Getting Portal Role of the Logged in User.

Similar Messages

• How can I know the security role of the logged in user

  When you design an enterprise bean or Web component, you should always think about the kinds of users who will access the component. For example, an Account enterprise bean might be accessed by customers, bank tellers, and branch managers. Each of these user categories is called a security role, an abstract logical grouping of users that is defined by the person who assembles the application. When an application is deployed, the deployer will map the roles to security identities in the operational environment.
  But wondering when I log into my application with some user name and password (specified in my Oracle database),wondering how this works with the security role I created .How does J2EE know the security role of the logged in user.
  Thanks
  Manohar

  shet wrote:
  role at run time.
  When I login say as "manju" and password as "money" then how does it know that this user belongs to this security role.Is that the j2ee administrator has to say that user manju has this this security role.Programmitically how does it really work.I am confusedThe j2ee implementation assigns the roles using the JAAS module you have configured for your application on your application server. different JAAS modules get roles in different ways. many allow a single static role to be assigned using a config file. if using a database, often there will be configuration to specify additional database fields which specify the role for a given username.
  At runtime, a developer can test roles using methods like EJBContext.isCallerInRole().

• Determine the role of the logged in User

  Dear experts,
  I am working on SRM 7.0 version, I want to determine wether the logged in user is an approver, buyer or a general user ( Role determination ). Can you please suggest a way for this.
  Thanks & Regards,
  Murthy

  Hello Murthy,
  What about simply use function module BBP_USER_GET_DETAIL with importing parameter USERNAME = SY-UNAME ?
  You will get all user's roles in table ACTIVITYGROUPS.
  Regards.
  Laurent.

• How to get the Role of the logged in User?

  Hi All,
  Enclosed below is the code am trying to use to get the role for a logged in portal user. But it fails
  1. Due to class path errors although I have imported the necessary jar files.
  2. Am unable to invoke/find getSAPUser() method or invoke the UMFactory.
  Iterator rit = null;
  IWDClientUser clientUser = WDClientUser.getCurrentUser();
  IUser user = clientUser.getSAPUser();
  rit = user.getRoles(true);
  IRoleFactory rfact = UMFactory.getRoleFactory();
  while (rit.hasNext()) {
  String roleName = (String) rit.next();
  IRole role = rfact.getRole(roleName);
  wdContext.currentContextElement().setRole(role);
  What could be the problem and what are the jars that need to imported as I am using EP7.0
  Thanks for all your help in advance.
  Best regards,
  Divya

  Hi Divya,
  Add WD_RUNTIME/com.sap.security/lib/com.sap.security.api.jar to your project`s java build path.
  Best regards, Maksim Rashchynski.

• How to get the Capability of the Logged In User

  Hi All,
  I am trying to get the Capabilities of the logged in user, but iam only getting the capabilities of the "Configurator" irrespective of who has logged in.
  I am using the following code.
  <Field name='Capability'>
  <Display class='Label'/>
  <Default>
  <invoke name='getCapabilities' class='com.waveset.ui.FormUtil'>
  <ref>:display.session</ref>
  </invoke>
  </Default>
  </Field>
  Iam using Sun IDM 5.0 with Service Pack 4. Before service pack was installed i was getting the correct result. Now iam not getting the result after the service pack is installed.
  What might be the issue ?
  Can anyone guide me on this.
  Thanks in Advance.
  Regards,
  Siva

  hi danareed
  Could you post the code to do that?, I'm trying to get the capabilitites for Any given user from the WSObject getting the AdminGroups, but I'm unable to get the capabilities from this object, what I get is an array of AdminGroup objects, how I can get the capabilities from here?
  <get>
  <invoke name='getObjectIfExists'>
            <select>
              <ref>context</ref>
              <ref>given_context</ref>
              <ref>:display.session</ref>
              <invoke name='getLighthouseContext'>
                <ref>WF_CONTEXT</ref>
              </invoke>
            </select>
            <s>User</s>
  <s>myUser</s>
  </invoke>
  <s>AdminGroups</s>
  </get>thanks
  Edgar Torres

