2 Replies Latest reply on Jun 17, 2010 7:30 AM by 727866

    How works the assignation of a group to a role visitor in WLP

      Hi everyone,
      I have some problems with Siteminder integration with security in Weblogic Portal.
      Basically when I try to show the groups in my SM security provider for assign to a Role Visitor it produces a siteminder API error:

           at com.netegrity.siteminder.weblogic.sspi.auth.ci.h(DashoA10*..)
           at com.netegrity.siteminder.weblogic.sspi.auth.SiteMinderAuthenticationProviderImpl.listMemberGroups(DashoA10*..)
           at com.netegrity.siteminder.weblogic.sspi.auth.SiteMinderAuthenticationProviderMBeanImpl.listMemberGroups(DashoA10*..)
           at sun.reflect.GeneratedMethodAccessor4239.invoke(Unknown Source)
           at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
           at java.lang.reflect.Method.invoke(Method.java:585)
           at com.bea.p13n.usermgmt.AtnProviderProxy$Runner.run(AtnProviderProxy.java:156)
           at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
           at weblogic.security.service.SecurityManager.runAs(Unknown Source)
           at com.bea.p13n.usermgmt.AtnProviderProxy.invoke(AtnProviderProxy.java:113)
           at $Proxy369.listMemberGroups(Unknown Source)
           at com.bea.p13n.security.management.authentication.internal.GroupProvider.getParentGroupNames(GroupProvider.java:363)
           ... 112 more
      Caused by: com.netegrity.siteminder.weblogic.sspi.auth.dw: Could not obtain groups for user: fnp_sane_plasan_plapro_actpet_bpm_grupActuacio
           at com.netegrity.siteminder.weblogic.sspi.auth.b9.b(DashoA10*..)

      This error is reported to the provider but we haven't solution yet and we need a workaround and I would like to know how is done the relationship between the role visitor and the assigned groups, is this information in LDAP? who I can introduce this relationship manually?

      Thank you.
        • 1. Re: How works the assignation of a group to a role visitor in WLP
          when are you getting this? where are you creating the role (in console or portal admin?). It would probably be more constructive to fix the siteminder issue than attempt to workaround it.
          • 2. Re: How works the assignation of a group to a role visitor in WLP
            I have the role visitor created. I am trying to assign a group to the role visitor in PAT, but when I selected the Siteminder Provider to view all the groups this error happens.

            The Siteminder error is recognized by Siteminder as a bug and is making a patch (5 months ago) and we haven't answer yet, and then I would like to find a workaround to this problem.

            I try it with the API but Oracle recognize me another bug when I try to create a visitor role for Enterprise Scoped Applicaction, only works in Web Application scope. (1 month ago)

            And then the last solution is doing this assign manually... and I would like to know how I can do it in LDAP (if LDAP is the repository of this information)