CODEWITHSUNDEEP
javaeclipseweblogic12cjmx-ws
YLG
YLG

Reputation: 885

Not getting access of "getSubTypes" target in Weblogic user creation

I am creating weblogic users programatically in eclipse. 

package com.logic.email.bo;

import java.io.FileNotFoundException;
import java.io.InputStream;
import java.io.Serializable;
import java.util.Hashtable;
import java.util.Locale;
import java.util.Properties;
import java.util.ResourceBundle;
import javax.management.MBeanServerConnection;
import javax.management.ObjectName;
import javax.management.modelmbean.ModelMBeanInfo;
import javax.management.remote.JMXConnector;
import javax.management.remote.JMXConnectorFactory;
import javax.management.remote.JMXServiceURL;
import javax.naming.Context;

import org.apache.log4j.Logger;

import com.logic.email.bean.EmailAppConfig;

public class NewUserCreation implements Serializable {
static Logger log = Logger.getLogger(EmailAppConfig.class.getName());
private static ObjectName defaultAuthenticator;
private static String authenticatorName = "DefaultAuthenticator";
public InputStream inputStream;

public NewUserCreation() {
    super();
}

/*
 * This method will create user in web logic server
 */
public String createWeblogicUser(String username, String password, String user_role) {
    Properties prop = new Properties();

    String propFileName = "Values.properties";

    inputStream = getClass().getClassLoader().getResourceAsStream(propFileName);


    try {
        if (inputStream != null) {
            // load the file
            prop.load(inputStream);
        } else {
            log.error("Throwing File Not Found Exception");
            throw new FileNotFoundException("Property file " + propFileName + " not found");

        }
        Hashtable<String, String> env = new Hashtable<String, String>();
        String user_grp = (user_role.equals("A")) ? "A"
                : (user_role.equals("P")) ? "P"
                        : (user_role.equals("PA")) ? "PA"
                                : (user_role.equals("R")) ? "R"
                                        : (user_role.equals("RA")) ? "RA" : (user_role.equals("RP")) ? "RP"
                                                : (user_role.equals("RPA")) ? "RPA" : "U";
        env.put(Context.SECURITY_PRINCIPAL, prop.getProperty("app_server_un"));
        env.put(Context.SECURITY_CREDENTIALS, prop.getProperty("app_server_pwd"));
        env.put(Context.PROVIDER_URL, "t3://192.168.161.37:7305");
        env.put(Context.INITIAL_CONTEXT_FACTORY,
                 "weblogic.jndi.WLInitialContextFactory");
        String hostname = prop.getProperty("app_server");
        int port = Integer.parseInt(prop.getProperty("app_admin_port"));
        String protocol = "rmi";
        String url = new String("/jndi/weblogic.management.mbeanservers.runtime");
        JMXServiceURL serviceURL = new JMXServiceURL(protocol, hostname, port, url);
        JMXConnector connector = JMXConnectorFactory.connect(serviceURL, env);
        MBeanServerConnection connection = connector.getMBeanServerConnection();

        ObjectName userEditor = null;
        ObjectName mBeanTypeService = new ObjectName(
                "com.bea:Name=MBeanTypeService,Type=weblogic.management.mbeanservers.MBeanTypeService");
        ObjectName rs = new ObjectName(
                "com.bea:Name=RuntimeService,Type=weblogic.management.mbeanservers.runtime.RuntimeServiceMBean");
        ObjectName domainMBean = (ObjectName) connection.getAttribute(rs, "DomainConfiguration");
        ObjectName securityConfig = (ObjectName) connection.getAttribute(domainMBean, "SecurityConfiguration");
        ObjectName defaultRealm = (ObjectName) connection.getAttribute(securityConfig, "DefaultRealm");
        ObjectName[] authProviders = (ObjectName[]) connection.getAttribute(defaultRealm,
                "AuthenticationProviders");
        for (ObjectName providerName : authProviders) {

            if (userEditor == null) {
                ModelMBeanInfo info = (ModelMBeanInfo) connection.getMBeanInfo(providerName);
                String className = (String) info.getMBeanDescriptor().getFieldValue("interfaceClassName");
                System.out.println("className is: " + className);


                if (className != null) {
                    String[] mba = (String[]) connection.invoke(mBeanTypeService, "getSubtypes",
                            new Object[] { "weblogic.management.security.authentication.UserEditorMBean" },
                            new String[] { "java.lang.String" });
                    for (String mb : mba) {
                        System.out.println("Model Bean is: " + mb);
                        if (className.equals(mb)) {
                            System.out.println("Found a match for the model bean and class name!");
                            userEditor = providerName;
                        }
                    }
                }
            }
        }

        if (userEditor == null)
            throw new RuntimeException("Could not retrieve user editor");

        try {
            for (int i = 0; i < authProviders.length; i++) {
                String name = (String) connection.getAttribute(authProviders[i], "Name");

                System.out.println("name " + name);
                if (name.equals(authenticatorName))
                    defaultAuthenticator = authProviders[i];
            }
            boolean userExists = ((Boolean) connection.invoke(defaultAuthenticator, "userExists",
                    new Object[] { username }, new String[] { "java.lang.String" })).booleanValue();
            System.out.println("userExists" + userExists);
            if (userExists) {
                return "User Already exists";
            } else if (!(userExists)) {
                connection.invoke(userEditor, "createUser",
                        new Object[] { username, password, "User created by LPM admin." },
                        new String[] { "java.lang.String", "java.lang.String", "java.lang.String" });

                connection.invoke(userEditor, "addMemberToGroup", new Object[] { user_grp, username },
                        new String[] { "java.lang.String", "java.lang.String" });
                connection.invoke(userEditor, "addMemberToGroup", new Object[] { "Administrators", username },
                        new String[] { "java.lang.String", "java.lang.String" });

                System.out.println("User created successfully");
            }
        } catch (Exception e) {
            e.printStackTrace();
            return "Error";
        }

        connector.close();

    } catch (Exception ex) {
        ex.printStackTrace();
        return "Error";
    }
    return "User Created";
}

}

I am getting below exception

  "weblogic.management.NoAccessRuntimeException: Access not allowed for subject: principals=[], on ResourceType: Target: getSubTypes".

on the following line : 

 String[] mba = (String[]) connection.invoke(mBeanTypeService, "getSubtypes", new Object[] {
                                                                "weblogic.management.security.authentication.UserEditorMBean" }, new String[] {
                                                                "java.lang.String" });

I tried searching in google. But didn't get clear understanding. What I understood is, It needs username and it's permission for authentication and authorization. But I am not getting how to set username and permission programatically to avoid this exception. Is there any other way in Java code to create weblogic users programmatically? Please guide me on this.

Upvotes: 4

Views: 172

Answers (0)

Related Questions