Accesing portal groups
Hi.
I'm trying to access portal groups using oid and i get
oracle.portal.provider.v2.ProviderException: Could not get the OidInfo obj
My <provider>.properties file has:
oidManager=true
aoidAdminClass=<my packages>.OidInfoImpl
and OidInfoImpl is the class i implemented that extends OidInfo and has the necessary values to connect to the LDAP
My jsp has the following code line:
<%= oid.getUserProperty("NM09286","banvenez","givenname") %>
where NM.. is an appropiate name of an user in the LDAP, banvenez is the susbcription name and
givenname is just any property.
I have been sooooome time trying to figure out how to resolve this, but i can't, i even has tried with different versions of the pdk (9.0.2.3.0 & 9.0.2.6) but the result is the same.
Besides, the doc said that i should put <group></group> in the provider definition file (the .xml, right?) but if i do, it give an error :'(
so, please anyone help me.
Luis.-
Hi Vijay,
I have the same situation as you. My UME is LDAP and I also use Portal Group. Since your UME datasource is in LDAP, that means that the Security Groups in your LDAP will also be "replicated" (like your users), from LDAP to the Portal. Users in LDAP are "replicated" as users in Portal. Security Groups in LDAP are "replicated" as Group in Portal.
To make it simple explanation, I do my user management in LDAP and also assignment of user to Security Groups (assignments are also "replicated" into the Portal) in LDAP. What needs to be done after the "replication" is to link Portal roles into the Group accordingly. This way, user management are done in LDAP and in the Portal admin, you work on only linking the relationship between Portal Groups to Portal Roles.
There is also a hidden advantage with LDAP as UME datasource, that you can do mass user assignement/deletion/updates that the Portal has limited possibilities (thats the answer of your question actually ) ).
Make sure that your naming convention use in LDAP for teh Security Groups are linking to that in the Portal, this way, it will help you manage them in a more easy way (Role to Group relationship, so that you can identify which Group is link to which Portal Role).
Also one important poiint for the above setup is that after all the setup is done and you have it working, ask your LDAP Admin NOT TO MOVE/EDIT any of those Security Groups without your permission. Any changes done will break the relationship link that you have created between the Group and the Portal role (heads up advise for you ) ).
Hope that helps and award points for helpful suggestions. Nic Weekend !!
Ray
Edited by: Raymond HENG on Oct 10, 2008 8:38 AM
Similar Messages
-
How do I create portal groups dynamically?
Has anyone written code to use the
WWSEC_APP_GROUP_MGR.CREATE_GROUP procedure to create portal
groups programmatically? I understand alot of what I'm supposed
to pass, but some of these parameters are pretty obscure and
obfuscated.
I'm not sure this can be called like a normal (non-htp) stored
procedure at all. I now understand nearly all of the
parameters. Looking at the page source behind the Create Groups
page, I see that many of these parameters are involved in the
page generation itself, for example p_back_url being a variable
that is probably attached to the action of "Previous" buttons
that appear as you go through the process of creating a group.
Here is my call:
wwsec_app_group_mgr.create_group(p_groupname => 'X',
p_description => 'TEST GROUP',
p_db_role => 'DBA',
p_hide_group => 'N',
p_styleid => 6,
p_group_id => y,
p_siteid => 0,
p_site_id => 1);
where "y" is the nextval of the group sequence.
Inserting SQLERRM into a table, I end up with this:
ORA-06502: PL/SQL: numeric or value error
ORA-06512: at "SYS.OWA_UTIL", line 323
ORA-06512: at "SYS.HTP", line 860
ORA-06512: at "SYS.HTP", line 975
ORA-06512: at "SYS.HTP", line 993
ORA-06512: at "PORTAL30.WWUTL_HTP", line 25
ORA-06512: at "PORTAL30.WWERR_API_ERROR_UI", line 182
ORA-06512: at "PORTAL30.WWSEC_APP_GROUP_MGR", line 2891
ORA-06510: PL/SQL: unhandled user-defined exception
ORA-06512: at "PORTAL30.WWSEC_APP_GROUP_MGR", line 255
ORA-01403: no data found
I know that this procedure is responsible for generating the
subsequent pages in the "create group" wizard. There's just no
possible way to figure out how to use this procedure
dynamically. I repeat we WILL NOT BE TYPING IN OVER 3500 GROUPS
and 7000 USERS USING THE WIZARD. There must be a way.
