| Oracle® Fusion Middleware Administrator's Guide for Oracle SOA Suite and Oracle Business Process Management Suite 11g Release 1 (11.1.1.7) Part Number E10226-17 |
|
|
PDF · Mobi · ePub |
| Oracle® Fusion Middleware Administrator's Guide for Oracle SOA Suite and Oracle Business Process Management Suite 11g Release 1 (11.1.1.7) Part Number E10226-17 |
|
|
PDF · Mobi · ePub |
This appendix describes role-based access and the privileges that users with the administrator, operator, and monitor roles are authorized with when accessing Oracle SOA Suite pages in Oracle Enterprise Manager Fusion Middleware Control.
This appendix includes the following sections:
For information about how to create roles, add users to groups, and secure resources with roles and policies, see Oracle Fusion Middleware Securing Resources Using Roles and Policies for Oracle WebLogic Server and the Oracle Fusion Middleware Oracle WebLogic Server Administration Console Online Help. Click the Contents link in the Console Help to access procedures for performing the above-mentioned tasks.
Oracle Enterprise Manager Fusion Middleware Control supports the notion of role-based access. Users are mapped to different roles; each role corresponds to a different set of privileges. Using this mechanism, you can provision certain users with simple monitoring privileges (for instance view-only access), while administrators can be granted full access, including the ability to update configurations, restart servers, and so on.
The following roles have been defined for Oracle WebLogic Server in Oracle Enterprise Manager Fusion Middleware Control:
This role provides complete management and monitoring capabilities.
Operator
This role provides restricted management capabilities.
Monitor
This role provides read-only capabilities.
Table C-1 lists the actions that users with each role can perform.
Table C-1 Role Functionality Matrix
| Actions | Monitor | Operator | Administrator |
|---|---|---|---|
|
View monitoring metrics |
Yes |
Yes |
Yes |
|
View configurations |
Yes |
Yes |
Yes |
|
Update configurations |
No |
No |
Yes |
|
Handle fault actions |
No |
Yes |
Yes |
|
Create instances using the Test Web Service page |
Yes Note: You can restrict the creation of composite test instances with OWSM policies. |
Yes |
Yes |
|
Start, stop, retire, and activate a composite |
No |
Yes |
Yes |
|
Execute unit tests |
No |
Yes |
Yes |
|
Attach and detach policies |
No |
No |
Yes |
|
View instances, the flow trace, and the audit trail |
Yes |
Yes |
Yes |
|
View audit trail payloads |
Yes |
Yes |
Yes |
|
Delete instances |
No |
No |
Yes |
|
Start and stop the SOA Infrastructure |
No |
Yes |
Yes |
|
Perform deployment options (deploy, undeploy, and redeploy) |
No |
Yes |
Yes |
|
Modify composite properties (enable payload and audit level) |
No |
Yes |
Yes |
|
Create partitions |
No |
No |
Yes |
|
Delete partitions |
No |
No |
Yes |
|
Bulk composite lifecycle management (start all, stop all, retire all, and activate all) |
No |
Yes |
Yes |
Note:
When you select the WebLogic Domain folder in the navigator, the WebLogic Domain menu is displayed at the top of the page. The Application Deployment option in this menu enables you to deploy Java EE applications if you have the administrator role. A user with the operator role cannot deploy Java EE applications.
Table C-2 lists the lowest role that a user must have to access this page and the privileges that each role has on this page.
Table C-2 SOA Infrastructure Page
| Page Elements | Lowest Role for Accessing | Monitor | Operator | Administrator |
|---|---|---|---|---|
|
View Dashboard tab |
Monitor |
Yes |
Yes |
Yes |
|
View Deployed Composites tab
|
Monitor Operator Operator Operator Operator |
Yes No No No No |
Yes Yes Yes Yes Yes |
Yes Yes Yes Yes Yes |
|
View Instances tab
|
Monitor Administrator Administrator |
Yes No No |
Yes No No |
Yes Yes Yes |
|
View Faults and Rejected Messages tab
|
Monitor Operator Administrator |
Yes No No |
Yes Yes No |
Yes Yes Yes |
Table C-3 lists the lowest role that a user must have to access the options on this menu and the privileges that each role has on the menu options.
Table C-4 lists the lowest role that a user must have to access the options on this menu and the privileges that each role has on the menu options.
Table C-5 lists the lowest role that a user must have to access this page and the privileges that each role has on this page.
