|
|
|
|
Set up permissions for the credential store
Note: Oracle recommends using WebLogic 12.1.3 and Java 1.8. If you are upgrading from Empirica Signal 8.0 and you have decided to not use WebLogic 12.1.3 with Java 1.8, skip this section.
You create security grants in the Oracle WebLogic server console to enable the Empirica Signal application to access the credential store. Otherwise, the application cannot start, and users cannot log in.
- In an Internet browser, navigate to Oracle Enterprise Manager console, for example:
https://<server_name>:7002/em
- Log in using the WebLogic Server administrator credentials provided to you by the system administrator.
The Oracle Enterprise Manager console appears.
- In the navigation pane, expand WebLogic Domain, and select domain, such as empirica.
- Below the page title, expand the WebLogic Domain menu, select Security, and then select System Policies.
The System Policies page appears.
- Create a security grant for the Empirica Signal codebase:
- In the System Policies table, click Create.
The Create System Grant page appears.
- In the Codebase field, enter the case-sensitive codebase, for example:
file:${oracle.deployed.app.dir}/Signal${oracle.deployed.app.ext}
Note: Use the codebase value in the example unless the context root value is different from the default value of Signal. For more information, see Create the Empirica Signal deployment on the WebLogic server.
- In the System Policies table, click Create.
- Add a permission to the security grant for Empirica Signal:
- Click Add.
The Add Permission page appears.
- At the bottom of the page, select Select here to enter details for a new permission.
- Fill in the fields as follows.
- Permission Class—oracle.security.jps.service.credstore.CredentialAccessPermission
- Resource Name—context=SYSTEM,mapName=<MAP_NAME>,keyName=*
where <MAP_NAME> is the map you created for the Empirica Signal application credentials, for example, oracle.hsgbu.empiricasignal. For more information, see Store the Empirica Signal database and Empirica Topics credentials in Oracle Enterprise Manager.
- Permission Actions—read
- Click OK.
The Create System Grant page reappears.
- Click OK.
The permission is saved, and the System Policies page reappears.
- Click Add.
- Search for the security grant you just created:
- From the Name drop-down list, select Includes.
- In the search field, enter Signal or the application context root.
For more information, see Create the Empirica Signal deployment on the WebLogic server.
- Click Search.
The security grant appears in the table.
- Create a security grant for the Empirica Signal WebLogic domain codebase based on the security grant you searched for:
- In the table, select the security grant, and click Create Like.
The Create System Grant Like page appears.
- In the Codebase field, enter the case-sensitive codebase, for example:
file:${domain.home}/servers/${weblogic.Name}/stage/Signal/Signal${oracle.deployed.app.ext}
Note: Use the codebase value as is unless you plan to use a context root value other than the default value of Signal. For more information, see Create the Empirica Signal deployment in WebLogic.
- Click OK.
The security grant is created.
- In the table, select the security grant, and click Create Like.
- Follow the previous two steps to create security grants for the following codebases.
- WebLogic Server codebase (if you are using WebLogic 11g):
file:${wls.home}/../../patch_wls1036/patch_jars/-
Note: This codebase indicates the directory where you installed the patch for WebLogic.
- Empirica Topics service codebase:
file:${oracle.deployed.app.dir}/TopicsService${oracle.deployed.app.ext}
- Empirica Topics WebLogic domain codebase:
file:${domain.home}/servers/${weblogic.Name}/stage/TopicsService${oracle.deployed.app.ext}
- WebLogic Server codebase (if you are using WebLogic 11g):
