Accesing portal groups

Similar Messages

• How do I create portal groups dynamically?

  Has anyone written code to use the
  WWSEC_APP_GROUP_MGR.CREATE_GROUP procedure to create portal
  groups programmatically? I understand alot of what I'm supposed
  to pass, but some of these parameters are pretty obscure and
  obfuscated.
  I'm not sure this can be called like a normal (non-htp) stored
  procedure at all. I now understand nearly all of the
  parameters. Looking at the page source behind the Create Groups
  page, I see that many of these parameters are involved in the
  page generation itself, for example p_back_url being a variable
  that is probably attached to the action of "Previous" buttons
  that appear as you go through the process of creating a group.
  Here is my call:
  wwsec_app_group_mgr.create_group(p_groupname => 'X',
  p_description => 'TEST GROUP',
  p_db_role => 'DBA',
  p_hide_group => 'N',
  p_styleid => 6,
  p_group_id => y,
  p_siteid => 0,
  p_site_id => 1);
  where "y" is the nextval of the group sequence.
  Inserting SQLERRM into a table, I end up with this:
  ORA-06502: PL/SQL: numeric or value error
  ORA-06512: at "SYS.OWA_UTIL", line 323
  ORA-06512: at "SYS.HTP", line 860
  ORA-06512: at "SYS.HTP", line 975
  ORA-06512: at "SYS.HTP", line 993
  ORA-06512: at "PORTAL30.WWUTL_HTP", line 25
  ORA-06512: at "PORTAL30.WWERR_API_ERROR_UI", line 182
  ORA-06512: at "PORTAL30.WWSEC_APP_GROUP_MGR", line 2891
  ORA-06510: PL/SQL: unhandled user-defined exception
  ORA-06512: at "PORTAL30.WWSEC_APP_GROUP_MGR", line 255
  ORA-01403: no data found
  I know that this procedure is responsible for generating the
  subsequent pages in the "create group" wizard. There's just no
  possible way to figure out how to use this procedure
  dynamically. I repeat we WILL NOT BE TYPING IN OVER 3500 GROUPS
  and 7000 USERS USING THE WIZARD. There must be a way.
  I don't want to just arbitrarily insert groups into tables
  behind the scenes without knowing what I'm doing. If this is as
  simple as inserting a row into wwsec_group$, wwsec_member$,
  etc., then great, but there's no way of knowing.
  Maybe an Oracle person can help me. Is there another API I can
  use, or is there a way to use this API as a stored procedure
  where I can just loop through a driving table to create a bunch
  of users and groups?
  I appreciate any help. I need to create over 3000 groups based
  on my client's organization. We REFUSE to do this by hand using
  portal's interface. Not that it's bad, it is just impractical
  in this instance.
  Adrian Klingel

  Never mind.

• Programmatically adding/deleting users to/from portal groups

  I am using the following PDK api, to delete an user from a portal group (otp_sales).
  I get the following error which doestn make sense. I tested the following api from a
  script shown below. In my application, this gets called from a trigger, and fails
  because it sees a ROLLBACK getting used in the API.
  <<<<<<<<<<<<< delete_from_group.sql >>>>>>>>>>>>>>>>>>>>>>
  DECLARE
  BEGIN
  moc.wwsec_api.delete_user_from_list (p_group_id
  =>MOC.wwsec_API.GROUP_ID('OTP_SALES')
  ,p_member_person_id =>73);
  END;
  <<<<<<<<<<<<<<<<<<<<<<<<<<>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
  SQL> @delete_from_group.sql
  Input truncated to 1 characters
  DECLARE
  ERROR at line 1:
  ORA-01086: savepoint 'DELETEUSERFROMLIST_SAVEPOINT' never established
  ORA-06512: at "MOC.WWSEC_API", line 2467
  ORA-06510: PL/SQL: unhandled user-defined exception
  ORA-06512: at "MOC.WWCTX_SSO", line 849
  ORA-06510: PL/SQL: unhandled user-defined exception
  ORA-06512: at "MOC.WWCTX_SSO", line 669
  ORA-06502: PL/SQL: numeric or value error
  ORA-06512: at line 3
  >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
  Thanks
  regards
  -Ananth

  We had the same problem and it turned out that deleting a portal user(delete_portal_user), removing a portal user from a list (delete_user_from_list) or updating a portal user, the "savepoint xxxx never established message" came up when there was no context set. If the procedure is called from within a portal page (or as user portal30) ,and the context is set and it works. The solution is to check to see if the context was set, and then set it if not.
  if not portal30.wwctx_api_private.is_context_set then
  portal30.wwctx_api_private.set_context(p_user_name => 'portal30');
  end if;
  Hope this helps
  Tania

• Regarding : How to add a user to portal group with the help of webdynpro .