I don't want to just arbitrarily insert groups into tables
behind the scenes without knowing what I'm doing. If this is as
simple as inserting a row into wwsec_group$, wwsec_member$,
etc., then great, but there's no way of knowing.
Maybe an Oracle person can help me. Is there another API I can
use, or is there a way to use this API as a stored procedure
where I can just loop through a driving table to create a bunch
of users and groups?
I appreciate any help. I need to create over 3000 groups based
on my client's organization. We REFUSE to do this by hand using
portal's interface. Not that it's bad, it is just impractical
in this instance.
Adrian KlingelNever mind.
-
Programmatically adding/deleting users to/from portal groups
I am using the following PDK api, to delete an user from a portal group (otp_sales).
I get the following error which doestn make sense. I tested the following api from a
script shown below. In my application, this gets called from a trigger, and fails
because it sees a ROLLBACK getting used in the API.
<<<<<<<<<<<<< delete_from_group.sql >>>>>>>>>>>>>>>>>>>>>>
DECLARE
BEGIN
moc.wwsec_api.delete_user_from_list (p_group_id
=>MOC.wwsec_API.GROUP_ID('OTP_SALES')
,p_member_person_id =>73);
END;
<<<<<<<<<<<<<<<<<<<<<<<<<<>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
SQL> @delete_from_group.sql
Input truncated to 1 characters
DECLARE
ERROR at line 1:
ORA-01086: savepoint 'DELETEUSERFROMLIST_SAVEPOINT' never established
ORA-06512: at "MOC.WWSEC_API", line 2467
ORA-06510: PL/SQL: unhandled user-defined exception
ORA-06512: at "MOC.WWCTX_SSO", line 849
ORA-06510: PL/SQL: unhandled user-defined exception
ORA-06512: at "MOC.WWCTX_SSO", line 669
ORA-06502: PL/SQL: numeric or value error
ORA-06512: at line 3
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Thanks
regards
-AnanthWe had the same problem and it turned out that deleting a portal user(delete_portal_user), removing a portal user from a list (delete_user_from_list) or updating a portal user, the "savepoint xxxx never established message" came up when there was no context set. If the procedure is called from within a portal page (or as user portal30) ,and the context is set and it works. The solution is to check to see if the context was set, and then set it if not.
if not portal30.wwctx_api_private.is_context_set then
portal30.wwctx_api_private.set_context(p_user_name => 'portal30');
end if;
Hope this helps
Tania -
Regarding : How to add a user to portal group with the help of webdynpro .
Hii ,
I am working on an application in which with the help of an action( Button) we r adding a user in Ztable in R/3 , as well as group in portal.
The user r successfully creating in Ztable but from portal side No user is assigned to Portal group.
I need coding solution for " How to add a user to portal group with help of webdynpro"
Any usefull link will also do.
Pls anyone have any solution ??
Thnks in advance.
Rewards r waiting for u .Hi,
Use UME api to add user to portal group.
Using UME API:
https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/40d562b7-1405-2a10-dfa3-b03148a9bd19
Regards,
Naga -
Hi Portal Knowledgeable ones.
I get an exception when I attempt to delete a portal group.
<b>My first question is where do I look to find more information about the exception that was returned (eg; a log file)? I can't click on it to see more details.</b>
My guess is that I am getting this exception because of some existing "reference" to this group inside the portal. No users are assigned to it. No roles or other groups are contained in it. However, I'm not sure if there is a folder permission tied to that group.
<b>Is there some way to see where "customized folder permissions" exist?</b> Otherwise, I'm stuck with looking at the permissions of every Portal object individually.
