Wednesday, November 4, 2015

OAM Throwing error - java.lang.SecurityException: MBean operation access denied. MBean: oracle.oam:type=PATConfig Operation: listPartners(java.lang.String) Detail: Access denied. Required roles: Admin, Operator, executing subject: principals=[oamadmin, ….]

This continues to be problem with OAM PS2 version. When you try to search for "Identity Provider Partners" or "Service Providers partners". The following error is thrown:

java.lang.SecurityException: MBean operation access denied. MBean: oracle.oam:type=PATConfig Operation: listPartners(java.lang.String) Detail: Access denied. Required roles: Admin, Operator, executing subject: principals=[oamadmin, ….]
Error
MBean operation access denied. MBean: oracle.oam:type=PATConfig Operation: listPartners(java.lang.String) Detail: Access denied. Required roles: Admin, Operator, executing subject: principals=[oamadmin, ….]
Error

Access denied. Required roles: Admin, Operator, executing subject: principals=[oamadmin, ….]

To fix this problem, you will need to add the group that “oamadmin” ( or the user you are using to login to OAM) to the weblogic role for administrators.

To do this:
1.       Open the weblogic console:
2.       Click on the “Security Realms” à myrealm à “Roles and Policies” tab
3.       Expand “Global Roles”
4.       Expand “Roles, the following page will be displayed


1.       Click on “View Role Conditions ( or Add Role Condition) for “Admin” role.
2.       Click on “Add Conditions”.


1.       Click Next
. Select “Group à Click “Next”.
. Add the group “OAMAdministrators” (Case Sensitive) and finish.


 10. Save the changes.
11. Access the same link again. it will work.

Have Fun ......