  Hii ,
  I am working on an application in which with the help of an action( Button)  we r adding a user in Ztable in R/3 , as well as  group in portal.
  The user r successfully creating in Ztable but from portal side No user is assigned to Portal group.
  I need coding solution for " How to add a user to portal group with help of webdynpro"
  Any usefull link will also do.
  Pls anyone have any solution ??
  Thnks in advance.
  Rewards r waiting for u .

  Hi,
  Use UME api to add user to portal group.
  Using UME API:
  https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/40d562b7-1405-2a10-dfa3-b03148a9bd19
  Regards,
  Naga

• Unable to delete Portal Group

  Hi Portal Knowledgeable ones.
  I get an exception when I attempt to delete a portal group. 
  <b>My first question is where do I look to find more information about the exception that was returned (eg; a log file)?  I can't click on it to see more details.</b>
  My guess is that I am getting this exception because of some existing "reference" to this group inside the portal.  No users are assigned to it.  No roles or other groups are contained in it.  However, I'm not sure if there is a folder permission tied to that group.
  <b>Is there some way to see where "customized folder permissions" exist?</b>  Otherwise, I'm stuck with looking at the permissions of every Portal object individually.
  Thanks
  Kevin

  Hi Kevin,
  <b>Ques 1)</b> My first question is where do I look to find more information about the exception that was returned (eg; a log file)? I can't click on it to see more details.
  <b>Ans:</b> Yes you can view the log file through log viewer.
  Please find the Visual Administrator in you installation directory. Visit:
  <b>usr\sap\P66\JC00\j2ee\admin\go.bat.</b>
  run this batch file and in the services see the log viewer. There you can view log information.
  or if you want to view the trace file directly then visit the path:
  <b>usr\sap\P66\JC00\j2ee\cluster\server0\log</b>
  there you will see the .trc file. Open the file and see the logs.
  <b>Ques 2)</b> Is there some way to see where "customized folder permissions" exist?
  <b>Ans:</b> For this you can write a code to check the permission of the portal object. There are various API's provided by SAP to check the properties and permissions of the Portal objects.
  I hope this will help you.
  Regards
  Praevsh
  PS: Please consider rewarding points if helpful.

• What id the DIT of the portal groups in OID? - never mind. found it

  Does anyone know the DIT of the portal groups in OID? I cannot seem to find it It does not appear to be under cn=Oraclcontext,cn=groups
  Message was edited by:
  ss396s

  Keith,
  Welcome to the forums.
  Are you saying that the procedures require you to check out
  all the application or site code in addition to your RH source
  because RH may change some of that external code? To my knowledge,
  RH source is not connected to anything else in a way that it will
  make automatic changes to anything outside the project. I don't
  know about an official list, but I have seen (by using the Tortoise
  client for both CVS and SVN) that if you make edits to RH source
  files, those files change of course, and then I believe the .cpd
  file is about the only other thing that changes.
  You could try downloading and installing Tortoise if it works
  for the version control system you use. Tortoise shows graphically
  within Windows Explorer which files have changed since the last
  time you checked a directory into the repository. If you change
  nothing besides your RH source, Tortoise would plainly show that RH
  isn't touching the application or site's code.
  Hope this helps,
  Ben

• Access Portal groups in webdynpro ABAP component

  Hi Experts,
  I have a requirement to access portal group in web dynpro ABAP application and based on whether user is assigned to particular group or not further processing for application will be done.
  Are there any UME API or some other API's available to access portal groups in Webdynpro ABAP component?
  Thanks in Advance..!!
  Regards,
  Shruti Shah

  This might be a question better suited to the portal forum. The WDA Portal APIs do not have such functionality.  You might be able to take the Java Portal APIs and wrap them in a web service so that they are callable from ABAP.

