Access control in workflow

Do we need to change any access control information in the workflow builder while making a copy of the existing seeded oracle workflow?
Thanks
KK

Possibly :)
To copy a process from one item type to another, then your access level only needs to match that of the target item type. If you are copying within the same item type, then you may need to change your access level so that you can paste the new version into the item type.
Either way, once you have copied the process, then you will probably need to change your access level so that you can modify the process.
HTH,
Matt
Edited by: rukbat on Jul 4, 2011 1:26 PM

Similar Messages

Access control in workflow tasks

I want to filter which users should have access to a certain workflow task. If looking in the help file there should be some way to filter the users which should be granted access. But this functionality seems to be switched off. Can anybody tell me why and if there is another way to filter the users?
In the "behalf of" section the filter option is still available...
Kind regards
Jörn Kaplan

Hi Jörn,
please check your Identity Store configuration on the tab "Workflow" if "use simplified access control" is disabled (By default this is enabled)
Once this is disabled you should get in the access control settings of your workflow task also the option "Allow access for: " - "Filter"
Best regards,
Oliver

Access Control functionality in Oracle workflow

Hi everyone,
I am doing research into access control models and workflow systems (separation of duty policies in particular). As far as I could tell, Oracle Workflow does not provide much in terms of securing access to data in a workflow process (except from the normal login authentication of course).
One usually assigns a task's performer to a CONSTANT role from your database roles so that only certain users will have access to that task. This is not always enough though, especially when the role-hierarchy is not properly contructed and maintained. So, I've been working on a few scripts to dynamically prevent users from receiving tasks on their worklists based on their previous participation in the process (e.g. to prevent a manager from approving his own leave application).
I was just wondering if anyone else have been working on access control in Oracle Workflow. Is there any built-in functionality that I missed that controls task-user assignment?
Thanks,
Carmen

Thank you very much Sirish for your help.
We are facing huge performance issues while Risk Analysis with Oracle Application servers through Greenlight Adaptor - its taking around 10 hours for 3000 users. Can you please point out what can be the possibilities and how can we trace out exact root cause and then solve it.
This is happening on GRC AC 5.2 SP10 and GRC logs doesn't say much , it just gives output taken 12 secs for one user Risk Analysis.
Here is our understanding on how GRC does Risk Analysis and our observations on our systems -->
1. GRC asks for 1 user details at a time from Oracle Application Server - please confirm does GRC do Risk Analysis for one user at a time or a bunch of users?
2. Oralce App server get details of that user and sends back results to GRC.
3. Now there is a wait time for around 3 secs before Oracle Server gets request for the second user. 3 sec for one user means 2.5 hours of wait time for 3000 users. We are not able to understand why Oracle Server needs to wait for next user request from GRC?
Would highly appreciate if you can share your experience on GRC Risk Analysis with Oracle (Greenlight Adaptor) and with SAP systems.
Best Regards
Davinderpal Singh

Nintex Workflow and Access Control

Hello, can anybody help with getting owner permissions on Nintex workflows in Sharepoint 2010 with Powershell.
I also want to ask your opinion about Access control in Sharepoint 2010. Should all Access Control like AD, Sharepoint, Titus be in the hands of Administrator or some of it like Titus be in the hand of the Developers.
Best Regards Olafur_s
Icelandic DBA admin

Hello
Hemendra,<o:p></o:p>
Thank you
for your answer. I have developers that create sites and lists and they are all Site Collection admin. The problem is that they can go everywhere they want and look into all kinds of sensitive information and do all that they want to do. So basically they
are running the system. <o:p></o:p>
I am new to
Sharepoint as an admin but I have experience in other system like AD, Exchange, SQL. The evolution of this Sharepoint system here brought it to the point that the developers have too much admin rights and the system is not working well. I am trying to
find the fine line between the Administration part, my work, and the developers part and not steeping on the developers toe's.
Best regards Olafur_s<o:p></o:p>
Icelandic DBA admin

Is Compliance Calibrator the same as GRC Access Control?