Thanks
KevinHi Kevin,
<b>Ques 1)</b> My first question is where do I look to find more information about the exception that was returned (eg; a log file)? I can't click on it to see more details.
<b>Ans:</b> Yes you can view the log file through log viewer.
Please find the Visual Administrator in you installation directory. Visit:
<b>usr\sap\P66\JC00\j2ee\admin\go.bat.</b>
run this batch file and in the services see the log viewer. There you can view log information.
or if you want to view the trace file directly then visit the path:
<b>usr\sap\P66\JC00\j2ee\cluster\server0\log</b>
there you will see the .trc file. Open the file and see the logs.
<b>Ques 2)</b> Is there some way to see where "customized folder permissions" exist?
<b>Ans:</b> For this you can write a code to check the permission of the portal object. There are various API's provided by SAP to check the properties and permissions of the Portal objects.
I hope this will help you.
Regards
Praevsh
PS: Please consider rewarding points if helpful. -
What id the DIT of the portal groups in OID? - never mind. found it
Does anyone know the DIT of the portal groups in OID? I cannot seem to find it It does not appear to be under cn=Oraclcontext,cn=groups
Message was edited by:
ss396sKeith,
Welcome to the forums.
Are you saying that the procedures require you to check out
all the application or site code in addition to your RH source
because RH may change some of that external code? To my knowledge,
RH source is not connected to anything else in a way that it will
make automatic changes to anything outside the project. I don't
know about an official list, but I have seen (by using the Tortoise
client for both CVS and SVN) that if you make edits to RH source
files, those files change of course, and then I believe the .cpd
file is about the only other thing that changes.
You could try downloading and installing Tortoise if it works
for the version control system you use. Tortoise shows graphically
within Windows Explorer which files have changed since the last
time you checked a directory into the repository. If you change
nothing besides your RH source, Tortoise would plainly show that RH
isn't touching the application or site's code.
Hope this helps,
Ben -
Access Portal groups in webdynpro ABAP component
Hi Experts,
I have a requirement to access portal group in web dynpro ABAP application and based on whether user is assigned to particular group or not further processing for application will be done.
Are there any UME API or some other API's available to access portal groups in Webdynpro ABAP component?
Thanks in Advance..!!
Regards,
Shruti ShahThis might be a question better suited to the portal forum. The WDA Portal APIs do not have such functionality. You might be able to take the Java Portal APIs and wrap them in a web service so that they are callable from ABAP.
-
Hi all,
Is there any table or RFC which contains the Users based on Portal Group in ECC.I need to writa a programme which extracts the users based on poratal group.
Thanks and Regards,
VenkatHi Venkat,
To get users of a group:
boolean b =false;
String name = null;
IGroup grp = UMFactory.getGroupFactory().getGroupByUniqueName("GroupName entered by User as a input");
if(grp.equals("<Name of Group>"))
Iterator i = grp.getUserMembers(true);
grp.getGroupMembers(true);
for (int a= 0; i.hasNext(); a++)
name = i.next().getClass().getName();
//Print / Store Name
Regards,
Vaibhav -
Portal Groups not Importing after Synchronization
Hi all,
I am currently running GRC 10 SP 15 and have completed the AC 10 EP Config guide. So far I have managed to complete all steps in the guide including the synchronization. However, when I try to import the roles the nwbc mass role import, I return 0 results. I have check the GRACLCONN table and the portal groups are definitely there. Does anyone know why the Mass Import would be failing?
Thanks,
JamesHi,
Only ABAP system based Technical roles can be imported via the Mass Import tool without the use of Import sheets. If you are using a import sheet already, just double check your entries. For EP groups, you will have to maintain and upload a sheet manually.
Ensure that the role type is set to 'GRP' in the sheet and the roles have been synced in via the Repository Object Sync job first.
Cheers. -
Hi
We are preparing to import a Portal into our UAT environment for testing. As part of the creation of the Portal we have created a number of Portal Groups which we intend migrating. As part of this we will also like to create a ldif file to assign the various users to the relevant Portal Groups.
