The loading of OPSS java security policy provider failed due to exception in Weblogic

Here We will be discussing multiple scenario’s and OPSS related issues/errors seen in log files while starting the servers

Scenario 1, OPSS Error:

If you are seeing below errors and unable to start admin server, then please follow below steps.

<BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: The loading of OPSS java security policy provider failed due to exception
####<Jan 19, 2012 1:25:40 PM EST> <Critical> <WebLogicServer> <crystalserver.nl> <AdminServer> <Main Thread> <> <> <> <1332387340643> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: The loading of OPSS java security policy provider failed due to exception, see the exception stack trace or the server log file for root cause. If still see no obvious cause, enable the debug flag -Djava.security.debug=jpspolicy to get more information. Error message: oracle.security.jps.JpsException: [PolicyUtil] Exception while getting default policy Provider
weblogic.security.SecurityInitializationException: The loading of OPSS java security policy provider failed due to exception, see the exception stack trace or the server log file for root cause. If still see no obvious cause, enable the debug flag -Djava.security.debug=jpspolicy to get more information. Error message: oracle.security.jps.JpsException: [PolicyUtil] Exception while getting default policy Provider
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadOPSSPolicy(CommonSecurityServiceManagerDelegateImpl.java:1398)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1018)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:873)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
Caused By: oracle.security.jps.JpsRuntimeException: oracle.security.jps.JpsException: [PolicyUtil] Exception while getting default policy Provider
at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:293)
at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:284)
:
.

Caused By: oracle.security.jps.JpsException: [PolicyUtil] Exception while getting default policy Provider
at oracle.security.jps.internal.policystore.PolicyUtil.getDefaultPolicyStore(PolicyUtil.java:899)
at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:291)
at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:285)
at oracle.security.jps.internal.policystore.JavaPolicyProvider.<init>(JavaPolicyProvider.java:270)
:
.

Caused By: java.security.PrivilegedActionException: oracle.security.jps.JpsException: [PolicyUtil] Unable to obtain default JPS Context!
at oracle.security.jps.internal.policystore.PolicyUtil.getDefaultPolicyStore(PolicyUtil.java:844)
at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:291)
at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:285)
at oracle.security.jps.internal.policystore.JavaPolicyProvider.<init>(JavaPolicyProvider.java:270)
:.