I have been asked to look at Compliance Calibrator and am getting confused about what functionality is offered. I have done the basic e-learning course for Compliance Calibrator (GRC200): this was all about separation of duties etc. Fair enough. But I also have a Document called "SAP GRC Access Control" which talks about the same S.O.D compliance functionality but also talks of "roles triggering workflows", "users creating roles", "automated approvals for roles" eg:
"SAP GRC Access Control streamlines access requests by filling each request automatically with user identity information from a lightweight directory access protocol (LDAP) directory or HR database, thereby eliminating the need for user intervention. Approvers receive an e-mail with a direct hyperlink to the request inside the application, where they can easily view and approve the request. The application then checks for security violations before updating accounts automatically."
None of this was covered on the Compliance Calibrator course, so what product offers this? I can see another product by Virsa called Access Enforcer but have no info on this... can anyone enlighten me?

SAP GRC Access Control is the SAP application that comprises the former Virsa products Compliance Calibrator, Access Enforcer, Risk Terminator, Firefighter and Role Expert.

Change in Access Control components on the Service Marketplace

Hello GRC community:
We would like to inform you that as of yesterday (5/30) the Access Control components for support messages/SAP Notes have been changed (they have actually been replaced so all messages/notes logged under the old component will be moved/replaced to the new).
The main 4 components are now:
New: GRC-SAC-ARA     Access Risk Management
Old: GRC-SAC-SCC          Risk Analysis & Remediation (formerly Compliance Calibrator)
New: GRC-SAC-ARQ     Access Request
Old: GRC-SAC-SAE          Compliant User Provisoning (formerly Virsa Access Enforcer)
New: GRC-SAC-EAM     Emergency Access Management
Old: GRC-SAC-SFF          Superuser Privilege Management (formerly Virsa Firefighter)
New: GRC-SAC-BRM     Business Role Management
Old: GRC-SAC-SRE          Enterprise Role Management (formerly Virsa Role Expert)
There are also NEW components specific to areas of functionality. If you are not sure of what component to log your message under, please use the main components above.
GRC-SAC-ADS          Directory Services
GRC-SAC-BI             Access Control BW
GRC-SAC-CONF       Configuration
GRC-SAC-DAS          Dashboard
GRC-SAC-REP          Repository
GRC-SAC-RPT          Reporting
GRC-SAC-UAR          User Access Review
GRC-SAC-UPG          Installation & Upgrade
GRC-SAC-WF           Workflow
Ramelyn Paredes
AGS Primary Support

Hello COmmunity,
To Summarise in Short: New features introduced to V10.0 : GRC 10.0 is ABAP based, so extraction of data from users is fast & analysis as well.
As usual, the names for the Access control tool has been changed
A. Access Risk Analysis (RAR)
1. USOBT & object information will be automatically updated with GRC rather than manual upload (earlier version)
2. Mass Users can be imported from .CSV file for risk analysis, Role analysis etc.,
3. Variant creation / reuse for any report analysis
4. Option of having multiple rule sets & simulating users across multiple rule sets at same time
5. Risk analysis for CUA, Composite roles
6. Mitigation by system, risk id, mass mitigation for users, audit trail etc.,
7. Risk analysis for HR objects
B. Emergency Access Management (SPM)
1. Mass reporting for all FF users, Ids, Executions
2. Centrally maintained for all systems rather than individual ERPs.
C. User Access Management (CUP)
1. Customizable Access request forms
2. HR based role assignment for position, org unit
3. IDM integration using GRC Web services
D. Business Role Management (ERM)
1. Concept of Business role mapping for Technical roles.
2. Audit Trails & PFCG Change history.
Finally, the look, reporting format has been changed to provide additional information for analysis.
More important - GRC V5.3 support is till 2015 & SAP has planned to push the customers to upgrade to 10.0. Eventually SAP is also planning to release GRC 11.0 by mid next year. So we have to wait & watch the show

