Thursday, 23 October 2008

Oracle IAS 10g 10.1.3.x Mapping j2ee security roles to OID groups

Today I feel like I have touched down the deepest bottom of applied j2ee. I have spend two hours trying to figure out why mapping of j2ee application roles -- defined in `/META-INF/jazn-data.xml -- to Internet directory groups did not work and all it required was just to restart the OC4J instance. And although I knew the peeps in a Jeep joke, it took me two hours to finally get out and back in again, i.e. do the restart and get over with it.

To be honest, I have always wanted to do that simply by matching j2ee roles and OID groups and then use something as simple as my UserInfo bean to determine allowed user actions. The truth of the matter is that until today I always gave it up after running into the 403 Forbidden reply from Apache popping out after accessing the application..

Anyway, enough with grumbling, my advice to anyone interested in performing the same is: Just when you think you 've finished changing the applications security provider, setting up mappings and deploying the application do a final restart to the instance.

No comments :