• Users based on Portal Group

  Hi all,
  Is there any table or RFC which contains the Users based on Portal Group in ECC.I need to writa a programme which extracts the users based on poratal group.
  Thanks and Regards,
  Venkat

  Hi Venkat,
  To get users of a group:
  boolean b =false;
  String name = null;
  IGroup grp = UMFactory.getGroupFactory().getGroupByUniqueName("GroupName entered by User as a input");
  if(grp.equals("<Name of Group>"))
         Iterator i = grp.getUserMembers(true);
         grp.getGroupMembers(true);
         for (int a= 0; i.hasNext(); a++)
                name = i.next().getClass().getName();
                //Print / Store Name
  Regards,
  Vaibhav

• Portal Groups not Importing after Synchronization

  Hi all,
  I am currently running GRC 10 SP 15 and have completed the AC 10 EP Config guide. So far I have managed to complete all steps in the guide including the synchronization. However, when I try to import the roles the nwbc mass role import, I return 0 results. I have check the GRACLCONN table and the portal groups are definitely there. Does anyone know why the Mass Import would be failing?
  Thanks,
  James

  Hi,
  Only ABAP system based Technical roles can be imported via the Mass Import tool without the use of Import sheets. If you are using a import sheet already, just double check your entries. For EP groups, you will have to maintain and upload a sheet manually.
  Ensure that the role type is set to 'GRP' in the sheet and the roles have been synced in via the Repository Object Sync job first.
  Cheers.

• Portal Groups Creation

  Hi
  We are preparing to import a Portal into our UAT environment for testing. As part of the creation of the Portal we have created a number of Portal Groups which we intend migrating. As part of this we will also like to create a ldif file to assign the various users to the relevant Portal Groups.
  Therefore I have 2 questions
  1) Is is possible to export the Portal as well as the Portal Groups ?
  2) Is there a way to assign users to Portal Groups using, for example, LDIF. We will have 10,000 users to assign so need to find a way of doing this automatically.
  Any help will be much appreciated?
  Kevin

  #!/bin/sh
  # This script is used to export users/groups and portal groups from a
  # source OID to a target OID. The import into the target OID is done by
  # the import_oid.sh script.
  # The script:
  # 1) unsets NLS_LANG, sets ORACLE_HOME
  # 2) ldapsearch (output to ldif file) all users
  # 3) ldapsearch (output to ldif file) all portal groups
  # 4) Remove 'authPassword' fields from the ldif for users
  # 5) Change the Portal ID in the portal groups ldif file
  echo "************************ BEGIN ************************************"
  echo - This script will export users and groups from OID to ldif files.
  echo - This script will modify the portal ID, remove authPassword fields.
  echo Use import_oid.sh to import users and groups to target OID.
  echo "************************ BEGIN ************************************"
  #variables
  oh=/oracle/10.2/infra10
  source_hostname=""
  port=""
  target_dir="/oracle/10.2/oid_mig/"
  log_file_users=export_users.log
  log_file_groups=export_groups.log
  old_portal_id=""
  new_portal_id=""
  orcladmin=""
  orcl_pwd=""
  group=""
  echo "Please provide the source LDAP hostname: "
  read source_hostname
  if [ "$source_hostname" = "MyOIDServer" ]
  then
       port=389
       orcl_pwd="OrclAdminPassword"
       base_dn="dc=MyCompany,dc=com"
  fi
  echo "Please provide the group you want to export (*=all groups, group1*, group2*,...)"
  read group
  #echo "Please provide the LDAP port: "
  #read port
  #echo "Please provide the orcladmin password: "
  #read orcl_pwd
  # You can find the portal ID through OID Admin console. Go to
  # cn=groups,dc=oracle,dc=com you will find the ID there.
  echo "Please provide the old Portal ID: "
  read old_portal_id
  echo "Please provide the new Portal ID: "
  read new_portal_id
  ORACLE_HOME=/oracle/10.2/infra10
  export ORACLE_HOME
  cd $ORACLE_HOME/bin
  echo ORACLE_HOME = $ORACLE_HOME
  PATH=$ORACLE_HOME/bin:$PATH
  export PATH
  #NLS_LANG=american_america.UTF8
  #export NLS_LANG
  unset NLS_LANG
  #exporting users
  echo ----- exporting users "cn=users,dc=MyCompany,dc=com" -------
  ./ldapsearch -h $source_hostname -p $port -D "cn=orcladmin" -w $orcl_pwd -L -s one -b "cn=users,"$base_dn "(objectclass=orcluserv2)" "*" > /oracle/10.2/oid_mig/users.ldif
  #exporting groups
  echo ----- exporting groups "cn=groups,dc=MyCompany,dc=com" -------
  ./ldapsearch -h $source_hostname -p $port -D "cn=orcladmin" -w $orcl_pwd -L -s one -b "cn=groups,"$base_dn "(objectclass=*)" "*" > /oracle/10.2/oid_mig/groups.ldif
  #exporting groups portal
  echo ----- exporting portal groups "cn=portal."$old_portal_id",cn=groups,dc=MyCompany,dc=com" -------
  ./ldapsearch -h $source_hostname -p $port -X -D "cn=orcladmin" -w $orcl_pwd -s sub -b "cn=portal."$old_portal_id",cn=groups,"$base_dn "cn="$group > /oracle/10.2/oid_mig/groups_portal.xml
  #removing authpassword fields from users
  echo ----- removing authpassword fields from users -----
  cat /oracle/10.2/oid_mig/users.ldif | grep -v authpassword > /oracle/10.2/oid_mig/auth_removed_users.ldif
  # changing the PORTAL ID from $old_portal_id TO $new_portal_id
  echo ----- changing the portal ID -----
  cat /oracle/10.2/oid_mig/groups_portal.xml | sed -e "s/$old_portal_id/$new_portal_id/" > /oracle/10.2/oid_mig/groups_mod.xml
  echo "***************************************** END *********************************************"
  echo Users have been exported to /oracle/10.2/oid_mig/users.ldif
  echo Groups have been exported to /oracle/10.2/oid_mig/groups.ldif
  echo Portal Groups have been exported to /oracle/10.2/oid_mig/groups_portal.ldif
  echo Users have authPassword removed in /oracle/10.2/oid_mig/auth_removed_users.ldif
  echo Portal groups have their ID changed by this script and new groups are in /oracle/10.2/oid_mig/groups_mod.ldif
  echo "***************************************** END *********************************************"