User management and Access Control in HCM Cloud

Hello,
Information is scarce about User management and Access Control in Oracle Cloud generally. Today, I have two questions :
- How can I bridge HCM Cloud user store with my on-premise IDM or security repository in order to allow identty governance to flow to HCM Cloud service ?
The only information I got was that you can declare manually and by bulk import through files my users. This is not really interresting as I have an automatic IDM with workflows and identity control on provisioning and de-provisioning.
Is there a SPML or proprietary endpoint to do it automatically ? What are the prerequisites ? Do I have to implement OIM on my side ?
- Once my users are created, how can I do webSSO from my internal security repositories to the HCM Cloud service ?
I do not want to distribute new set of login / passwords to my users. Is it possible to do Identity Federation (SAML 2.0 or WS-Fed) with HCM Cloud service ? What are the prerequisites ? Do I have to implement OAM on my side ?
I accept all pieces of information you can give me on this topic to help me understand the funcitonalites, limits and options offered by Oracle Cloud and more precisely by HCM Cloud service.
Best regards,

OIDDAS has limited capability of access control and information hiding. Presently, the permissions and privileges can be set at a realm level, and fine grained access control / information hiding cannot be done.
At present, the only way to restrict view and access control is by appplying ACLs (which is not the safest bet).

Form Manager Access Control

Hi,
I can logon to Adobe FM AdminUI in my company. I tried to control access a workflow with fmAccessPage. I set a person to allow a workflow, but from her screen the workflow category is not shown. Instead, I set all users to allow the workflow category, the category is not shown.
How long does it take to reflect the access control to user screen?
Regards,
Akira

Hi Akira ,
Which version do you use ? I think there is an error on the category access for Livecycle 7.0 , and it is good for Livecycle 7.2

Difference between SAP Access Control and IDM

Hi Expert,
I have one question What is the difference between SAP Access Control and SAP Identity Management ?

Ali,
That's a good question, but a tough one.
While both applications can do most of what the other can do, it's a matter of specialization in my opinion.
Access Control is all about managing and controlling access to SAP system roles and has the ability to report on role conflicts for compliance and reporting purposes. (I'm sure I'm leaving a lot out, but maybe a GRC / AC expert can fill in more details)
SAP IDM is about managing the user life cycle with regards to landscape and enterprise systems. It will handle the creation, update and ultimately the removal (or de-provisioning) of users in SAP ABAP, SAP JAVA, LDAP, JDBC, and API based applications. It will also do Role Management through a web based UI (User management is web based as well). and as of the latest Service pack for SAP IDM 7.2, it will do attestation (limited certification) as well. It is a definite upgrade to CUA as it will work with a greater variety of systems, include workflows and approvals.
GRC will do some provisioning, but it's somewhat limited, as is IDM's compliance abilities.
The applications are designed to work together, however it does not have a great track record and the integration is typically heavily modified to work as desired.
If you have specific questions, feel free to post / DM. Obviously I am more knowledgeable about IDM, but I'll be happy to help you in any way possible.
Regards,
Matt