Therefore I have 2 questions
1) Is is possible to export the Portal as well as the Portal Groups ?
2) Is there a way to assign users to Portal Groups using, for example, LDIF. We will have 10,000 users to assign so need to find a way of doing this automatically.
Any help will be much appreciated?
Kevin#!/bin/sh
# This script is used to export users/groups and portal groups from a
# source OID to a target OID. The import into the target OID is done by
# the import_oid.sh script.
# The script:
# 1) unsets NLS_LANG, sets ORACLE_HOME
# 2) ldapsearch (output to ldif file) all users
# 3) ldapsearch (output to ldif file) all portal groups
# 4) Remove 'authPassword' fields from the ldif for users
# 5) Change the Portal ID in the portal groups ldif file
echo "************************ BEGIN ************************************"
echo - This script will export users and groups from OID to ldif files.
echo - This script will modify the portal ID, remove authPassword fields.
echo Use import_oid.sh to import users and groups to target OID.
echo "************************ BEGIN ************************************"
#variables
oh=/oracle/10.2/infra10
source_hostname=""
port=""
target_dir="/oracle/10.2/oid_mig/"
log_file_users=export_users.log
log_file_groups=export_groups.log
old_portal_id=""
new_portal_id=""
orcladmin=""
orcl_pwd=""
group=""
echo "Please provide the source LDAP hostname: "
read source_hostname
if [ "$source_hostname" = "MyOIDServer" ]
then
port=389
orcl_pwd="OrclAdminPassword"
base_dn="dc=MyCompany,dc=com"
fi
echo "Please provide the group you want to export (*=all groups, group1*, group2*,...)"
read group
#echo "Please provide the LDAP port: "
#read port
#echo "Please provide the orcladmin password: "
#read orcl_pwd
# You can find the portal ID through OID Admin console. Go to
# cn=groups,dc=oracle,dc=com you will find the ID there.
echo "Please provide the old Portal ID: "
read old_portal_id
echo "Please provide the new Portal ID: "
read new_portal_id
ORACLE_HOME=/oracle/10.2/infra10
export ORACLE_HOME
cd $ORACLE_HOME/bin
echo ORACLE_HOME = $ORACLE_HOME
PATH=$ORACLE_HOME/bin:$PATH
export PATH
#NLS_LANG=american_america.UTF8
#export NLS_LANG
unset NLS_LANG
#exporting users
echo ----- exporting users "cn=users,dc=MyCompany,dc=com" -------
./ldapsearch -h $source_hostname -p $port -D "cn=orcladmin" -w $orcl_pwd -L -s one -b "cn=users,"$base_dn "(objectclass=orcluserv2)" "*" > /oracle/10.2/oid_mig/users.ldif
#exporting groups
echo ----- exporting groups "cn=groups,dc=MyCompany,dc=com" -------
./ldapsearch -h $source_hostname -p $port -D "cn=orcladmin" -w $orcl_pwd -L -s one -b "cn=groups,"$base_dn "(objectclass=*)" "*" > /oracle/10.2/oid_mig/groups.ldif
#exporting groups portal
echo ----- exporting portal groups "cn=portal."$old_portal_id",cn=groups,dc=MyCompany,dc=com" -------
./ldapsearch -h $source_hostname -p $port -X -D "cn=orcladmin" -w $orcl_pwd -s sub -b "cn=portal."$old_portal_id",cn=groups,"$base_dn "cn="$group > /oracle/10.2/oid_mig/groups_portal.xml
#removing authpassword fields from users
echo ----- removing authpassword fields from users -----
cat /oracle/10.2/oid_mig/users.ldif | grep -v authpassword > /oracle/10.2/oid_mig/auth_removed_users.ldif
# changing the PORTAL ID from $old_portal_id TO $new_portal_id
echo ----- changing the portal ID -----
cat /oracle/10.2/oid_mig/groups_portal.xml | sed -e "s/$old_portal_id/$new_portal_id/" > /oracle/10.2/oid_mig/groups_mod.xml
echo "***************************************** END *********************************************"
echo Users have been exported to /oracle/10.2/oid_mig/users.ldif
echo Groups have been exported to /oracle/10.2/oid_mig/groups.ldif
echo Portal Groups have been exported to /oracle/10.2/oid_mig/groups_portal.ldif
echo Users have authPassword removed in /oracle/10.2/oid_mig/auth_removed_users.ldif
echo Portal groups have their ID changed by this script and new groups are in /oracle/10.2/oid_mig/groups_mod.ldif
echo "***************************************** END *********************************************" -
Fetch all portal "user ids" belonging to perticular portal "group"
Hi
Is it possible to fetch all portal "user ids" belonging to perticular portal "group" ?