• Fetch all portal "user ids" belonging to perticular portal "group"

  Hi
  Is it possible to fetch all portal "user ids" belonging to perticular portal "group" ?
  Please Guide me to achive it !!
  Thanks & regards
  PK

  Perhaps this question would be better suited to the Portal Forum as it doesn't seem directly related to Web Dynpro ABAP. The WD Specific portal APIs only deal with navigation and eventing.  You would have to ask someone from Portal to see if they have a Web Service that exposes such information.

• How can I disable portal logon by portal group

  Hi,
  I know it is possible to disable logon to the portal by individual users. However I would like to disable the logon for an entire portal group. This would allow members of other portal groups to continue using the portal.
  Simply removing the role from the group/user(s) is not an option.
  Has anyone successfully done something like that?
  Lets see if we can award some points

  Hi Darren,
  thanks for the quick reply. I guess I should qualify my requirement a bit more on what I want to achieve.
  There are a number of applications in use and accessible through the portal, amongst them also ESS / MSS. We have assigned the portal roles to the portal groups. The users are assigned to the groups in the Corporate LDAP which is used by the portal to authenticate the users. I can't remove the users from the group(s) because the user/group assignment is done in the Corporate LDAP through an IDM system which prevents me from making changes to the user/group assignments through the portal.
  So as an example this is what we want to achieve:
  1. Disable the logon for users that are in the ESS group and let them know something like "ESS is currently in maintenance - come back later". Meanwhile, users belonging to the MSS group can still continue to log on.
  2. After the maintenance was done, the logon for the ESS group is enabled again and the users that are in the ESS group can log on again.
  I am not quite familiar with JAAS, but how would it help me with this example? I don't want to remove the user(s) from the group but simply prevent a specific group of users to  logon for a chosen period of time or as an alternative disable on the fly the ability to perform certain actions (role based) within the portal short of re-assigning roles to groups?
  Thanks muchly.

