If you have a wrapper shell script to perform deployment of BPEL processes, you would need to have a user to log in to the box.
Generally such wrapper scripts for deployment of BPEL processes are run as oracle user.
What is the concern?
Generally oracle user is used to run the installation.
Now for installation to run oracle user has every access to do any thing in the system.
Now if the oracle password is given for deployment, there is concern of miss use of it.
Who ever has access to it can mess up the system big time.
Why is this so?
oracle user has sys admin privileges. So generally the DBA would not give this to you.
Alternative option
Create a new user for deployment.
Get this user the following access and you don't need oracle username password.
Only read and execute access in the below list would be enough to get depployment script working.
| ${ORACLE_HOME}/bpel/bin | All files | BPEL deployment related files | r-x |
| ${ORACLE_HOME}/jdk | All files and sub directories | set jdk home for deployment | r-x |
| ${ORACLE_HOME}/ant | All files and sub directories | set deployment ant modules | r-x |
| ${ORACLE_HOME}/bpel/system/classes | All files and sub directories | bpel classpath | r-x |
| ${ORACLE_HOME}/j2ee/${oc4j_instance}/applications | All files and sub directories | for j2ee related deployment | r-x |
| ${ORACLE_HOME}/bpel/lib | All files | BPEL libraries to be included for compilation | r-x |
| ${ORACLE_HOME}/j2ee/home | All JAR files | BPEL client jar files | r-x |
| ${ORACLE_HOME}/j2ee/home/lib | All JAR files | BPEL client jar files | r-x |
| ${ORACLE_HOME}/lib | All JAR files | dependent JAR files | r-x |
No comments:
Post a Comment