05 May 2011

WLS: Listing Users and their Groups in a Security Realm

Many times I've seen the question about a WLST script for listing groups to which an user belongs.
(This works Oracle Weblogic Server - Version: 9.0 to 10.3.4)

Before running the script you need to set up the environment to your local WebLogic Server by invoking DOMAIN_NAME\bin\setDomainEnv.cmd (setDomainEnv.sh on UNIX), where DOMAIN_NAME is the directory in which you located the domain

You need to modify the line 6, where set the address, port, username and password of your WebLogic Server:


and run it with the following command line:

java weblogic.WLST groups_of_users.py
Listing groups_of_users.py:
from weblogic.management.security.authentication import UserReaderMBean
from weblogic.management.security.authentication import GroupReaderMBean
from weblogic.management.security.authentication import MemberGroupListerMBean

# connect to WLS with username/password = weblogic/welcome1

atns = realm.getAuthenticationProviders()

for i in atns:
  if isinstance(i,UserReaderMBean):
    userReader = i
    cursor = i.listUsers("*",0)
    # print '* Users in realm '+realm.getName()+' are: '
    while userReader.haveCurrent(cursor):
      # print userReader.getCurrentName(cursor)
      user = userReader.getCurrentName(cursor)

# init

      print ''

    # listings groups of user
      # print "Listing the groups of a '" + user +"'"
      # users? = OracleSystemUser, weblogic
      x = atnr.listMemberGroups(user)
      # print x

      # new pointers for better understanding
      groupReader = atnr
      cursor2 = x
      print "* Groups in user '" + user + "' are: "
      while groupReader.haveCurrent(cursor2):
        print groupReader.getCurrentName(cursor2)

# end      

Then you will get a similar output to:

* Groups in user 'weblogic' are:

* Groups in user 'usertest1' are:

My Blog List

Blog Archive


The views expressed on this blog are my own and do not necessarily reflect the views of Oracle.