About security management

hi all,
i want to know about security management system.cn any one send me the documentation or any related presentations to the below mail gupta1428(@ gmail)
if possible plz explain me clearly.......
please help me to get out this problem
thanks in advance.....
thanks,
gupta.
Edited by: gupta pullipudi on Apr 10, 2008 4:40 PM

>
gupta pullipudi wrote:
> can u provide me any links for compleate documentation............
Dear Gupta,
I guess you're asking for the training manual from the SAP courses ADM940, ADM950, ADM960?
You'll find the extract of these fine courses in the SAP Help Portal: [http://help.sap.com|http://help.sap.com]
There you have to click on "SAP Solution" -> "SAP NetWeaver" -> "Overview" -> "System Configuration and Administration" -> "Security Guide".
As easy as !!!
Regards,
Klaus

Similar Messages

  • Explanation about objects in ODI security manager

    Hi,,
    I'm looking for the document which gives the clear explanation about the objects/profiles which are in security manager of ODI.
    I want to understand first to assign those to the users.
    Any info is appreciated.
    Thanks
    K

    Yes that could be done but only for certain Objects as an example Text objects can be overriden by Induvidul apolicies. Refer URL
    http://cisco.com/en/US/products/ps6498/products_user_guide_chapter09186a00805ac23c.html#wp1199068

  • " plug-in name does not support the highest level of security for Safari plug-ins" appear for some plugins in Safari Security "Manage Website Settings"?

    Hi,
    Wondering why "<plug-in name> does not support the highest level of security for Safari plug-ins" appear for some plugins in Safari > Security > "Manage Website Settings"?
    Have been trying to get to the root cause of the problem but did not find much on this. I am trying to figure out what can get the warning to go away completely than using the Allow/Always Allow options for the plug-in
    Thanks,
    Shyam

    Hi Linc,
    Thank you for your response. Here is the screenshot of the warning that I am talking about.
    Here is what I do:
    1. Launch Safari and open its Preferences. I have Safari 7.1 installed on my machine.
    2. Click Security Tab and click Manage WebSite Settings
    3. A window opens showing me all the Plug-ins that I have (listed on the left hand side).
    4. One of them is the Adobe Reader plug-in. When I click Adobe Reader, the following details about the plug-in show up on the right
    I was referring to the highlighted section that warns me about this plug-in not using the highest level of security for Safari Plug-ins.
    Note: I do not see this for all my plug-ins (QuickTime, Adobe Flash Player don't give me this warning) which tells me that there is a way to make the warning go away.
    Thanks again,
    Shyam

  • What about security in adf faces application ?

    It seem that the documentation has a little bit changed about security for adf faces application.
    SRDemo J2EE sample application only implemented the security at the web container and may be for the session beans (don't remember) by using security-role and security-constraint in web.xml configuration file.
    It seem that the documentation recommand now to implement adf security and didn't find anymore the reference to the standard j2ee security implementation.
    We found also that the security constraints checked by the web container was sometimes ignored and the container didn't ask us to login before displaying a page.
    Is ADF security a clear Oracle recommandation for ADF Faces application ?
    What about j2ee security for this type of application (why it is not recommended to use it) ?

    Hi,
    there is no single recommedation about security because security ideally is applied on several levels to implement security in depth. Container managed security with J2EE is a good option to secure page access and - if using EJB - to propagate the user identity for method level access control.
    Using ADF Security, which is security added to the binding layer based on JAAS, a second layer of the security onion becomes available that allows you to define which user is allowed to perform which operation on an iterator or attribute binding. This goes beyond of what container managed security can do for you.
    The thrid layer is business layer security and eventually database security.
    For Oracle Open World we will have a developmengt track and one of the presentation I am giving with Ric Smith from our team is about end-to-end application security for ADF Faces, ADF, ADF BCor TopLink/EJB and the Oracle database.
    The plan is to also write this up in a paper, but this would come late because of other priorities I have on my plate. So attending OOW probably is the best option for you to get the big picture
    Frank

