This discussion is archived
5 Replies Latest reply: Dec 13, 2012 7:37 PM by Srinath Menon RSS

Idc service ADD_USER

Lukeskawalker Newbie
Currently Being Moderated
Hello WebCenter Content masters,

I have a J2EE application, and with this I would like to create users and asign them to specific roles.
I use the ADD_USER (http://docs.oracle.com/cd/E28389_01/doc.1111/e11011/c04_core.htm#autoId251) service but it seems I cannot specify the role. And I cannot find a way to do so.

Any suggestion?
Regards.

Edited by: 975656 on Dec 7, 2012 5:58 PM
  • 1. Re: Idc service ADD_USER
    Bunty Journeyer
    Currently Being Moderated
    refer to "Extended User Attributes Services" in Service reference guide
    http://docs.oracle.com/cd/E28389_01/doc.1111/e11011/c11_extuserattr.htm#CHDJBEGE
  • 2. Re: Idc service ADD_USER
    ryan sullivan Pro
    Currently Being Moderated
    As of 11g, the recommended and preferred method of managing users is with an external LDAP user store. If you user standard LDAP to add users into your user store, then they will be WCC users as per your mapping configuration.

    -ryan
  • 3. Re: Idc service ADD_USER
    Lukeskawalker Newbie
    Currently Being Moderated
    Thank you for your answers. I managed to set the users' role by completing my DataBinder with a DataResultSet which has an AttributeInfo field.

    Ryan, I only have the WebLogic embeded LDAP. So I should use some java API to add my users directly in the embeded LDAP and do the group/role mapping with web center content?
  • 4. Re: Idc service ADD_USER
    ryan sullivan Pro
    Currently Being Moderated
    Correct. Simply put, in 11g, the users are all 'external' users opposed to the 'local', 'global', 'external' options in earlier releases. You still manage the roles to security group mappings in the User Admin applet (and manage the predefined accts as well), but you'll want to populate the WLS LDAP in your case. then use the jpsprovider to setup the user store.

    The ldap groups (i.e., cn's) that you register the user with in the ldap will turn into the WCC roles and accounts. This is the same process as using a ldapprovider in the 10g and earlier versions.

    Let me know if that makes sense!
    -ryan
  • 5. Re: Idc service ADD_USER
    Srinath Menon Guru
    Currently Being Moderated
    Hi ,

    Adding to the discussion and point that Ryan mentioned , another option would be to create users on WLS / LDAP and then use credential maps on UCM to give the external users desired roles / accounts when they login to UCM .

    For detailed documentation on credential maps : http://docs.oracle.com/cd/E23943_01/doc.1111/e10792/c05_security.htm#BGBEDJFI

    Hope this helps you .

    Thanks,
    Srinath

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points