1 Reply Latest reply: Jan 16, 2013 5:37 AM by sameer h RSS

    BPEL service invocation from java client using non oc4jadmin user

    sameer h
      Hi

      I am trying to invoke a bpel process fro java client using locator class as given in thread Call a BPEL process as non oc4jadmin user

      Requirement is that I need to use a non oc4jadmin user in this client which should not have permission to login to BPEL/ESB/em console for security reasons.

      For this I created a new role with RMI permission and new user from AS console and assigned this role to the user.

      Upon invocation I am getting following error

      Javax.naming.NoPermissionException: Not allowed to look up ejb/collaxa/system/DeliveryBean, check the namespace-access tag setting in orion-application.xml for details

      I thought the only permission required is that of RMI permission login which I have already provided (tried with JAAS admin tool as well but same result).

      The invocation works when I assign oc4j-administrator role to the user but that will defeat my requirements of security.

      Why is it necessary to have an oc4j-administrator role?

      Any help in this regard is greatly appreciated.

      Soa Suite version: 10.1.3.5 (Oracle app server)

      Thanks,
      Sameer