  • Using the Security Manager to restrict access to a single package

    After reading up on the Security Manager, the package.access property and the use of the [accessClassInPackage RuntimePermission|http://java.sun.com/javase/6/docs/technotes/guides/security/permissions.html#RuntimePermission] , it seemed to me that it would possible to set up the following: I have a security-sensitive code base packaged in a jar, and I want to make sure that only one client code base that I specify is permitted to access it. The idea here is to prevent malicious code from executing anything in the sensitive code base; the sensitive code is only accessible to one client that I name in a security policy file. Perhaps rather foolishly, I advised a client to consider this before testing out a sample myself, because much to my surprise, it appears to me that it isn't possible to get the Security Manager to do this at all. Am I missing something? I'm a bit startled by this conclusion -- it seems like such an obvious use for the Security Manager, I'm hard-pressed to be believe that it can't be done, and more inclined to suspect that I'm going about it wrong.
    Here's what I thought I could do: set up the package.access property so that it denies access to any package; then in the policy file, grant the RuntimePermission/accessClassInPackage to the client code base that is permitted to access the sensitive code.
    Of course, you wouldn't want the package.access property to exclude all packages in the global java.security file, because then no code could be accessed at all. It would be necessary to use the trick of resetting the package.access property within the code, as [illustrated in the secure coding guidelines|http://java.sun.com/security/seccodeguide.html#1-1a] .
    But the problem lies in the idea of "use the package.access property to deny access to +any+ package". There doesn't seem to be any way to use wildcards or the like with the property -- it has to specifically name packages (or package prefixes) to which access is forbidden. It wouldn't do to try to name the packages to which I'm trying to prevent access, since we're trying to prevent access from malicious code -- the attacker could just choose package names that aren't on the list. I'd really need to say that access is denied to all packages, except for those in the permitted code base, but the security mechanisms for package access don't seem to allow that.
    Moreover, the trick of changing the value of package.access can't be done within the client code -- otherwise, the attacker client would just set the property to his own purposes. But it can't really be done within the sensitive package either, because the whole idea is to prevent access to that package, and by the time it's busy setting the property, it's already too late, because the package has to have been accessed by a client to get there at all.
    It seems to me that this a symptom of something I've never really understood about the design of the Security Manager -- you can grant permissions to specific code bases, but you can't revoke permissions from specific code bases, let alone all code bases. What I want to do here is grant access permission to one specific code base and revoke it from all others. There doesn't seem to be any way to express that with the mechanisms of the Security Manager.
    The more I look at it, the more it seems that there's just no way to use the Security Manager this way -- set up package access so that a specific code base can only be accessed by one specific client code base. There are surely other ways to get the effect that I'm looking for, but as far as I can tell, none of them involve restricting package access (for example: define a custom permission, grant it only to the permitted client. and check against that permission within the sensitive code base; meaning that the sensitive code has to be accessible to anyone in the first place). This conclusion really surprises me (not to mention my bit of embarrassment with the client); wouldn't this be precisely the sort of thing the Security Manager ought to be good for?

    You're looking at this back to front. The security policy file is there for the client to decide how much access he is going to give this application, not for to application to restrict who can use it. If you want to control what used to be called 'state orientation' you can do that directly by looking down the stack trace inside your code.

  • Default Administrator password in BI Administration Tool - Security Manager

    Hello all,
    I'm new to OBIEE and have recently been playing around in the BI Administration Tool to create my own repository (.rpd) metadata files from demo DBs. I selected "Manage" -> "Security" to open Security Manager and then set a logging level of 2 on the Administrator user.
    UNFORTUNATELY, there is a default password that apparently gets specified that I didn't notice, so when I closed my repository file and tried to re-open it, it is now challenging me for a password that I didn't set, don't know, and have not been able to find in documentation or posted threads anywhere.
    Has anyone else ever come across this problem before or know the default password? Any help would be greatly appreciated. Thanks guys.

    Guys,
    First, let me thank you all for you quick responses and willingness to give me a hand. It's greatly appreciated. And thanks Ally for noticing the name! Glad you liked it. :)
    Unfortunately, my problem still exists. None of the following passwords worked for me: <blank>, "Administrator", "administrator", or "ADMINISTRATOR".
    Also, I should clarify for the thread that I'm not using Paint.rpd or SH.rpd; I'm creating my own repository from scratch. For those who read this post and have literally 90 seconds to spare, I would ask you to try and recreate this same thing with me and see if it's just me (and if I'm crazy):
    1) Open OBI Administration Tool
    2) DO NOT open an existing repository, create a new one. Name it whatever; mine is the default "Metadata1.rpd"
    3) Don't bother adding any metadata to it, go immediately to "Manage" --> "Security" --> "Users" and open up the Administrator user by double-clicking it.
    4) Notice there is a "Password" and "Confirm Password" value already defined by default! DON'T change it (this is the password in question that I accidentally accepted). Just click the "OK" button without making any changes to that form.
    5) Save, close, and then try to re-open this repository you just created. It should be challenging you for a password now, right? And I bet it will not accept <blank> or any variation of "Administrator".
    Believe me, I know better now in the future to not let this happen. But I can't for the life of me figure out this password that was automatically populated and WHY there would be one there in the first place! I was walking through a lab that told me to open this security setting for Administrator to set a logging level, but it did not mention anything about a setting a password. So, I created a repository that I have now magically locked myself out of. :)
    Can anyone else please try to recreate this and let me know if it's just me or not? I am using BI Administration Tool version: 10.1.3.3.2.071217.1900.
    Thanks again guys.