Error GRC Access Control 10.0

We have a problem when execute the next steps in GRC Access Control 10.0
SPRO-->Governance, Risk and Compliance>Access Control--> Access Risk Analysis--> Batch RisK Analysis
We applied the next note, but problem is the same.
1563583 - SYSTEM_NO_TASK_STORAGE dump on AIX
Category
ABAP Programming Error
Runtime Errors
ASSERTION_FAILED
ABAP Program
CL_GRRM_DASHBOARD_MENU_AUTH===CP
Application Component GRC-RM
Date and Time
13.03.2013 11:50:04
|Short text
|
|
The ASSERT condition was violated.
|
|What happened?
|
|
In the running application program, the ASSERT statement recognized a
|
|
situation that should not have occurred.
|
|
The runtime error was triggered for one of these reasons:
|
|
- For the checkpoint group specified with the ASSERT statement, the
|
|
activation mode is set to "abort".
|
|
- Via a system variant, the activation mode is globally set to "abort"
|
|
for checkpoint groups in this system.
|
|
- The activation mode is set to "abort" on program level.
|
|
- The ASSERT statement is not assigned to any checkpoint group.
|
|What can you do?
|
|
Note down which actions and inputs caused the error.
|
|
|
|
|
|
To process the problem further, contact you SAP system
|
|
administrator.
|
|
|
|
Using Transaction ST22 for ABAP Dump Analysis, you can look
|
|
at and manage termination messages, and you can also
|
|
keep them for a long time.
|
|Error analysis
|
|
The following checkpoint group was used: "No checkpoint group specified"
|
|
|
|
If in the ASSERT statement the addition FIELDS was used, you can find
|
|
the content of the first 8 specified fields in the following overview:
|
|
" (not used) "
|
|
" (not used) "
|
|
" (not used) "
|
|
" (not used) "
|
|
" (not used) "
|
|
" (not used) "
|
|
" (not used) "
|
|
" (not used) "
|
|How to correct the error
|
|
Probably the only way to eliminate the error is to correct the program.
|
|
|
|
|
|
If the error occures in a non-modified SAP program, you may be able to
|
|
find an interim solution in an SAP Note.
|
|
If you have access to SAP Notes, carry out a search with the following
|
|
keywords:
|
|
|
|
"ASSERTION_FAILED" " "
|
|
"CL_GRRM_DASHBOARD_MENU_AUTH===CP" or "CL_GRRM_DASHBOARD_MENU_AUTH===CM001"
|
|
"IF_GRFN_MENU_ITEM_AUTH~IS_AUTHORIZED"
|
|
|
|
If you cannot solve the problem yourself and want to send an error
|
|
notification to SAP, include the following information:
|
|
|
|
1. The description of the current problem (short dump)
|
|
|
|
To save the description, choose "System->List->Save->Local File
|
|
(Unconverted)".
|
|
|
|
2. Corresponding system log
|
|
|
|
Display the system log by calling transaction SM21.
|
|
Restrict the time interval to 10 minutes before and five minutes
|
|
after the short dump. Then choose "System->List->Save->Local File
|
|
(Unconverted)".
|
|
|
|
3. If the problem occurs in a problem of your own or a modified SAP
