.

    The named search is added to the Saved Search list.

  5. Click Search.

5.3.10 Searching Functions

To search application functions, proceed as follows

  1. In the Navigation Panel, expand Applications and the named Application node applicable to the search.

  2. Expand Extensions and double-click Functions.

    Alternately, right-click Functions and select Open. The Search Functions page is displayed.

  3. Enter the following query parameters.

    • Name: Select an operator from the list and enter a string to match.

    • Display Name: Select an operator from the list and enter a string to match.

    Optionally, select from the Saved Search drop-down list of previously saved searches. Its query parameters automatically populate the search fields. Select Personalize... to set options for previously saved searches.

  4. Optionally, click Save... to name the current query parameters.

    The named search is added to the Saved Search list.

  5. Click Search.