  • Cisco Security Manager IOPS for Storage (VM Deployent)

    Hi,
    I've been asked by a client about the Cisco Security Manager requirement to have 1TB of storage for events and another for archiving.
    They wish to know the IOPS requirement for this storage. Please could anyone assist in this ?
    Many thanks,
    Mark                 

    Hi,
    I'm not sure that I can really help you, but I can verify that on my CSM 4.5 server which is running normally, that service has a starup type of automatic and is in the "Started" state.
    You may want to check your system and application event logs to see if there are any messages that could explain why it stopped.
    Regards,
    Matt

  • Advanced Security Manager (Planning)

    Hello, I am trying to find a utility which can export all the security from Planning to a *.txt file. Please let me know if its possible. I heard about Advanced Security Manager where i can download this thing. Thanks,Scorpion

    You can download ASM from Essbase.com. Here is the link..http://dev.hyperion.com/download/utilities/Thanks, Ricky - [email protected]

  • Java.security.manager ?

    My understanding about Java SecurityManager is when you want to use it,
    it have to be installed. It can be installed through
    using -Djava.security.manager
    option with java command or calling setSecurityManager() in the application.
    I'm sure that WLS startup script marketed with WLS5.1
    used -Djava.security.manager
    option, however, WLS6.1 and WLS7.0's script don't use the option. Do they
    install a SecurityManager through setSecurityManager() method?
    I'm just curious to know why they are different between WLS5.1 and
    WLS6.1/7.0.
    Thanks in advance,
    Koji Sekiguchi

    6.1 and 7.0 do not install a SecurityManager programattically. It was
    decided that most people do not make use of the added security provided
    by the security manager and that it has a significant performance hit on
    the VM (I think we found 6-7% degradation but it was a long time ago so
    I may be way off) so that it did not make sense to run with it by
    default. Instead we tell people to turn it on who need it. It seems
    better because all of the security conscious people know to look for it
    and all of the security unaware folk don't know enough to turn it off so
    they are stuck with the degradation.
    The SecurityManager is really most helpful if you are installing
    untrusted applications on your app server (something most users don't
    do). It does next-to-nothing to prevent remote attacks.
    Neil Smithline
    Koji Sekiguchi wrote:
    My understanding about Java SecurityManager is when you want to use it,
    it have to be installed. It can be installed through
    using -Djava.security.manager
    option with java command or calling setSecurityManager() in the application.
    I'm sure that WLS startup script marketed with WLS5.1
    used -Djava.security.manager
    option, however, WLS6.1 and WLS7.0's script don't use the option. Do they
    install a SecurityManager through setSecurityManager() method?
    I'm just curious to know why they are different between WLS5.1 and
    WLS6.1/7.0.
    Thanks in advance,
    Koji Sekiguchi

  • EIM/WIM: How to install MeadCo Security Manager?

    Hi,
    While logging into an EIM/WIM agent console an agent does not get the following message:
    This site might require the following ActiveX control: 'MeadCo's Security Manager from ... Click here to install...'
    As a result we cannot use the two-way cobrowsing feature of EIM/WIM.
    Please note we set cobrowsing attributes in the department and partition settings accordingly to allow that feature and in IE7 as well.
    What is wrong? How do we launch cobrowsing?
    Thanks.
    Igor

    [email protected] eGain, true cobrowsing is done with another product that you install. This was available with 4.2.x and could be used with 4.3 early release, but CoBrowse is not included in the 4.3 product set from Cisco. CoBrowse is a difficult problem because of dynamic content management and all the rules and security settings required, and by understanding is that Cisco did not think it was ready. My understanding is that it will be added later, along with pro-active chat etc.Just to make sure we are talking about the same thing .... what is it you wish to do? Follow me browsing driven by the customer?Regards,Geoff
    Hi Geoff,
    Thanks for your help.
    Yes, we do want to use cobrowsing driven by an agent or a customer, i.e. the "follow me" feature.
    So, if I understood you correctly we have to wait until Cisco implements this feature.
    Thanks.
    Igor

  • Setting Security through the Security Manager

    Hi guys!
    I have a question about Security..
    If I open Security Manager --> Groups --> Group_name --> Permissions --> Filters i choose a presentation server and the presentation table (and its fields) so that the user can see only the data that i want..
    The problem is that choosing this presentation table when creating a generic answer i effectively do not allow the user to see that data.. but when the user chooses some other presentation tables and not the one that i "told" him to, he can see all the data anyway..
    Is there a way to apply this filter to the whole repository, even if the user does not directly choose that particular presentation table for an answer?