|
|
program: The source code of the program
|
|
In the editor, choose "Utilities->More
|
|
Utilities->Upload/Download->Download".
|
|
|
|
4. Details about the conditions under which the error occurred or which
|
|
actions and input led to the error.
|
|
|
|
|
|System environment
|
|
SAP Release..... 702
|
|
SAP Basis Level. 0012
|
|
|
|
Application server... "KIO13701"
|
|
Network address...... "172.20.1.137"
|
|
Operating system..... "AIX"
|
|
Release.............. "7.1"
|
|
Hardware type........ "00F6C78E4C00"
|
|
Character length.... 16 Bits
|
|
Pointer length....... 64 Bits
|
|
Work process number.. 10
|
|
Shortdump setting.... "full"
|
|
|
|
Database server... "KIO13701"
|
|
Database type..... "DB6"
|
|
Database name..... "DGR"
|
|
Database user ID.. "SAPDGR"
|
|
|
|
Terminal.......... "192.168.0.5"
|
|
|
|
Char.set.... "C"
|
|
|
|
SAP kernel....... 720
|
|
created (date)... "Jul 8 2012 19:43:01"
|
|
create on........ "AIX 2 5 00092901D600"
|
|
Database version. "DB6_81 "
|
|
|
|
Patch level. 300
|
|
Patch text.. " "
|
|
|
|
Database............. "DB6 08.02.*, DB6 09.*, DB6 10.*"
|
|
SAP database version. 720
|
|
Operating system..... "AIX 2 5, AIX 3 5, AIX 1 6, AIX 1 7"
|
|
|
|
Memory consumption
|
|
Roll.... 0
|
|
EM...... 8379584
|
|
Heap.... 0
|
|
Page.... 16384
|
|
MM Used. 6205712
|
|
MM Free. 2170976
|
|User and Transaction
|
|
Client.............. 100
|
|
User................ "LVELASCO"
|
|
Language key........ "E"
|
|
Transaction......... " "
|
|
Transaction ID...... "51400164B1F00C40E1008000AC140189"
|
|
|
|
EPP Whole Context ID.... "5140015EB1F00C40E1008000AC140189"
|
|
EPP Connection ID....... "5140F9B0B19C1150E1008000AC140189"
|
|
EPP Caller Counter...... 1
|
|
|
|
Program............. "CL_GRRM_DASHBOARD_MENU_AUTH===CP"
|
|
Screen.............. "SAPMHTTP 0010"
|
|
Screen Line......... 2
|
|
Debugger Active..... "none"
|
|Server-Side Connection Information
|
|
Information on Caller of "HTTPS" Connection:
|
|
Plug-in Type.......... "HTTPS"
|
|
Caller IP............. "192.168.0.5"
|
|
Caller Port........... 44300
|
|
Universal Resource ID. "/sap/bc/webdynpro/sap/grfn_service_map"
|
|
|
|
Program............. "CL_GRRM_DASHBOARD_MENU_AUTH===CP"
|
|
Screen.............. "SAPMHTTP 0010"
|
|
Screen Line......... 2
|
|
|
|
Information on Caller ofr "HTTPS" Connection:
|
|
Plug-in Type.......... "HTTPS"
|
|
Caller IP............. "192.168.0.5"
|
|
Caller Port........... 44300
|
|
Universal Resource Id. "/sap/bc/webdynpro/sap/grfn_service_map"
|
|Information on where terminated
|
|
Termination occurred in the ABAP program "CL_GRRM_DASHBOARD_MENU_AUTH===CP" -
|
|
in "IF_GRFN_MENU_ITEM_AUTH~IS_AUTHORIZED".
|
|
The main program was "SAPMHTTP ".
|
|
|
|
In the source code you have the termination point in line 59
|
|
of the (Include) program "CL_GRRM_DASHBOARD_MENU_AUTH===CM001".
|
|Source Code Extract (Source code has changed)