Please Guide me to achive it !!
Thanks & regards
PKPerhaps this question would be better suited to the Portal Forum as it doesn't seem directly related to Web Dynpro ABAP. The WD Specific portal APIs only deal with navigation and eventing. You would have to ask someone from Portal to see if they have a Web Service that exposes such information.
-
How can I disable portal logon by portal group
Hi,
I know it is possible to disable logon to the portal by individual users. However I would like to disable the logon for an entire portal group. This would allow members of other portal groups to continue using the portal.
Simply removing the role from the group/user(s) is not an option.
Has anyone successfully done something like that?
Lets see if we can award some pointsHi Darren,
thanks for the quick reply. I guess I should qualify my requirement a bit more on what I want to achieve.
There are a number of applications in use and accessible through the portal, amongst them also ESS / MSS. We have assigned the portal roles to the portal groups. The users are assigned to the groups in the Corporate LDAP which is used by the portal to authenticate the users. I can't remove the users from the group(s) because the user/group assignment is done in the Corporate LDAP through an IDM system which prevents me from making changes to the user/group assignments through the portal.
So as an example this is what we want to achieve:
1. Disable the logon for users that are in the ESS group and let them know something like "ESS is currently in maintenance - come back later". Meanwhile, users belonging to the MSS group can still continue to log on.
2. After the maintenance was done, the logon for the ESS group is enabled again and the users that are in the ESS group can log on again.
I am not quite familiar with JAAS, but how would it help me with this example? I don't want to remove the user(s) from the group but simply prevent a specific group of users to logon for a chosen period of time or as an alternative disable on the fly the ability to perform certain actions (role based) within the portal short of re-assigning roles to groups?
Thanks muchly. -
Reconfigure default portal group
By default portal group name is constructed with cn=portal.$timestamp. I'm trying to re-configure it so it will simply use cn=portal,cn=xxx....
Anyone has the procedures on how to do it ?
I have updated OID/SSO tab in portal, created a new entry in orclapplicationcommonname=,cn=Portal,cn=Products,cn=OracleContext and a new entry in portal group container (cn=Groups, dc=...). However it still appears that OID is looking up the default group.Hernando,
We are actually doing an parallel build and would like to migrate the OID entries from 9026 to 1012 repository. In previous version we only have dn=portal and we would like to keep it the same.
It is not an important task but just wondering if anyone has done it. -
Bea Portal Group and Group selection / um:getPorperty
Hi,
I would like to know if it is possible to set the default group
in which <um:getProperty> looks into when the user does not have
the requested property set into his profile.
I noticed that by default it looks into the current group portal.
However I would like to make it look into a specific sub group
of the group portal.
In the same way there are checks to dertermine if a user belongs to
several portal groups, I would like to extend these checks and include
sub groups in the tests and selection.
I saw that the webflow uses GroupFormProcessor and GroupProcessor but
couldn't find the source code to see what needs to be initialized for
<um:getProperty> to work correclty.
I saw the successor attribute in <um:getProfile>, but I would like to
know if there's a way to avoid specifying it each time... by setting a
value in the session for instance ?