    911078 wrote:
    Hi guys!
    I have a question about Security..
    If I open Security Manager --> Groups --> Group_name --> Permissions --> Filters i choose a presentation server and the presentation table (and its fields) so that the user can see only the data that i want..
    The problem is that choosing this presentation table when creating a generic answer i effectively do not allow the user to see that data.. but when the user chooses some other presentation tables and not the one that i "told" him to, he can see all the data anyway..
    Is there a way to apply this filter to the whole repository, even if the user does not directly choose that particular presentation table for an answer?Are you looking at the Advanced Security Option?
    Getting a hint of the product version and operating system would really be appreciated.

  • Custom Security Manager or Security Event Interception from WebLogic Console

    Hello,
    I have built my own Security Manager and implemented custom preference/property mechanism for every Principal, so when I use my Swing client to create new User and new Group, as well as addMember to a Group, I know what to do with those properies/preferences.
    Now, I want to use WebLogic Console to manage users and groups. I want to intercept events in my Security Manager about new User or Group creation or changing their memberships as Principals in order to handle their Preference/properties stuff myself...
    I wonder what should I "listen" in order to understand that someone has changed membership of Users or Groups or about creation of new User or Group?
    I use Weblogic Server 6.0 sp2
    serge

    Hi Daniel,
    > a custom security manager for the standard CM Repository
    And this dictates you indeed to use the old API, as the CMRepositoryManager itself is using the old API.
    The standard AclSecurityManager is implemented by com.sapportals.wcm.repository.manager.generic.security.AclSecurityManager. If you check out Configuration - Content Management - Repository Managers - Security Manager, you will see "ACL Security Manager" (the one from above) and "ACL Security Manager (for new Manager-API)". This is implementing / using the new API, but needs also a RM using the new API.
    > java.lang.NoSuchMethodException: MySecurityManager.<init>
    This exception only complains about a missing constructor!? Have you implemented a default constructor?!
    > If this is the case, where can I find the API for IUMPrincipal? It is not included in any provided API because of deprecation.
    The methods of the old EP5 user management are more or less similar to the new UME, so using the old deprecated API should be more or less straight forward.
    There are also transformer methods for example to transform a "new" user object to an old EP5 one, see https://forums.sdn.sap.com/thread.jspa?threadID=235656&tstart=0
    Hope it helps
    Detlev

  • Signed code vs security manager

    i've seen tons of information on how to implement a security manager, and tons of information on signed code, but i haven't found information about WHY you choose with one over the other.
    we are implementing security is a very large desktop app.

    It's not an either/or decision. You can use both. If you use code signing and a security manager you can get more fine-grained control in your .policy file.

  • Failed to setup Velocity Engine ... in Cisco Security Manager

    Anyone having problems trying to validate syntax in a FlexConfig in Cisco Security Manager?
    CSM version 4.4.0 SP2
    Java 1.6.0_14-b08
    I have heard that there are issues with earlier versions of Java.
    I have also heard that this problem was fixed in CSM
    Any ideas anyone?
    Adrian

    I believe this is where you need to run CSM Configuration Manager as Administrator.  I had that issue, and I think the note about this is in the Install Guide.
    HTH
    Paul

  • Enable security manager netbeans - where/how ?

    How do I enable the java security manager in netbeans ?
    for example -
    the way I do on command line is :
    java -Djava.security.policy=/Desktop/TestSecurity/pol.txt -Djava.security.manager test
    Where do I give these options -Djava.security.policy=/Desktop/TestSecurity/pol.txt -Djava.security.manager while working in netbeans...

    * reply to peter lawrey
    my browser hs gone crazy..
    nope,
    the link talks about command line argument, this one is vm argument.
    Edited by: javaflex on Jul 28, 2008 1:31 PM

Maybe you are looking for

  • Error while using Image component to display a child flash file

    Hi I'm using Xcelsius version 4.5. I used the "Image Component" to import a child flash file(.swf) into the parent flash file. I gave the path "D:\246024\Loblaw\Dashboard Docs\New Folder\trend input.swf" in the general tab of the image component. Aft

  • Line item not updated for F-04

    Dear All,           Previously I have posted a receipt document with Bank account 'A'. The customer line item is cleared already. And I would like to do transfer posting from Bank 'A' account to Bank 'B' account by F-04. But the document number is no

  • Can't install drivers for Creative Zen 'Data Inval

    I have just bought a 8gb Creative Zen but everytime I try to install it I keep getting the message "There is a problem with this hardware (Creative Zen) An error occurred during the installation of the device, The data is invalid" and when I go into

  • Purchase Requistion with respect o cost centre

    Hi, My client is asking for a specific reqmt. Is there any possibility of configuring the release process for Purchase requistions with respect to cost centre threre are some where around 100 cost centres. if it is so how can i go ahead? Can any one

  • APEX LOV

    Application Express 4.0 I have a tabular form with a LOV and I would like for the form to check for duplicate records. I don't want a user to select the same value from the LOV more than once. a shuttle control is not available for use and the when I