|
|Line |SourceCde
|
|   29|
lv_dashboard = lv_value.
|
|   30|
|
|   31|
TRANSLATE lv_dashboard TO UPPER CASE.
|
|   32|
|
|   33|
CASE lv_dashboard.
|
|   34|
WHEN 'HEATMAP'.
|
|   35|
lv_report = 'GRRM_HEATMAP'.
|
|   36|
|
|   37|
WHEN 'LOSS_OVERVIEW' OR 'LOSS_STRUCTURE' OR 'OB_LOSS_OVERVIEW' OR 'OB_LOSS_STRUCTU|
|   38|
lv_report = 'GRRM_LOSS_ANALYSIS'.
|
|   39|
|
|   40|
WHEN 'OVERVIEW'.
|
|   41|
lv_report = 'GRRM_OVERVIEW'.
|
|   42|
|
|   43|
WHEN OTHERS.
|
|   44|
ASSERT 1 = 2.
|
|   45|
|
|   46|
ENDCASE.
|
|   47|
|
|   48|
EXIT.
|
|   49|
|
|   50|
ENDLOOP.
|
|   51|
|
|   52|
WHEN 'GRRM_LOSS_MATRIX' OR 'GRRM_LOSS_MATRIX_NEW'.
|
|   53|
lv_report = 'GRRM_LOSS_ANALYSIS'.
|
|   54|
|
|   55|
WHEN 'GRRM_HEATMAP_REPORT'.
|
|   56|
lv_report = 'GRRM_HEATMAP'.
|
|   57|
|
|   58|
WHEN OTHERS.
|
|>>>>>|
ASSERT 1 = 2.
|
|   60|
|
|   61| ENDCASE.
|
|   62|
|
|   63| TRY.
|
|   64|
lv_regulation_id = cl_grfn_api_regulation=>if_grfn_api_regulation~get_regulation_id( i|
|   65|
|
|   66|
ev_authorized = cl_grfn_util_rep_auth=>has_rep_auth(
|
|   67|
io_session
= io_session
|
|   68|
iv_regulation_id = lv_regulation_id
|
|   69|
iv_report
= lv_report
|
|   70|
iv_activity
= grfn0_c_activity-print
|
|   71|
|
|   72|
|
|   73|
CATCH cx_grfn_exception.
|
|   74|
ev_authorized = abap_false.
|
|   75|
|
|   76| ENDTRY.
|
|   77|
|
|   78|ENDMETHOD.
|
|Contents of system fields
|
|Name
|Val.
|
|SY-SUBRC|4
|
|SY-INDEX|2
|
|SY-TABIX|1
|
|SY-DBCNT|1
|
|SY-FDPOS|0
|
|SY-LSIND|0
|
|SY-PAGNO|0
|
|SY-LINNO|1
|
|SY-COLNO|1
|
|SY-PFKEY|
|
|SY-UCOMM|
|
|SY-TITLE|HTTP Control
|
|SY-MSGTY|
|
|SY-MSGID|
|
|SY-MSGNO|000
|
|SY-MSGV1|
|
|SY-MSGV2|
|
|SY-MSGV3|
|
|SY-MSGV4|
|
|SY-MODNO|0
|
|SY-DATUM|20130313
|
|SY-UZEIT|115004
|
|SY-XPROG|SAPCNVE
|
|SY-XFORM|CONVERSION_EXIT
|
|Active Calls/Events
|
|No.   Ty.
Program
Include
Line   |
|
Name
|
|   34 METHOD
CL_GRRM_DASHBOARD_MENU_AUTH===CP
CL_GRRM_DASHBOARD_MENU_AUTH===CM001
59 |
|
CL_GRRM_DASHBOARD_MENU_AUTH=>IF_GRFN_MENU_ITEM_AUTH~IS_AUTHORIZED
|
|   33 METHOD
CL_GRFN_API_MENU_ITEM_ELA=====CP
CL_GRFN_API_MENU_ITEM_ELA=====CM001   126 |
|
CL_GRFN_API_MENU_ITEM_ELA=>IF_GRFN_MENU_AUTH~ITEM_AUTH
|
|   32 METHOD
CL_GRFN_API_MENU==============CP
CL_GRFN_API_MENU==============CM003
34 |
|
CL_GRFN_API_MENU=>IF_GRFN_MENU_AUTH~ITEM_AUTH
|
|   31 METHOD
CL_GRFN_LAUNCHPAD_UIBB========CP
CL_GRFN_LAUNCHPAD_UIBB========CM006
60 |
|
CL_GRFN_LAUNCHPAD_UIBB=>IF_FPM_GUIBB_LAUNCHPAD~MODIFY
|
|   30 METHOD
CL_FPM_LAUNCHPAD_UIBB_ASSIST==CP
CL_FPM_LAUNCHPAD_UIBB_ASSIST==CM001
76 |
|
CL_FPM_LAUNCHPAD_UIBB_ASSIST=>INIT_FEEDER
|
|   29 METHOD
/1BCWDY/T2POSMRSKMLY9L6LJP5Z==CP
/1BCWDY/B_T2POSBAR6C8HPR0XTR4P
410 |
|
CL_COMPONENTCONTROLLER_CTR=>WDDOINIT
|
|
Web Dynpro Component
FPM_LAUNCHPAD_UIBB
|
|
Controller
COMPONENTCONTROLLER
|
|   28 METHOD
/1BCWDY/T2POSMRSKMLY9L6LJP5Z==CP
/1BCWDY/B_T2POSBAR6C8HPR0XTR4P
181 |
|
