Today one of our subscribers Sai using comment asked how to list out users which are in default Authenticator only, hence we have just created a script which would do the same and would also show you all the Authenticator’s list of users if you want by just setting one flag as true (show.all.authenticator.userlist) inside your “details.properties” file. This way everyone can get what they want.
As every time we have again used a properties file in which you can give the required details and can get your required output, hence just by giving the details in the details.properties files and you are good to go.
An article written by Jay WebLogic SQLAuthenticator Demo With FormBased Authentication helped me alot in testing this script, so others can also take the advantage from it.
Steps to get the Users List from Security Realm using WLST
Step1). Create a Directory somewhere in your file system like : “C:WLST_log”
Step2). Write a Properties file “details.properties“ inside “C:WLSTUserList” like following:
admin.url=t3://localhost:7001 admin.userName=weblogic admin.password=weblogic ########## User Name which wants to get listed (where, * = all users name) ################ user.name.wildcard=* ########## Maximum Numbers of List you want to see (where, 0 = all the number of users) ############### maximum.to.return=0 ########## If "true" will show all the Authenticator's Users List, if "false" then would only show Default Authenticators Uers List ################ show.all.authenticator.userlist=false
Step2). Now in the same directory write the following WLST Script “usersList.py” like following:
############################################################################# # # @author Copyright (c) 2010 - 2011 by Middleware Magic, All Rights Reserved. # ############################################################################# from java.io import FileInputStream from weblogic.management.security.authentication import UserReaderMBean propInputStream = FileInputStream("details.properties") configProps = Properties() configProps.load(propInputStream) adminURL=configProps.get("admin.url") adminUserName=configProps.get("admin.userName") adminPassword=configProps.get("admin.password") userNameWildcard=configProps.get("user.name.wildcard") maximumToReturn=configProps.get("maximum.to.return") showAllAuthenticatorUserList=configProps.get("show.all.authenticator.userlist") connect(adminUserName, adminPassword, adminURL) realmName=cmo.getSecurityConfiguration().getDefaultRealm() authProvider = realmName.getAuthenticationProviders() for i in authProvider: if isinstance(i,UserReaderMBean): userName = i authName= i.getName() if showAllAuthenticatorUserList == 'true': userList = i.listUsers(str(userNameWildcard),int(maximumToReturn)) print '======================================================================' print 'Below are the List of USERS which are in the: "'+authName+'"' print '======================================================================' num=1 while userName.haveCurrent(userList): print num,'- '+ userName.getCurrentName(userList) userName.advance(userList) num=num+1 print '======================================================================' userName.close(userList) else: if authName == 'DefaultAuthenticator': userList = i.listUsers(str(userNameWildcard),int(maximumToReturn)) print '======================================================================' print 'Below are the List of USERS which are in the: "'+authName+'"' print '======================================================================' num=1 while userName.haveCurrent(userList): print num,'- '+ userName.getCurrentName(userList) userName.advance(userList) num=num+1 print '======================================================================' userName.close(userList)
Step3). Now Open a Command/Shell Prompt and then run the “setWLSEnv.sh” script to set the CLASSPATH and PATH environment variables. Run the “. ./setWLSEnv.sh” by adding two DOTs separated by a single space …..before the actual script like following : (use ‘cd’ command to move inside the <BEA_HOME>/wlserver_10.3/server/bin) then run the following command….
. ./setWLSEnv.sh
Note: Here The first DOT represents that set the Environment in the current Shell, AND the second ./ represents execute the script from the current directory.
Step4). Run the Above WLST Script like following:
java weblogic.WLST usersList.py
Following would be the Output when
show.all.authenticator.userlist=true
java weblogic.WLST usersList.py Initializing WebLogic Scripting Tool (WLST) ... Welcome to WebLogic Server Administration Scripting Shell Type help() for help on available commands Connecting to t3://localhost:7001 with userid weblogic ... Successfully connected to Admin Server 'AdminServer' that belongs to domain 'Domain_7001'. Warning: An insecure protocol was used to connect to the server. To ensure on-the-wire security, the SSL port or Admin port should be used instead. ====================================================================== Below are the List of USERS which are in the: "DefaultAuthenticator" ====================================================================== 1 - weblogic 2 - TestUserOne 3 - TestUserTwo 4 - TestUserThree 5 - TestUserFour 6 - TestUserFive ====================================================================== ====================================================================== Below are the List of USERS which are in the: "RavishAuth" ====================================================================== 1 - DB-weblogic-1 2 - DB-weblogic-2 3 - DB-weblogic-3 4 - weblogic ======================================================================
Following would be the Output when
show.all.authenticator.userlist= false
java weblogic.WLST usersList.py Initializing WebLogic Scripting Tool (WLST) ... Welcome to WebLogic Server Administration Scripting Shell Type help() for help on available commands Connecting to t3://localhost:7001 with userid weblogic ... Successfully connected to Admin Server 'AdminServer' that belongs to domain 'Domain_7001'. Warning: An insecure protocol was used to connect to the server. To ensure on-the-wire security, the SSL port or Admin port should be used instead. ====================================================================== Below are the List of USERS which are in the: "DefaultAuthenticator" ====================================================================== 1 - weblogic 2 - TestUserOne 3 - TestUserTwo 4 - TestUserThree 5 - TestUserFour 6 - TestUserFive ======================================================================
Regards,
Ravish Mody
May 12th, 2011 on 1:05 am
This is great WLST script .