Thanks for your help,
Best Regards,
ThierryHello Thierry,
You probably want to set the explicit successor in the session. A
successor is a group from which a user inherits properties. An explicit
successor is one that is specified in the getProperty() call underlying the
<um:getProperty> tag. Just for your information, this is as opposed to an
implicit successor, which is persisted for the user and is associated with a
property set. You can use the methods of ProfileWrapper to persist an
implicit successor for a user for a specific property set.
The portal framework sets the ProfileWrapper in the session using the
com.bea.p13n.usermgmt.SessionHelper.putProfileInSession() method. It sets
the explict successor for this profile to be equal to the group that was
selected by the user to apply for this portal session when they logged on
(if they are only a member of 1 group, then they were not prompted for which
group...the group was simpley set as the explicit successor). The call to
SessionHelper.putProfileInSession() is done in the PostLoginProcessor in the
portal security webflow (see the webflow in your EBCC).
You can override this by using SessionHelper.putProfileInSession()
yourself or by putting <um:getProfile> into your portal.jsp page.
<um:getProfile> does the same thing (uses
SessionHelper.putProfileInSession() to put the ProfileWrapper into the
session).
If I were you, I'd put <um:getProfile> with session scope at the top of
portal.jsp and use the group that you are interested in as the explicit
successor.
See the <um:getProfile> docs at
http://edocs.bea.com/wlp/docs70/jsp/p13njsp.htm#1001358
"Thierry Bensoussan" <[email protected]> wrote in message
news:[email protected]...
Hi,
I would like to know if it is possible to set the default group
in which <um:getProperty> looks into when the user does not have
the requested property set into his profile.
I noticed that by default it looks into the current group portal.
However I would like to make it look into a specific sub group
of the group portal.
In the same way there are checks to dertermine if a user belongs to
several portal groups, I would like to extend these checks and include
sub groups in the tests and selection.
I saw that the webflow uses GroupFormProcessor and GroupProcessor but
couldn't find the source code to see what needs to be initialized for
<um:getProperty> to work correclty.
I saw the successor attribute in <um:getProfile>, but I would like to
know if there's a way to avoid specifying it each time... by setting a
value in the session for instance ?
Thanks for your help,
Best Regards,
Thierry -
Assigning Portal Group to CAF Process
Hello Experts,
I want to assign portal group to caf process.
I am starting the process programmatically (Using Java Web Dynpro).
And also I dont want to assign user by user of the group to the process.
let me know if it is possible, and If Yes ( ) How ??
Regards,
Yogesh...Hi Yogesh,
Yes, you can assign portal group to your process action.
If you test your process from GP directly, Wile assigning users to the actions. you will see an option to assign a group and a role too(by selecting that dropdown).
So if you directly pass the group name in your code while calling GP. It will assign all the users in that group for that selected action.
Hope this resolves your query.
Thanks,
Tejaswini
Maybe you are looking for
-
Display row count of dataset after grouping in report header?
My dataset has 500 rows, but if I group that data by field DeptId, there are only 20 rows. I used something like the following, but it tells me that I can't use RowNumber in the page header: =RowNumber(Fields!DeptId.Value, "DataSetTeachers") I also t
-
Error while registering SMS portlet
Hi, portal version 9.0.4.0.99 I am getting the following error while registering SMS portlet using the external application SMSExternalApp. SOAP: Caught SOAPException (SOAP-ENV:Client): For input string: "3782 " [java.lang.NumberFormatException] Ille
-
What is the benefit of Using Data Adaptor
Hello I wonder that What is the benefit of Using Data Adaptor ? I don't know TopLink Technology , inorder to using Data Adaptor I should know toplink but what is the advatages of using BPEL database adaptors in conditions thet I can make webservices
-
Is there a link between ASCP released planned order and purchase requisition?
Hi, i'm new to EBS. would like to know is there some kind of link on table level between a released planned order with purchase requisition? thanks
-
How do I email a voice memo without slowing down all other applications?
I am trying to email a 1minute voice memo and it won't complete the process. It shows as sending in email but stays in the outbox all day. In the meantime, all the operations on my phone are much slower and when I charge the phone it flashes off and