Table C-5 Composite Home Page
| Page Elements | Lowest Role for Accessing | Monitor | Operator | Administrator |
|---|---|---|---|---|
|
View Dashboard tab
|
Monitor Operator Operator Operator Operator |
Yes Yes No No No |
Yes Yes Yes Yes Yes |
Yes Yes Yes Yes Yes |
|
View Instances tab
|
Monitor Administrator |
Yes No |
Yes No |
Yes Yes |
|
View Faults tab
|
Monitor Operator Administrator |
Yes No No |
Yes Yes No |
Yes Yes Yes |
|
View Unit Test tab
|
Monitor Operator |
Yes No |
Yes Yes |
Yes Yes |
|
View Policies tab
|
Monitor Administrator |
Yes No |
Yes No |
Yes Yes |
Table C-6 lists the lowest role that a user must have to access this page and the privileges that each role has on this page.
Table C-6 BPEL Process Service Engine
| Menu Items | Lowest Role for Accessing | Monitor | Operator | Administrator |
|---|---|---|---|---|
|
View Dashboard tab |
Monitor |
Yes |
Yes |
Yes |
|
View Statistics tab |
Monitor |
Yes |
Yes |
Yes |
|
View Instances tab |
Monitor |
Yes |
Yes |
Yes |
|
View Faults tab
|
Monitor Operator |
Yes No |
Yes Yes |
Yes Yes |
|
View Deployed Components tab |
Monitor |
Yes |
Yes |
Yes |
|
Message Recovery tab
|
Monitor Operator |
Yes No |
Yes Yes |
Yes Yes |
|
View Configuration (Properties page)
|
Monitor Administrator Administrator |
Yes No No |
Yes No No |
Yes Yes Yes |
Table C-7 lists the lowest role that a user must have to access this page and the privileges that each role has on this page.
Table C-7 Mediator Service Engine
| Page Elements | Lowest Role for Accessing | Monitor | Operator | Administrator |
|---|---|---|---|---|
|
View Dashboard tab |
Monitor |
Yes |
Yes |
Yes |
|
View Statistics tab |
Monitor |
Yes |
Yes |
Yes |
|
View Instances tab |
Monitor |
Yes |
Yes |
Yes |
|
View Faults tab
|
Monitor Operator |
Yes No |
Yes Yes |
Yes Yes |
|
View Deployed Components tab |
Monitor |
Yes |
Yes |
Yes |
|
View Configuration (Properties page) |
Monitor |
Yes |
Yes |
Yes |
|
Apply button |
Administrator |
No |
No |
Yes |
Table C-8 lists the lowest role that a user must have to access this page and the privileges that each role has on this page.
Table C-8 Human Workflow Service Engine
| Page Elements | Lowest Role for Accessing | Monitor | Operator | Administrator |
|---|---|---|---|---|
|
View Dashboard tab |
Monitor |
Yes |
Yes |
Yes |
|
View Statistics tab |
Monitor |
Yes |
Yes |
Yes |
|
View Instances tab |
Monitor |
Yes |
Yes |
Yes |
|
View Faults tab
|
Monitor Operator |
Yes No |
Yes Yes |
Yes Yes |
|
View Deployed Components tab |
Monitor |
Yes |
Yes |
Yes |
|
View Notification Management tab
|
Monitor Administrator |
Yes No |
Yes No |
Yes Yes |
|
Configuration (Properties page)
|
Monitor Administrator |
Yes No |
Yes No |
Yes Yes |
Table C-9 lists the lowest role that a user must have to access this page and the privileges that each role has on this page.
Table C-10 lists the lowest role that a user must have to access this page and the privileges that each role has on this page.
Table C-10 BPEL Process Service Component Home Page
| Page Elements | Lowest Role for Accessing | Monitor | Operator | Administrator |
|---|---|---|---|---|
|
View Dashboard tab |
Monitor |
Yes |
Yes |
Yes |
|
View Instances tab |
Monitor |
Yes |
Yes |
Yes |
|
View Faults tab
|
Monitor Operator |
Yes No |
Yes Yes |
Yes Yes |
|
View Policies tab
|
Monitor Administrator |
Yes No |
Yes No |
Yes Yes |
Table C-11 lists the lowest role that a user must have to access this page and the privileges that each role has on this page.
Table C-11 Mediator Service Component Home Page
| Page Elements | Lowest Role for Accessing | Monitor | Operator | Administrator |
|---|---|---|---|---|
|
View Dashboard tab |
Monitor |
Yes |
Yes |
Yes |
|
View Instances tab |
Monitor |
Yes |
Yes |
Yes |
|
View Faults tab
|
Monitor Operator |
Yes No |
Yes Yes |
Yes Yes |
|
View Policies tab
|
Monitor Administrator |
Yes No |
Yes No |
Yes Yes |
Table C-12 lists the lowest role that a user must have to access this page and the privileges that each role has on this page.