• Reconfigure default portal group

  By default portal group name is constructed with cn=portal.$timestamp. I'm trying to re-configure it so it will simply use cn=portal,cn=xxx....
  Anyone has the procedures on how to do it ?
  I have updated OID/SSO tab in portal, created a new entry in orclapplicationcommonname=,cn=Portal,cn=Products,cn=OracleContext and a new entry in portal group container (cn=Groups, dc=...). However it still appears that OID is looking up the default group.

  Hernando,
  We are actually doing an parallel build and would like to migrate the OID entries from 9026 to 1012 repository. In previous version we only have dn=portal and we would like to keep it the same.
  It is not an important task but just wondering if anyone has done it.

• Bea Portal Group and Group selection / um:getPorperty

  Hi,
  I would like to know if it is possible to set the default group
  in which <um:getProperty> looks into when the user does not have
  the requested property set into his profile.
  I noticed that by default it looks into the current group portal.
  However I would like to make it look into a specific sub group
  of the group portal.
  In the same way there are checks to dertermine if a user belongs to
  several portal groups, I would like to extend these checks and include
  sub groups in the tests and selection.
  I saw that the webflow uses GroupFormProcessor and GroupProcessor but
  couldn't find the source code to see what needs to be initialized for
  <um:getProperty> to work correclty.
  I saw the successor attribute in <um:getProfile>, but I would like to
  know if there's a way to avoid specifying it each time... by setting a
  value in the session for instance ?
  Thanks for your help,
  Best Regards,
  Thierry

  Hello Thierry,
  You probably want to set the explicit successor in the session. A
  successor is a group from which a user inherits properties. An explicit
  successor is one that is specified in the getProperty() call underlying the
  <um:getProperty> tag. Just for your information, this is as opposed to an
  implicit successor, which is persisted for the user and is associated with a
  property set. You can use the methods of ProfileWrapper to persist an
  implicit successor for a user for a specific property set.
  The portal framework sets the ProfileWrapper in the session using the
  com.bea.p13n.usermgmt.SessionHelper.putProfileInSession() method. It sets
  the explict successor for this profile to be equal to the group that was
  selected by the user to apply for this portal session when they logged on
  (if they are only a member of 1 group, then they were not prompted for which
  group...the group was simpley set as the explicit successor). The call to
  SessionHelper.putProfileInSession() is done in the PostLoginProcessor in the
  portal security webflow (see the webflow in your EBCC).
  You can override this by using SessionHelper.putProfileInSession()
  yourself or by putting <um:getProfile> into your portal.jsp page.
  <um:getProfile> does the same thing (uses
  SessionHelper.putProfileInSession() to put the ProfileWrapper into the
  session).
  If I were you, I'd put <um:getProfile> with session scope at the top of
  portal.jsp and use the group that you are interested in as the explicit
  successor.
  See the <um:getProfile> docs at
  http://edocs.bea.com/wlp/docs70/jsp/p13njsp.htm#1001358
  "Thierry Bensoussan" <[email protected]> wrote in message
  news:[email protected]...
  Hi,
  I would like to know if it is possible to set the default group
  in which <um:getProperty> looks into when the user does not have
  the requested property set into his profile.
  I noticed that by default it looks into the current group portal.
  However I would like to make it look into a specific sub group
  of the group portal.
  In the same way there are checks to dertermine if a user belongs to
  several portal groups, I would like to extend these checks and include
  sub groups in the tests and selection.
  I saw that the webflow uses GroupFormProcessor and GroupProcessor but
  couldn't find the source code to see what needs to be initialized for
  <um:getProperty> to work correclty.
  I saw the successor attribute in <um:getProfile>, but I would like to
  know if there's a way to avoid specifying it each time... by setting a
  value in the session for instance ?
  Thanks for your help,
  Best Regards,
  Thierry

• Assigning Portal Group to CAF Process

  Hello Experts,
  I want to assign portal group to caf process.
  I am starting the process programmatically (Using Java Web Dynpro).
  And also I dont want to assign user by user of the group to the process.
  let me know if it is possible, and If Yes ( ) How ??
  Regards,
  Yogesh...

  Hi Yogesh,
  Yes, you can assign portal group to your process action.
  If you test your process from GP directly, Wile assigning users to the actions. you will see an option to assign a group and a role too(by selecting that dropdown).
  So if you directly pass the group name in your code while calling GP. It will assign all the users in that group for that selected action.
  Hope this resolves your query.
  Thanks,
  Tejaswini