• How to get the currency of the logged in user using an el expression

  I want to get the currency of the logged in user using an el expression. I can get the same using ApplSessionUtil.getCurrency(). But can i get the same using an el exprssion?. I want to use this el expression for setting the default value of a VO attriubte
  Thanks in advance

  Hi
  If you are getting the currency value from ApplSessionUtil.getCurrency() set the result of the value to one of your VO on Bean and use it in your el expression .
  Thanks
  Raghav

• How to see the logged in user on the portal EP6 SP2

  Hi All,
  I am using EP6.0 SP2 Patch 5.I want to know that which users are logged on.Can I see the user id of the logged in user inthe portal.
  Any suggestions.
  Paritosh

  Hi Paritosh,
  I think SAP Note 762004 should answer your question!
  Best regards,
  Robert

• How to determine the logged in user - BI Publisher

  Hi,
  I am building a SQL based BI Publisher report. I am using BI Publisher integrated with the E-Business Suite so all ebiz users can log in to BI Publisher
  I have a requirement that my parameter LOV query is to be restricted based on the BI publisher logged in user. I have the necessary select statement which just requires the logged in user to be supplied. But I don't know if there is any standard BI variables which I can use in my SQL Query
  Thanks
  Shasik
  Edited by: Shasik on Sep 14, 2008 1:04 AM

  Hi Shashi,
  http://winrichman.blogspot.com/2008/09/how-to-get-logged-in-obiee.html
  Use the available XDO session variables like :xdo_user_name
  Select :xdo_user_name from dual wil fetch you , the Logged in USER :)

• 'The logged-on user does not have permission to use this object'

  Hello everyone,
  I am getting the message 'The logged-on user does not have permission to use this object' while saving the Sales Order. I am logging in as a CRM user. There is an addon also running on the server, that saves some data into a user defined table when the Sales Order is saved. Is there any authoisation for users to access user defined tables.
  Regards,
  William

  hi William,
  this is an Authorization issue. provide the user with authorization on your UDT. Definition of user authorization can be found in Administration -- >> System Initialization -->> Authorizations -->> Additional Authorization Creator.... if already defined from here you can fined the additional authorization from the General authorization window.
  regards,
  Fidel

• The logged in user does not have permissions to perform this operation

  OIM 11.1.2.0.4
  Connector: Microsoft Active Directory User Management 11.1.1.5.0
  Action: revoke a provisioned AD account (logged in user is XELSYSADM member of SYSTEM ADMINISTRATIONS role)
  Error message: IAM-2050243 : Orchestration process with id 5756, failed with error message IAM-4065011 : An error occurred in oracle.iam.provisioning.spi.DOBProvisioningMechanism/revoke(Account) while revoking account with id 1 for the user with key 43 and the cause of error is The logged in user does not have permissions to perform this operation..

  The problem is missing entries into table AAD, Provisioning API uses table AAD to check administrator's scope on the user's organization.
  TEST: following SQL statement should return at least a value
  select aad_write, aad_delete
  from aad aad
  , usr usr
  where aad.act_key = usr.act_key
  and usr.usr_key = <user_key_of_user_you_wanto_to_revoke>
  and aad.ugp_key in (
  select ugp.ugp_key
  from ugp ugp
  , usg usg
  where ugp.ugp_key = usg.ugp_key
  and usg.usr_key = <user_key_of_xelsysadm>
  BUG (in my case): if you create an Organization using a OIM user that does not have any Role (except default ALL USERS Role) the system does NOT add right entries into AAD table, so you can revoke account of users that are members of this Organization
  WORKAROUND: manually insert entries for all Organizations (ACT_KEYs) for the user XELSYSADM into AAD table
  FIX: always create an Organization using a OIM users with at least one Role except ALL USERS role

• Customizing Message "No portal roles are assigned for this user"?

  Hello,
  we would like to give the user some hint on who to speek with in case he has no portal roles assigned.
  So we would like to customize the messaage "No portal roles are assigned for this user" to some customer spezific text or to redirekt to a customer specific iView.
  I would appreciate any kind of hints.
  Best regards,
  Lutz Rottmann

  Hi,
  Check these threads.
  Customizing message "No portal roles are assigned for this user"
  No portal roles are assigned for this user
  Regards,
  Harini S

• Cusomize message "No portal roles are assigned for this user"?

