Create a user who only can view the JMS Messages and can not create, delete, move or import JMS Messages, and can not monitor other resources.
The following are the steps to allow Non Admin role users to monitor JMS resources:
1. In the left pane, select Security Realm.
2. Select <your_realm_name>.
3. In "Configuration" tab, check "Use Authorization Providers to Protect JMX Access", click save and then activate changes.
4. Restart the server.
5. In the left pane, select Security Realm.
6. Select <your_realm_name>.
7. Go to "Users and Groups".
8. In users, create a new user (such as say "jmsmonitor")
9. Adding it to group "Monitors":
a. Select <your_realm_name>.
b. Select "Users and Groups".
c. Click on user name, in right pane select "Groups".
d. From Parent Groups, select monitors, click arrow pointing right side.
10. Go to "Roles and Policies" - > Realm Policies
11. In Policy table, select "JMX Policy Editor".
12. Select "Global Scope", click next.
13. From MBean Types, select "weblogic.management.runtime"
14. Select "JMSDestinationRuntimeMBean", click next.
15. In Attributes and Operations, expand "Operations: Permission to Invoke".
16. Select "getCursorEndPosition" operation.
17. Click on "Create Policy" button
18. Click on "Add Condition", Select "User" in "Predicate List", click next, type User Argument Name (jmsmonitor), say add. Click "Finish"
19. Click on "Add Condition", Select Role in "Predicate List", click next, type Role Argument Name (Admin), say add. Click "Finish"
20. Select "Or" between Role:Admin and User:jmsmonitor and Click "Save"
21. Repeat step 10~19 for set the following operations.
a. getCursorSize
b. getCursorStartPosition
c. getItems
d. getMessage
e. getMessages
f. getNext
g. getPrevious
h. sort
22 - Logout weblogic user and login with the new user.
23 - Go to the created module and click on the created queue
24 - Click on Monitoring tab
25 - Click on the check box associated to the queue and them Show Message button
This BLOG focuses on "hands on approach" around AWS, OCI Oracle Cloud Infrastructure, Dev/Ops, MicroServices, OKTA, Oracle Fusion Middleware, Oracle Service Bus, Oracle AIA, Oracle SOA Suite, Oracle SOA Cloud/Developer Cloud, Oracle Identity Management including OID, OAM, OIM, OSSO, Oracle Big Data, WLST Scripts and Oracle Edifecs B2B Engine for HIPAA/HL7/X12/EDIFACT EDI., Kafka, Spark, Spring Boot, DevOps, AWS, GCP and Oracle Cloud
Subscribe to:
Posts (Atom)
Amazon Bedrock and AWS Rekognition comparison for Image Recognition
Both Amazon Bedrock and AWS Rekognition are services provided by AWS, but they cater to different use cases, especially when it comes to ...
-
Oracle Service Bus 11g 11.1.1.8 : How to export an OSB project from OSB console and import it in OEPE 1.) On the Right Hand Side pane, sel...
-
Oracle Cloud Infrastructure (OCI) provides a comprehensive set of infrastructure services that enable you to build and run a wide range of...
-
Healthcare Information Extraction Using Amazon Bedrock Client : Leading Healthcare Provider Project Overview : This project was developed fo...