Caused By: oracle.security.jps.JpsException: [PolicyUtil] Unable to obtain default JPS Context!
at oracle.security.jps.internal.policystore.PolicyUtil$1.run(PolicyUtil.java:860)
at oracle.security.jps.internal.policystore.PolicyUtil$1.run(PolicyUtil.java:844)
at oracle.security.jps.internal.policystore.PolicyUtil.getDefaultPolicyStore(PolicyUtil.java:844)
at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:291)
at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:285)
at oracle.security.jps.internal.policystore.JavaPolicyProvider.<init>(JavaPolicyProvider.java:270)
:
.
Caused By: oracle.security.jps.JpsRuntimeException: Cannot read from policy store.
at oracle.security.jps.internal.policystore.xml.XmlPolicyStore.buildFromFile(XmlPolicyStore.java:440)
at oracle.security.jps.internal.policystore.xml.XmlPolicyStore.<init>(XmlPolicyStore.java:227)
at oracle.security.jps.internal.policystore.xml.XmlPolicyStoreProvider.getInstance(XmlPolicyStoreProvider.java:100)
at oracle.security.jps.internal.policystore.xml.XmlPolicyStoreProvider.getInstance(XmlPolicyStoreProvider.java:74)
at oracle.security.jps.internal.core.runtime.ContextFactoryImpl.findServiceInstance(ContextFactoryImpl.java:139)
at oracle.security.jps.internal.core.runtime.ContextFactoryImpl.getContext(ContextFactoryImpl.java:170)
at oracle.security.jps.internal.core.runtime.ContextFactoryImpl.getContext(ContextFactoryImpl.java:191)
at oracle.security.jps.internal.core.runtime.JpsContextFactoryImpl.getContext(JpsContextFactoryImpl.java:132)
at oracle.security.jps.internal.core.runtime.JpsContextFactoryImpl.getContext(JpsContextFactoryImpl.java:127)
at oracle.security.jps.internal.policystore.PolicyUtil$1.run(PolicyUtil.java:850)
at oracle.security.jps.internal.policystore.PolicyUtil$1.run(PolicyUtil.java:844)
at oracle.security.jps.internal.policystore.PolicyUtil.getDefaultPolicyStore(PolicyUtil.java:844)
at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:291)
at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:285)
at oracle.security.jps.internal.policystore.JavaPolicyProvider.<init>(JavaPolicyProvider.java:270)
:
.
Caused By: java.lang.NullPointerException
at oracle.security.jps.internal.policystore.xml.XmlPolicyStoreUtil.convertGranteeEntryToEntity(XmlPolicyStoreUtil.java:1364)
at oracle.security.jps.internal.policystore.xml.XmlPolicyStoreUtil.convertGrantEntryToEntity(XmlPolicyStoreUtil.java:1386)
at oracle.security.jps.internal.policystore.xml.XmlPolicyStoreUtil.convertJavaPolicyEntryToEntity(XmlPolicyStoreUtil.java:1326)
at oracle.security.jps.internal.policystore.xml.StaxPolicyStoreParser.processAppPolicy(StaxPolicyStoreParser.java:552)
at oracle.security.jps.internal.policystore.xml.StaxPolicyStoreParser.processPolicyStore(StaxPolicyStoreParser.java:384)
at oracle.security.jps.internal.core.datastore.xml.XmlDataStoreParser.getDataStoreEntryStax(XmlDataStoreParser.java:120)
at oracle.security.jps.internal.core.datastore.xml.XmlDataStoreParser.getDataStoreEntry(XmlDataStoreParser.java:180)
at oracle.security.jps.internal.core.datastore.xml.XmlDataStoreParser.getDataStoreEntry(XmlDataStoreParser.java:187)
at oracle.security.jps.internal.core.datastore.xml.XmlDataStore.loadXmlDataStore(XmlDataStore.java:418)
at oracle.security.jps.internal.core.datastore.xml.XmlDataStore.<init>(XmlDataStore.java:283)
at oracle.security.jps.internal.core.datastore.xml.XmlDataStore.getInstance(XmlDataStore.java:216)
at oracle.security.jps.internal.policystore.xml.XmlPolicyStore.buildFromFile(XmlPolicyStore.java:436)
at oracle.security.jps.internal.policystore.xml.XmlPolicyStore.<init>(XmlPolicyStore.java:227)
at oracle.security.jps.internal.policystore.xml.XmlPolicyStoreProvider.getInstance(XmlPolicyStoreProvider.java:100)
at oracle.security.jps.internal.policystore.xml.XmlPolicyStoreProvider.getInstance(XmlPolicyStoreProvider.java:74)
at oracle.security.jps.internal.core.runtime.ContextFactoryImpl.findServiceInstance(ContextFactoryImpl.java:139)
at oracle.security.jps.internal.core.runtime.ContextFactoryImpl.getContext(ContextFactoryImpl.java:170)
at oracle.security.jps.internal.core.runtime.ContextFactoryImpl.getContext(ContextFactoryImpl.java:191)
at oracle.security.jps.internal.core.runtime.JpsContextFactoryImpl.getContext(JpsContextFactoryImpl.java:132)
at oracle.security.jps.internal.core.runtime.JpsContextFactoryImpl.getContext(JpsContextFactoryImpl.java:127)
at oracle.security.jps.internal.policystore.PolicyUtil$1.run(PolicyUtil.java:850)
at oracle.security.jps.internal.policystore.PolicyUtil$1.run(PolicyUtil.java:844)
at oracle.security.jps.internal.policystore.PolicyUtil.getDefaultPolicyStore(PolicyUtil.java:844)
at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:291)
at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:284)
at oracle.security.jps.internal.policystore.JavaPolicyProvider.<init>(JavaPolicyProvider.java:270)

Replace the system-jazn-data.xml file with old back up and restart the servers it will work.

Note: system-jazn-data.xml is where application information is stored.
The system-jazn-data.xml is an XML file which is configured by the user to use as an ID store and/or policy store. The file is located in $DOMAIN_HOME/config/fmwconfig or  [WL_HOME]/user_projects/domains/[your_domain]/config/oracle/

2nd Scenario OPSS Error and Cause:

If following error is in managed server log when starting up managed server :

