7 Replies Latest reply on Mar 4, 2013 8:29 PM by jriel-Oracle

    credentials/authentication for plugin


      We are developing plugin for OEM. Our plugin may have many pages. And each page may have different functionalities. We want to restrict some users to operate on some pages of the plugin. Is it possible with database user name/password? Like when system account logs in he need to access all the pages. But some other user logs in then he may not access some pages. Is it possible. Can some body guide us?

        • 1. Re: credentials/authentication for plugin
          Can you please elaborate your query by taking explicit examples/scenarios
          • 2. Re: credentials/authentication for plugin
            We are developing a plugin. We are using Metadata Plug-in Custom User Interface (MPCUI) for developing the plugin.

            When the plugin is started we can see a page with 3 buttons and a list view. We will invoke a restful GET api to get values to fill in the list view. What we need is we need enable disable the buttons displayed in the page so that we can restrict some users from performing some operations.

            For example if the database user system is logged in, the all buttons shall be enabled. If another user logged in only one button is enable. We need to do this according to the database privilege of the user. Is it possible based on the roles and privileges of the database user? Of is there any alternate mechanism to do this?

            Hope I am clear.


            Edited by: user2258533 on Jan 17, 2013 10:42 PM
            • 3. Re: credentials/authentication for plugin
              You should be using the 'privileges.' Lot of data & functionality get protected based on privileges.
              Look at ...partnersdk\mrs\emcore\CredStoreMetadata\noNamespace\complexType\Privilege.html
              1 person found this helpful
              • 4. Re: credentials/authentication for plugin
                It is possible to handle with credentials. Preferred Credentials/Named Credential Set etc? How can we create credentials for OEM plugin?
                • 5. Re: credentials/authentication for plugin
                  As part of the target type definition, you can define the types of credentials specific to the plug-in target type.
                  Examples could be the username and password required by the plug-in to connect to a target instance to collect metric data, or to invoke a specific Enterprise Manager job.

                  The specific use case scenario of yours can't be handled by using simple Credential sets alone.

                  On the 2nd part.. How to create Credentials ? I suggest a Reading of Chapter 14. in Cloud Control Extensibility Programmer’s Reference 12c Release 2 (
                  • 6. Re: credentials/authentication for plugin
                    Thanks for your reply.

                    Is it possible to know the privilege of the user who logged into OEM from the plugin?

                    For example we are listing some values in a list of the plug-in screen. If the user system is logged in then we will display all values. But if user scott is logged in then we will not list all values, but some of the values relavant to him. The list of values we will get from another application like, web server. We will invoke restful api to get the values. We want to display these values in the list view of a plugin based on oracle privileges. Is it possible?
                    • 7. Re: credentials/authentication for plugin
                      starting with EDK the MPCUI API's include an EmUser class that you can use to get the current user's roles from. Please refer to the API documentation for details. It is called quite simply like this (from demo_hostsample):

                      var emUser:EmUser = EmUser.getUser();

                      ... and ...

                      public function getRolesHandler(roles:EmUserRoles, fault:ServiceFault):void
                      if(fault != null)
                      MpLog.error("Error Getting Roles: "+fault.message);

                      for(var i:int=0; i<roles.getRoles().length; i++)
                      var role:EmRole = roles.getRoles();
                      MpLog.info("Role: "+role.name+" "+role.desc);