I have been always asked by many clients to get the list of application roles for a member in the OBIEE application .
WLST doesnt have this facility , it can returns only the members for a specific application roles passed to the getAppRoleMemebers() but it doesn't have any funciton/definition (in jython terms) to get the application roles assigned to a user/member
I dont know how OBIEE administrators handle this issue , may be they have already written some code either in java, python, jython,VB, shell, etc....
on a large scale OBIEE application if the environment contains 100 roles with more than 500 users distributed to those 100 roles, it would be a pain to see the relation between a member to his/her app roles .
As i said we could have many techniques in achieving this .....well i have only one for now :-)
I use a simple python script, i hate detailing with huge set of libs and jars, my bet is with python
All the modern linux machines will accompany python . just type python --verion in the shell prompt and you will have the verison . Windows wont have python by default and has to be downloaded from http://Python.org
The below script will work on the standard version Python 2.7 , i have not tested it on 3.5.
# Query AppRoles for Members
# Written by Naga
# Works only with Python 2.7 version
# Uses system-jazn-data.xml file in the weblogic domain.
from xml.dom.minidom import parse
import xml.dom.minidom
import sys
# Main class definition
def main():
print "%-20s %-20s" % ( "MEMBERS", "ROLES")
# Arguments to be looped
for c in sys.argv: # use the parse() function to load and parse an XML file
# Parsing the jazn file
doc = xml.dom.minidom.parse("C:\Users\Administrator\workspace\Python\src\system-jazn-data.xml");
collection = doc.documentElement
# Getting only the app-roles
for roles in collection.getElementsByTagName("app-role"):
# Getting the role names
rolename = roles.getElementsByTagName('name')[0]
# Getting the role members
members = roles.getElementsByTagName("member")
for n in members:
membername = n.getElementsByTagName('name')[0]
# Validating the condition
if membername.childNodes[0].data == c :
print "%-20s %-20s \n" % (membername.childNodes[0].data , rolename.childNodes[0].data)
if __name__ == "__main__":
main();
WLST doesnt have this facility , it can returns only the members for a specific application roles passed to the getAppRoleMemebers() but it doesn't have any funciton/definition (in jython terms) to get the application roles assigned to a user/member
I dont know how OBIEE administrators handle this issue , may be they have already written some code either in java, python, jython,VB, shell, etc....
on a large scale OBIEE application if the environment contains 100 roles with more than 500 users distributed to those 100 roles, it would be a pain to see the relation between a member to his/her app roles .
As i said we could have many techniques in achieving this .....well i have only one for now :-)
I use a simple python script, i hate detailing with huge set of libs and jars, my bet is with python
All the modern linux machines will accompany python . just type python --verion in the shell prompt and you will have the verison . Windows wont have python by default and has to be downloaded from http://Python.org
The below script will work on the standard version Python 2.7 , i have not tested it on 3.5.
# Query AppRoles for Members
# Written by Naga
# Works only with Python 2.7 version
# Uses system-jazn-data.xml file in the weblogic domain.
from xml.dom.minidom import parse
import xml.dom.minidom
import sys
# Main class definition
def main():
print "%-20s %-20s" % ( "MEMBERS", "ROLES")
# Arguments to be looped
for c in sys.argv: # use the parse() function to load and parse an XML file
# Parsing the jazn file
doc = xml.dom.minidom.parse("C:\Users\Administrator\workspace\Python\src\system-jazn-data.xml");
collection = doc.documentElement
# Getting only the app-roles
for roles in collection.getElementsByTagName("app-role"):
# Getting the role names
rolename = roles.getElementsByTagName('name')[0]
# Getting the role members
members = roles.getElementsByTagName("member")
for n in members:
membername = n.getElementsByTagName('name')[0]
# Validating the condition
if membername.childNodes[0].data == c :
print "%-20s %-20s \n" % (membername.childNodes[0].data , rolename.childNodes[0].data)
if __name__ == "__main__":
main();
The key for this script to run or to function properly is the system-jazn-data.xml which holds the information for the app-stripe , roles , members etc....
The script will only query the xml file but will not do any changes to it .
Lets save it as appmembers.py in the scripts folder. now run the script in the command line .
So if you see the script will parse the xml file and give us the valid roles of the user name prodney .
Please note that this is a case sensitive query . Prodney and prodney both are different .
You can use this same script both on Linux and Windows without changing anything.
You can customize the script to extract the whole user for roles and push them to database for better maintenance and control on your security roles .
If you guys feel there is a more better way to show the roles for a member then please let me know . I am open to learn new things :-)
Please note that this is a case sensitive query . Prodney and prodney both are different .
You can use this same script both on Linux and Windows without changing anything.
You can customize the script to extract the whole user for roles and push them to database for better maintenance and control on your security roles .
If you guys feel there is a more better way to show the roles for a member then please let me know . I am open to learn new things :-)