<Jul 11, 2011 2:15:33 PM EDT> <Error> <Security> <BEA-090892> <The dynamic loading of the OPSS java security policy provider class oracle.security.jps.internal.policystore.JavaPolicyProvider failed due to problem inside OPSS java security policy provider. Exception was thrown when loading or setting the JPSS policy provider. Enable the debug flag -Djava.security.debug=jpspolicy to get more information. Error message: JPS-04301: Cannot read from policy store.>
<Jul 11, 2011 2:15:33 PM EDT> <Critical> <WebLogicServer> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: The dynamic loading of the OPSS java security policy provider class oracle.security.jps.internal.policystore.JavaPolicyProvider failed due to problem inside OPSS java security policy provider. Exception was thrown when loading or setting the JPSS policy provider. Enable the debug flag -Djava.security.debug=jpspolicy to get more information. Error message: JPS-04301: Cannot read from policy store.
weblogic.security.SecurityInitializationException: The dynamic loading of the OPSS java security policy provider class oracle.security.jps.internal.policystore.JavaPolicyProvider failed due to problem inside OPSS java security policy provider. Exception was thrown when loading or setting the JPSS policy provider. Enable the debug flag -Djava.security.debug=jpspolicy to get more information. Error message: JPS-04301: Cannot read from policy store.
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadOPSSPolicy(CommonSecurityServiceManagerDelegateImpl.java:1394)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1018)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:875)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
Truncated. see log file for

Behavior was caused because of the jps-config.xml file being corrupt or was restored from a backup which did not have the correct entries.

jps-config.xml file did not have entries for policystore which is correct. Hence the error saying could not read from policy store

Probable Solution:

The solution to fix this error is to restore the entire fmwconfig/config folder instead of just replacing jps-config.xml file. With this the managed server startedup fine.

3rd Scenario, OPSS Error and Cause:

WebLogic Server 10.3 running an Oracle Platform Security Services (OPSS) domain fails to start up following a non-critical disk failure.

For example, the hard disk filled up due to excessive logging, or there was a low-level disk write error. After recovering from this, the WebLogic Admin Server fails to start up, and the following is seen in the Admin Server output and log file:

<Mar 21, 2012 12:42:14 PM EDT> <Error> <Security> <BEA-090892> <The dynamic loading of the OPSS java security policy provider class oracle.security.jps.internal.policystore.JavaPolicyProvider failed due to problem inside OPSS java security policy provider. Exception was thrown when loading or setting the JPSS policy provider. Enable the debug flag -Djava.security.debug=jpspolicy to get more information. Error message: JPS-01538: The default policy provider was not found.>
<Mar 21, 2012 12:42:14 PM EDT> <Critical> <WebLogicServer> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: The dynamic loading of the OPSS java security policy provider class oracle.security.jps.internal.policystore.JavaPolicyProvider failed due to problem inside OPSS java security policy provider. Exception was thrown when loading or setting the JPSS policy provider. Enable the debug flag -Djava.security.debug=jpspolicy to get more information. Error message: JPS-01538: The default policy provider was not found.
weblogic.security.SecurityInitializationException: The dynamic loading of the OPSS java security policy provider class oracle.security.jps.internal.policystore.JavaPolicyProvider failed due to problem inside OPSS java security policy provider. Exception was thrown when loading or setting the JPSS policy provider. Enable the debug flag -Djava.security.debug=jpspolicy to get more information. Error message: JPS-01538: The default policy provider was not found.
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadOPSSPolicy(CommonSecurityServiceManagerDelegateImpl.java:1394)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1018)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:875)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
Truncated. see log file for complete stacktrace

Root Cause Of Issue:

The following JPS (Java Platform Security) configuration file is empty (0 bytes long):

/config/fmwconfig/system-jazn-data.xml

If the disk failure occurred while WebLogic was updating this file, then the Admin Server will crash leaving this file empty.

Probable Solution:

JPS file system-jazn-data.xml is the container of the default JPS policies, and it’s critical to OPSS.

If you have a recent system backup, then copy over this file from the backup to your OPSS domain.

If you don’t have a recent backup, then you can copy over the above file from a similarly configured domain.

4th Scenario, OPSS Error and Cause:

WebLogic 10.3.4 server instance startup failing with below “oracle.security.jps.service.credstore.CredStoreException” exception was reported.

####<Jan 22, 2012 3:53:40 PM EDT> <Error> <Security> <tp018872> <AdminServer> <[ACTIVE] ExecuteThread: ‘0’ for queue: ‘weblogic.kernel.Default (self-tuning)’> <> <> <> <1317844420940> <BEA-090892> <The loading of OPSS java security policy provider failed due to exception, see the exception stack trace or the server log file for root cause.

If still see no obvious cause, enable the debug flag -Djava.security.debug=jpspolicy to get more information.
Error message: oracle.security.jps.JpsException: [PolicyUtil] Exception while getting default policy Provider>

Caused By: oracle.security.jps.service.credstore.CredStoreException: JPS-01050: Opening of wallet based credential store failed. Reason java.io.IOException: PKI-02002: Unable toopen the wallet. Check password.
at oracle.security.jps.internal.credstore.ssp.CsfWalletManager.openWallet(CsfWalletManager.java:177)
at oracle.security.jps.internal.credstore.ssp.SspCredentialStore.doInit(SspCredentialStore.java:218)
at oracle.security.jps.internal.credstore.ssp.SspCredentialStore.<init>(SspCredentialStore.java:140)
at oracle.security.jps.internal.credstore.ssp.SspCredentialStore.<init>(SspCredentialStore.java:127)

Root Cause:

This weblogic server instance failed startup was caused because of “cwallet.sso” OPSS security wallet file inside “/config/fmwconfig/bootstrap” directory corruption. The cwallet.sso file size was 0 bytes in size which caused server startup issue.

