Sunday, March 30, 2014

OPSS APIs to access Policy Store

Scenario - Though EM console of weblogic server provides a sophisticated UI to access policy store and perform actions, there was once a scenario where we had to find a way to provide a set of permissions to a specific role through code.

Solution - Weblogic provides OPSS APIs to access the policy store and i feel its not well documented, So here we go with a util to get your Application's Policy -

package com.webcentersamples.sampleapp.samples.utils;


public class PolicyStoreUtils {
    private static PolicyStoreUtils policyStoreUtils;
    private static PolicyStore policyStore;
    private static ApplicationPolicy applicationPolicy;
    private PolicyStoreUtils() {
    public static synchronized PolicyStoreUtils getInstance() {
        if (policyStoreUtils == null) {
            policyStoreUtils = new PolicyStoreUtils();
        return policyStoreUtils;
    /**@SBathala - This method uses internal classes.
     *It returns complete policy store where you could search for your own application's policy
     * @return
     * @throws JpsException
    public static synchronized PolicyStore getPolicyStore() throws JpsException {
        if (policyStore == null) {
            ServerContextFactory serverCtxFactory =
            JpsContext jpsCtx =
            policyStore = jpsCtx.getServiceInstance(PolicyStore.class);

        return policyStore;
    /** @SBathala - This method gets you the Application Policy of the application you want from the Policy Store .
     * @param applicationStripe -
     * It could be fetched from EM Console.
     * Step 1 - Choose your application
     * Step 2 - Choose the 'Application Policies' from the drop down in top bar.
     * Step 3 - Note down the Application stipe name mentioned there, Usually it will be of tis format
     * <Your_Application_Name>#<Deployed_Version_Number>
     * Eg : MyApp#V2.0
     * @throws JpsException
    public static synchronized getApplicationPolicy(String applicationStripe) throws JpsException {
        if (applicationPolicy == null) {
            applicationPolicy =
        return applicationPolicy;

Once you get the Application policy, You could do whole lot of operations such as search/add/remove application roles,  grant/revoke permissions etc..

Note - The user should have the following permission in JAZN to access the policy store else the methods will throw exceptions..

 <permission>         <class></class>