  Hello,
  we would like to give the user some hint on who to speek with in case he has no portal roles assigned.
  So we would like to customize the messaage "No portal roles are assigned for this user" to some customer specific text or to redirect to a customer specific iView.
  I would appreciate any kind of hints.
  Best regards,
  Lutz Rottmann

  Hi,
  Check this thread.
  Customizing message "No portal roles are assigned for this user"
  No portal roles are assigned for this user
  Regards,
  Harini S

• Best way to find the Customer of the logged in user

  Background: We're a tool provider. When our users grant the tool oauth access to their accounts, we need to get the customer ID and name as well as a list of accounts under the customer.
  What is not clear to us is how best to get the Customer name. It seems we need to make 2 requests; the first one is to use
  GetUserRequest to get the logged in user details, and then use the username as a filter with a
  SearchCustomersRequest call.
  The GetUserRequest returns the customer ID but not the name.  Hence, the need to use SearchCustomersRequest.
  We can't use GetCustomersInfoRequest because it requires us to provide a
  CustomerNameFilter which we obviously don't have.
  Is the above correct? Have we missed something anywhere?

  Yes you will need at least 2 calls e.g. GetUser -> SearchCustomers or
  GetUser -> SearchAccounts -> GetCustomer. Do any agencies use your tool? Keep in mind that an agency user cannot access the full client Customer details, i.e. in the same way that GetCustomer(clientCustomerId) will return a code 1001
  permissions error, SearchCustomers won't return the client's Customer object. This is by design since linking a client account to an agency only grants account level access - not customer level access. To ensure you get a full list of all accounts that a user
  can access (whether or not agency), please consider the GetUser -> SearchAccounts -> GetCustomer call pattern. For a related code example, see
  Search Customers by User in C#. 
  I hope this helps! Please reach out with any further related questions or concerns. 

• Programatically Check if the logged in user is in the Administrators group in Project Server (C#, VS2010)

  Hi I would like to be able to check if the logged in user is a member of the administrator group programatically through c#
  I know that I can get the user's GUID / check if they are actually a user in project server (resource table in reporting DB) but I am having trouble finding out how to programatically check if they are a member of the "Administrators" group.
  Could somebody please provide a code sample of how to check if a user is in the administrators group when you have their GUID or username or name?
  I did not see a table in the reporting DB that has this so I am guessing this has to be done through the PSI..
  Thanks in advance!
  BTW.. i am just wondering is there a way to check each groups permission levels? was wondering that if it is possible, what is the best way to implement a similar security model to that of the actual project server 2010