Probable Solution:

To resolve this issue copy cwalltet.sso wallet file inside “/config/fmwconfig” directory to “”/config/fmwconfig/bootstrap” directory and restart the server instance.

5th Scenario, OPSS Error and Cause:

AdminServer failed to start with below error in log file

<Error> <Security> <sudo998as.com> <AdminServer> <[ACTIVE] ExecuteThread: ‘0’ for queue: ‘weblogic.kernel.Default (self-tuning)’> <> <> <> <1286804914730> <BEA-090892> <The dynamic loading of the OPSS java security policy provider class oracle.security.jps.internal.policystore.JavaPolicyProvider failed due to problem inside OPSS java security policy provider.

Exception was thrown when loading or setting the JPSS policy provider.
Enable the debug flag -Djava.security.debug=jpspolicy to get more information.
Error message: oracle.security.jps.JpsException: [PolicyUtil] Exception while getting default policy Provider>

at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadOPSSPolicy(CommonSecurityServiceManagerDelegateImpl.java:1394)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1018)
…more
Caused By: oracle.security.jps.JpsRuntimeException: oracle.security.jps.JpsException: [PolicyUtil] Exception while getting default policy Provider
at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:256)
at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:248)
…more
Caused By: oracle.security.jps.JpsException: [PolicyUtil] Exception while getting default policy Provider
at oracle.security.jps.internal.policystore.PolicyUtil.getDefaultPolicyStore(PolicyUtil.java:675)
at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:254)
…more
Caused By: java.security.PrivilegedActionException: oracle.security.jps.JpsException: [PolicyUtil] Unable to obtain default JPS Context!
at java.security.AccessController.doPrivileged(Native Method)
at oracle.security.jps.internal.policystore.PolicyUtil.getDefaultPolicyStore(PolicyUtil.java:622)
at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:254)
…more
Caused By: oracle.security.jps.JpsException: [PolicyUtil] Unable to obtain default JPS Context!
at oracle.security.jps.internal.policystore.PolicyUtil$1.run(PolicyUtil.java:637)
at oracle.security.jps.internal.policystore.PolicyUtil$1.run(PolicyUtil.java:622)
at java.security.AccessController.doPrivileged(Native Method)
at oracle.security.jps.internal.policystore.PolicyUtil.getDefaultPolicyStore(PolicyUtil.java:622)
at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:254)
at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:248)
…more
Caused By: oracle.security.jps.JpsRuntimeException: Cannot read from policy store.
at oracle.security.jps.internal.policystore.xml.XmlPolicyStore.buildFromFile(XmlPolicyStore.java:286)
at oracle.security.jps.internal.policystore.xml.XmlPolicyStore.<init>(XmlPolicyStore.java:165)
at oracle.security.jps.internal.policystore.xml.XmlPolicyStoreProvider.getInstance(XmlPolicyStoreProvider.java:104)
…more
Caused By: oracle.security.jps.JpsRuntimeException: javax.xml.stream.XMLStreamException: javax.xml.stream.XMLStreamException: Premature end of file encountered
at oracle.security.jps.internal.core.datastore.xml.XmlDataStoreParser.getDataStoreEntryStax(XmlDataStoreParser.java:167)
at oracle.security.jps.internal.core.datastore.xml.XmlDataStoreParser.getDataStoreEntry(XmlDataStoreParser.java:182)
…more
Caused By: javax.xml.stream.XMLStreamException: javax.xml.stream.XMLStreamException: Premature end of file encountered
at weblogic.xml.stax.XMLStreamReaderBase.prime(XMLStreamReaderBase.java:80)
at weblogic.xml.stax.XMLStreamReaderBase.setInput(XMLStreamReaderBase.java:99)
at weblogic.xml.stax.XMLStreamInputFactory.createXMLStreamReader(XMLStreamInputFactory.java:316)
at oracle.security.jps.internal.core.datastore.xml.XmlDataStoreParser.getDataStoreEntryStax(XmlDataStoreParser.java:99)
at oracle.security.jps.internal.core.datastore.xml.XmlDataStoreParser.getDataStoreEntry(XmlDataStoreParser.java:182)
at oracle.security.jps.internal.core.datastore.xml.XmlDataStoreParser.getDataStoreEntry(XmlDataStoreParser.java:226)
at oracle.security.jps.internal.core.datastore.xml.XmlDataStore.loadXmlDataStore(XmlDataStore.java:391)
…more
Caused By: javax.xml.stream.XMLStreamException: Premature end of file encountered
at weblogic.xml.stax.XMLStreamReaderBase.prime(XMLStreamReaderBase.java:69)
at weblogic.xml.stax.XMLStreamReaderBase.setInput(XMLStreamReaderBase.java:99)
at weblogic.xml.stax.XMLStreamInputFactory.createXMLStreamReader(XMLStreamInputFactory.java:316)
at oracle.security.jps.internal.core.datastore.xml.XmlDataStoreParser.getDataStoreEntryStax(XmlDataStoreParser.java:99)
at oracle.security.jps.internal.core.datastore.xml.XmlDataStoreParser.getDataStoreEntry(XmlDataStoreParser.java:182)
…more