Can we create new provider and its properties under myrelam using WLST ?
June 22nd, 2011 on 11:05 am
Ravish,
Thanks a lot for writing up this script however I get an error when I run it. I have created the details.properties and usersList.py in the same directory and have also set the classpath on the current shell.
When I run the script, this is what I am getting:-
Initializing WebLogic Scripting Tool (WLST) …
Welcome to WebLogic Server Administration Scripting Shell
Type help() for help on available commands
Problem invoking WLST – Traceback (innermost last):
File “/home/bsinha/JEEUtils/WLTools/WLST/usersList.py”, line 10, in ?
at java.io.FileInputStream.open(Native Method)
at java.io.FileInputStream.(FileInputStream.java:106)
at java.io.FileInputStream.(FileInputStream.java:66)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
java.io.FileNotFoundException: java.io.FileNotFoundException: details.properties (No such file or directory)
Regards,
Bis
June 22nd, 2011 on 1:55 pm
HI Bis,
The 10th Line of the above WLST actually looks for a file with name “details.properties” and this file must be placed in the same directory where you have placed your WLST Script. The error suggests that the file is not present in the required locattion.
If you dont want to place properties file in some other location then please specify the Properties file path as well in line-10
propInputStream = FileInputStream(“details.properties”)
.
.
Keep Posting 🙂
Thanks
Jay SenSharma
December 7th, 2016 on 5:44 pm
Hi Bro,
I am using AIX server to run script to get user list from security realm,But I am getting below error.Please advise
$ java weblogic.WLST usersList.py
Initializing WebLogic Scripting Tool (WLST) …
Welcome to WebLogic Server Administration Scripting Shell
Type help() for help on available commands
Connecting to t3://iv54318p:7001 with userid weblogic …
Successfully connected to Admin Server “AdminServer” that belongs to domain “ofmw_domain”.
Warning: An insecure protocol was used to connect to the
server. To ensure on-the-wire security, the SSL port or
Admin port should be used instead.
Problem invoking WLST – Traceback (innermost last):
File “/u02/oraclesoa/scripts/usersList.py”, line 24, in ?
at weblogic.management.jmx.MBeanServerInvocationHandler.newProxyInstance(MBeanServerInvocationHandler.java:623)
at weblogic.management.jmx.MBeanServerInvocationHandler.invoke(MBeanServerInvocationHandler.java:435)
at com.sun.proxy.$Proxy14.getAuthenticationProviders(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:95)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:56)
at java.lang.reflect.Method.invoke(Method.java:620)
java.lang.RuntimeException: java.lang.RuntimeException: java.lan
December 7th, 2016 on 6:55 pm
Hello Neelaprasad,
1. Is the following line is line number 24 in your “usersList.py” ?
authProvider = realmName.getAuthenticationProviders()
2. Can you try changing those lines as following to dump the stackTrace to see if we get more details:
Regards
Jay SenSharma
September 13th, 2011 on 5:19 pm
Hi Ravish/Jay,
Thanks for the post.
Does Weblogic store the creation date of each user ? If it does, is there a way to retreive the creation date using WLST.
Thanks,
Vinodh
September 13th, 2011 on 6:29 pm
Hi Vinodh,
Does Weblogic store the creation date of each user ?
No, it does not store the creation date of any users
Regards,
Ravish Mody
August 30th, 2012 on 12:06 pm
Hi Ravish/Jay,
I’m new to LDAP and WLST. I have SIT environment already configured with lot of users under a group under myrealm -> DefaultAuthenticator.
The password of these users have got expired. I have been given the export and import WLST commands for our project domains in Weblogic. I also have list of all the users that I should use to update their password.
Before executing this two commands using WLST, I would like to know
a) How do I find out the existing password (expired) for all the users ? Is there a command in WLST to achieve this ?
b) The export command updates the .ldif file that has userpassword field which is encrypted. After executing export and import, how do I find out what the new password is for all the users ?
c) How do I find out also the Active Directory being used (its folder path), what is to be backed up before executing the WLST’s export and import commands ?
Our OS is Windows XP 64 bit running with Oracle WL App Server.
Your help is required to clear my head on these new areas.
Thanks,
Srikanth S
January 15th, 2018 on 5:29 pm
hi,
I want to get all the information about user not only currentName.
So could you help me with method like getCurrentName to get full user information.
Thank you.
Regards,
MonicaK
April 5th, 2018 on 7:40 pm
[MBeanServerInvocationHandler]Security:Name=myrealm
Problem invoking WLST – Traceback (innermost last):
File “/app/middleware/wlserver_10.3/server/bin/usersList.py”, line 27, in ?
at weblogic.management.jmx.MBeanServerInvocationHandler.newProxyInstance(MBeanServerInvocationHandler.java:622)
at weblogic.management.jmx.MBeanServerInvocationHandler.invoke(MBeanServerInvocationHandler.java:434)
at com.sun.proxy.$Proxy16.getAuthenticationProviders(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
java.lang.RuntimeException: java.lang.RuntimeException: java.lang.ClassNotFoundException: oracle.security.wls.oam.providers.asserter.OAMIdentityAsserterMBean