I know this functionality is supported out of the box, but there are some special touches added by me, and thought to share with everybody.
To create ESB read-only user account:
- Create user in EM with ascontrol_monitor, and that's all is required for creating read-only account for ESB read-only.
Now if I login to ESB console using esbreadonly user, everything works fine. There are some gotchas here:
- You can delete any service using esbreadonly user!
- Sometime you want to enhance functionality, e.g. not all readonly user should have access to routing rules, etc...
I published the article for BPEL Read-only Console , it was fairly easy because BPEL read-only console are all JSP and I used Servlet filter to achieve that functionality. Now ESB console is all Java Script underneath. From directory names I can see it is Picasa framework, not sure how that works, but debugging JS is hell lot of time unless you have good editor.
Disable Delete button for Readonly Users:
- open %soasuite%/j2ee/oc4j_soa/applications/esb-dt/esb_console/esb/commands/controller.ServiceNavigator.js
- Search for following two entry (it should be about 399 or 400 line in the file:
- Add following line of code below the a.enable(); line:
/* cshah changes : added code to disable delete button */
That's all and DELETE button will be disabled for non-admin users.
Enhance functionality for ESB console, disable tabs e.g. Routing Rules
- open %soasuite%/j2ee/oc4j_soa/applications/esb-dt/esb_console/esb/commands/controller.ESBController.js
- Search for following two entry (it should be about 614 and 615 line in the file:
- Add the following line of code right below tabmodel.enableTab(TabModel.TAB_TACKINGFLDS_IDX);
/* cshah -- disable routing rules if the user is not admin */
This will remove Routing Rules tabs for read-only (non-admin) users.