<Notice> <WebLogicServer> <sudo998as.com> <AdminServer> <main> <> <> <> <1286805363732> <BEA-000365> <Server state changed to FAILED>
####<2010-10-11 15:56:03 CEST> <Error> <WebLogicServer> <sudo998as.com> <AdminServer> <main> <> <> <> <1286805363733> <BEA-000383> <A critical service failed. The server will shut itself down>

RootCause:

Looking for the OPSS config files in the file system:/config/fmwconfig/system-jazn-data.xml was empty . 0 bytes

Root exception of the error reported shows

Caused By: javax.xml.stream.XMLStreamException: Premature end of file encountered
at weblogic.xml.stax.XMLStreamReaderBase.prime(XMLStreamReaderBase.java:69)

Probable Solution

This file can be copied from any of the managed servers in the same domain.
If there isn’t any other copy in the domain it must be recovered from recent backup.

Sample system-jazn-data.xml file for your reference:

<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<jazn-data>
<jazn-realm>
<realm>
<name>jazn.com</name>
<users>
<user>
<name>weblogic</name>
<guid>23AAB190021911DDBF86C74F01C202FB</guid>
<credentials>PN0Qr+/dpDRV+jSWP378EdjxWDS0PuAs=</credentials>
</user>
</users>
</realm>
</jazn-realm>
<policy-store>
<applications>
<application>
<name>reports</name>
<app-roles>
<app-role>
<name>rw_administrator</name>
<display-name>Reports Administrator</display-name>
<class>oracle.security.jps.service.policystore.ApplicationRole</class>
<members>
<member>
<class>oracle.security.jps.internal.core.principals.JpsXmlUserImpl</class>
<name>weblogic</name>
</member>
<member>
<class> weblogic.security.principal.WLSUserImpl </class>
<name>weblogic</name>
</member>
</members>
</app-role>
<app-role>
<name>rw_operator</name>
<display-name>Reports Operator</display-name>
<class>oracle.security.jps.service.policystore.ApplicationRole</class>
</app-role>
<app-role>
<name>rw_monitor</name>
<display-name>Reports Monitor</display-name>
<class>oracle.security.jps.service.policystore.ApplicationRole</class>
</app-role>
</app-roles>
<jazn-policy>
<grant>
<grantee>
<principals>
<principal>
<class>oracle.security.jps.service.policystore.ApplicationRole</class>
<name>rw_administrator</name>
</principal>
</principals>
</grantee>
<permissions>
<permission>
<class>oracle.reports.server.ReportsPermission</class>
<name>report=* server=* destype=* desformat=* allowcustomargs=true</name>
<actions>*</actions>
</permission>
<permission>
<class>oracle.reports.server.WebCommandPermission</class>
<name>webcommands=* server=*</name>
<actions>execute</actions>
</permission>
</permissions>
</grant>
<grant>
<grantee>
<principals>
<principal>
<class>oracle.security.jps.service.policystore.ApplicationRole</class>
<name>RW_BASIC_USER</name>
</principal>
</principals>
</grantee>
<permissions>
<permission>
<class>oracle.reports.server.ReportsPermission</class>
<name>report=test.rdf server=* destype=* desformat=* allowcustomargs=true</name>
<actions>*</actions>
</permission>
<permission>
<class>oracle.reports.server.WebCommandPermission</class>
<name>webcommands=showmyjobs,getjobid,showjobid server=*</name>
<actions>execute</actions>
</permission>
</permissions>
</grant>
</jazn-policy>
</application>
</applications>
</policy-store>

Leave a Reply