Table C-12 Human Task Service Component Home Page
| Page Elements | Lowest Role for Accessing | Monitor | Operator | Administrator |
|---|---|---|---|---|
|
View Dashboard tab |
Monitor |
Yes |
Yes |
Yes |
|
View Instances tab |
Monitor |
Yes |
Yes |
Yes |
|
View Faults tab
|
Monitor Operator |
Yes No |
Yes Yes |
Yes Yes |
|
View Policies tab
|
Monitor Administrator |
Yes No |
Yes No |
Yes Yes |
|
View Administration tab
|
Monitor Administrator |
Yes No |
Yes No |
Yes Yes |
Table C-13 lists the lowest role that a user must have to access this page and the privileges that each role has on this page.
Table C-13 Decision Service Component Home Page
| Page Elements | Lowest Role for Accessing | Monitor | Operator | Administrator |
|---|---|---|---|---|
|
View Dashboard tab |
Monitor |
Yes |
Yes |
Yes |
|
View Instances tab |
Monitor |
Yes |
Yes |
Yes |
|
View Faults tab
|
Monitor Operator |
Yes No |
Yes Yes |
Yes Yes |
|
View Policies tab
|
Monitor Administrator |
Yes No |
Yes No |
Yes Yes |
Table C-14 lists the lowest role that a user must have to access this page and the privileges that each role has on this page.
Table C-15 lists the lowest role that a user must have to access this page and the privileges that each role has on this page.
Table C-15 Audit Trail Page
| Page Elements | Lowest Role for Accessing | Monitor | Operator | Administrator |
|---|---|---|---|---|
|
View Audit Trail tab
|
Monitor Monitor |
Yes Yes |
Yes Yes |
Yes Yes |
|
View Flow Debug tab |
Monitor |
Yes |
Yes |
Yes |
|
View Sensors tab |
Monitor |
Yes |
Yes |
Yes |
|
View Fault Recovery tab
|
Monitor Operator |
Yes No |
Yes Yes |
Yes Yes |
Table C-16 lists the lowest role that a user must have to access this page and the privileges that each role has on this page.
Table C-16 Services Home Page
| Page Elements | Lowest Role for Accessing | Monitor | Operator | Administrator |
|---|---|---|---|---|
|
View Dashboard tab |
Monitor |
Yes |
Yes |
Yes |
|
View Policies tab
|
Monitor Administrator |
Yes No |
Yes No |
Yes Yes |
|
View Faults tab
|
Monitor Administrator |
Yes No |
Yes No |
No Yes |
|
View Properties
|
Monitor Administrator Administrator |
Yes No No |
Yes No No |
Yes Yes Yes |
Table C-17 lists the lowest role that a user must have to access this page and the privileges that each role has on this page.
Table C-17 References Home Page
| Page Elements | Lowest Role for Accessing | Monitor | Operator | Administrator |
|---|---|---|---|---|
|
View Dashboard tab |
Monitor |
Yes |
Yes |
Yes |
|
View Policies tab
|
Monitor Administrator |
Yes No |
Yes No |
Yes Yes |
|
View Faults tab
|
Monitor Administrator |
Yes No |
Yes No |
Yes Yes |
|
View Properties
|
Monitor Administrator Administrator |
Yes No No |
Yes No No |
Yes Yes Yes |
Table C-18 lists the lowest role that a user must have to access these pages and the privileges that each role has on these pages.
Table C-19 lists the lowest role that a user must have to access this page and the privileges that each role has on this page.
Table C-19 Business Events Page
| Page Elements | Lowest Role for Accessing | Monitor | Operator | Administrator |
|---|---|---|---|---|
|
View Events tab
|
Monitor Administrator Monitor |
Yes No Yes |
Yes No Yes |
Yes Yes Yes |
|
View Subscriptions tab
|
Monitor Administrator Administrator |
Yes No No |
Yes No No |
Yes Yes Yes |
|
View Faults tab
|
Monitor Operator |
Yes No |
Yes Yes |
Yes Yes |
Table C-20 lists the lowest role that a user must have to access this browser and the privileges that each role has on this page.
|
 Copyright © 2006, 2013, Oracle and/or its affiliates. All rights reserved. Legal Notices |
|
