In my previous post about being able to update user profiles programmatically it assumed that the user had the capability to edit the profile.
There were some additional configuration steps required to be able to get this to work in a controlled way which are explained below. The easy way would be to add the “Manage People Connections” permission to the “Authenticated-User” role, however, this gives more capability that we really want. The steps below are aimed at only enabling edit capability.
Adding general permission to the authenticated-user role
1. Login to WebCenter using weblogic
2. Click Administration then click Security
3. Scroll right on the Roles table (note you have to scroll to the bottom first to see the scrollbar)
4. The Authenticated-User role in the table should be on the right hand side. Enable “Update People Connections Data” and then click Apply at the top of the page.
Enable the application policy
1. Login to Enterprise Manager
2. Navigate to Farm_base_domain->Weblogic Domain->base_domain
3. Right click on base_domain and then select Security->Application Policies.
4. Search for the right policy using the details:
a. Application Stripe: webcenter
b. Principal Type: Application Role
c. Name (Includes): authenicated
5. Select Principal “authenticated-user” and click Edit
6. In the Permissions section click the Add button.
7. Select “oracle.webcenter.peopleconnections.profile.security.ProfilePermission” from the Permission Class dropdown.
8. Enter “/oracle/webcenter/peopleconnections/profile/s8bba98ff_4cbb_40b8_beee_296c916a23ed/.*” in the Resource Name section and click the blue search arrow button.
9. Select the line that has the “Edit” Permission Action
10. Click Continue then OK