  hi Amit :) I ended up finding the answer myself before you posted here but thank you for your reply anyways, it is basically the same thing that I did.
  This is what I ended up doing :) Basically I have three different types of users configured in my web.config - admins, readwrite users, and read only users. In my code here I loop through and find out who the person is. Based on what group they are in I
  can later show/hide different options in my application :)
  SvcSecurity.SecurityClient security = new SecurityClient(ENDPOINT_PROJ_SECURITY);
  string adminGroupsString = ConfigurationManager.AppSettings["adminGroups"];
  string readWriteString = ConfigurationManager.AppSettings["readWriteGroups"];
  string readOnlyString = ConfigurationManager.AppSettings["readOnlyGroups"];
  List<string> adminGroups = new List<string>(adminGroupsString.Split(';'));
  List<string> readWriteGroups = new List<string>(readWriteString.Split(';'));
  List<string> readOnlyGroups = new List<string>(readOnlyString.Split(';'));
  List<Guid> adminGroupIDs = new List<Guid>();
  List<Guid> readWriteGroupIDs = new List<Guid>();
  List<Guid> readOnlyGroupIDs = new List<Guid>();
  List<Project> projectList = new List<Project>();
  SqlConnection con = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["RDB"].ConnectionString);
  con.Open();
  SqlCommand command = new SqlCommand("SELECT * FROM MSP_EpmResource where ResourceNTAccount = @username", con);
  command.Parameters.AddWithValue("@username", this.User.Identity.Name);
  SqlDataReader reader = command.ExecuteReader();
  if (reader.Read())
  string resourceID = reader["ResourceUID"].ToString();
  //Get a list of security groups
  SvcSecurity.SecurityGroupsDataSet sgds = security.ReadGroupList();
  //Get the IDs of the required groups
  foreach (SvcSecurity.SecurityGroupsDataSet.SecurityGroupsRow ds in sgds.SecurityGroups)
  if (adminGroups.Exists(group => ds.WSEC_GRP_NAME == group))
  adminGroupIDs.Add(ds.WSEC_GRP_UID);
  else if (readWriteGroups.Exists(group => ds.WSEC_GRP_NAME == group))
  readWriteGroupIDs.Add(ds.WSEC_GRP_UID);
  else if (readOnlyGroups.Exists(group => ds.WSEC_GRP_NAME == group))
  readOnlyGroupIDs.Add(ds.WSEC_GRP_UID);
  bool isAdmin = false;
  //Go through each group using the id and check if the current
  //user is in that group (for example here check if the user is an admin)
  foreach (Guid id in adminGroupIDs)
  SecurityGroupsDataSet group = security.ReadGroup(id);
  foreach (SvcSecurity.SecurityGroupsDataSet.GroupMembersRow member in group.GroupMembers)
  if (member.RES_UID.ToString().Equals(resourceID))
  isAdmin = true;
  Session["createReport"] = "true";
  break;
  //If the user is not an admin then continue checking who they are
  if (!isAdmin)
  bool readWrite = false;
  //Check if the user is a read write group member
  foreach (Guid id in readWriteGroupIDs)
  SecurityGroupsDataSet group = security.ReadGroup(id);
  foreach (SvcSecurity.SecurityGroupsDataSet.GroupMembersRow member in group.GroupMembers)
  if (member.RES_UID.ToString().Equals(resourceID))
  Session["createReport"] = "true";
  readWrite = true;
  break;
  //If the user is not a read write group member either then check if they are a team member
  if (!readWrite)
  foreach (Guid id in readOnlyGroupIDs)
  SecurityGroupsDataSet group = security.ReadGroup(id);
  foreach (SvcSecurity.SecurityGroupsDataSet.GroupMembersRow member in group.GroupMembers)
  if (member.RES_UID.ToString().Equals(resourceID))
  Session["createReport"] = "false";
  break;
  Cheers! :)

• Programatically Check if the logged in user matches with user in a list item

  Hi All, 
  I have a custom list with 1) title column 2) People column. 
  I simple need to check if the logged in user = user in the column 2, and if yes fill a List<> with column 1 value. 
  But when comparing, the value in list item is in different format than what we get by user.ToString() 
  Following is what I tried: 
  SPUser user = oWeb.CurrentUser;
  List<String> usergrps = new List<String>();
  foreach (SPListItem itemA in GrpSubsItems)
  if (itemA["SubscribedBy"].ToString() == user.ToString())
  usergrps.Add(itemA["Group"].ToString());
  itemA["SubscribedBy"].ToString() gives = 10;#Some Name
  where as user.ToString() gives = i:0#.w|domain\user 
  Kindly guide if my approach is not correct. Thanks. 
  Regards, Nayan

  Hi Nayan,
  Please modify the code like below:
  SPUser user = oWeb.CurrentUser;
  List<string> usergrps = new List<string>();
  foreach (SPListItem itemA in GrpSubsItems)
  string userName = itemA["SubscribedBy"] as string;
  SPFieldUserValue userA = new SPFieldUserValue(itemA.ParentList.ParentWeb, userName);
  if (userA.LoginName==user.LoginName)
  usergrps.Add(itemA["Group"].ToString());
  More information:
  http://ethan-deng.blogspot.com/2013/03/get-spuser-from-user-column-there-are.html
  Best Regards,
  Dennis Guo
  TechNet Community Support
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact
  [email protected]