CLF_COMPONENTCONTROLLER_CTR=>IF_WDR_COMPONENT_DELEGATE~WD_DO_INIT
|
|
Web Dynpro Component
FPM_LAUNCHPAD_UIBB
|
|
Controller
COMPONENTCONTROLLER
|
|   27 METHOD
CL_WDR_DELEGATING_COMPONENT===CP
CL_WDR_DELEGATING_COMPONENT===CM004
9 |
|
CL_WDR_DELEGATING_COMPONENT=>DO_INIT
|
|   26 METHOD
CL_WDR_CONTROLLER=============CP
CL_WDR_CONTROLLER=============CM00V
3 |
|
CL_WDR_CONTROLLER=>INIT_CONTROLLER
|
|   25 METHOD
CL_WDR_COMPONENT==============CP
CL_WDR_COMPONENT==============CM019
24 |
|
CL_WDR_COMPONENT=>INIT_CONTROLLER
|
|   24 METHOD
CL_WDR_CONTROLLER=============CP
CL_WDR_CONTROLLER=============CM002
7 |
|
CL_WDR_CONTROLLER=>INIT
|
|   23 METHOD
CL_WDR_CLIENT_COMPONENT=======CP
CL_WDR_CLIENT_COMPONENT=======CM00E
24 |
|
CL_WDR_CLIENT_COMPONENT=>INIT
|
|   22 METHOD
CL_WDR_CLIENT_COMPONENT=======CP
CL_WDR_CLIENT_COMPONENT=======CM00A
42 |
|
CL_WDR_CLIENT_COMPONENT=>IF_WDR_COMPONENT_FACTORY~CREATE_COMPONENT
|
|   21 METHOD
CL_WDR_COMPONENT_USAGE========CP
CL_WDR_COMPONENT_USAGE========CM009
67 |
|
CL_WDR_COMPONENT_USAGE=>IF_WD_COMPONENT_USAGE~CREATE_COMPONENT
|
|   20 METHOD
CL_FPM_COMPONENT_MANAGER======CP
CL_FPM_COMPONENT_MANAGER======CM003
81 |
|
CL_FPM_COMPONENT_MANAGER=>ADD_COMPONENT
|
|   19 METHOD
CL_FPM_COMPONENT_MANAGER======CP
CL_FPM_COMPONENT_MANAGER======CM004
19 |
|
CL_FPM_COMPONENT_MANAGER=>ATTACH_COMPONENT_TO_USAGE
|
|   18 METHOD
CL_FPM========================CP
CL_FPM========================CM005
89 |
|
CL_FPM=>PROCESS_EVENT
|
|   17 METHOD
CL_FPM========================CP
CL_FPM========================CM00C
34 |
|
CL_FPM=>RUN_EVENT_LOOP
|
|   16 METHOD
CL_FPM========================CP
CL_FPM========================CM002
5 |
|
CL_FPM=>IF_FPM~RAISE_EVENT
|
|   15 METHOD
CL_FPM========================CP
CL_FPM========================CM003
11 |
|

Hi Alberto,
The below Notes should resolve!
1428775
1744179
Hope this helps,
Luciana

How to allow multiple domains under Access-Control-Allow-Origin

Hi,
We have a domain where will get CORS request from another domain hosted on seperate DC. We can't set
Access-Control-Allow-Origin as * due to security concerns & IIS can't take more than 1 value at a time. Kindly suggest how to pass multiple httpheader for
Access-Control-Allow-Origin.
Regards,
Dhiraj

Hello Dhiraj,
This is not the suitable forum for your question, you may post in
IIS forums for more help.
Thanks for your understanding.
We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
Click
HERE to participate the survey.

WRT 120 Internet Access Control Problem for itouch

I've just set up my router. Cannot seem to control access to the internet for my son's itouch. The router recognizes it on the map as a wireless device part of the network, but it will not show up in the menu that allows for internet access control. My lap top shows up, but no itouch. I'm running Windows XP home premium edition - not sure if this makes a difference.

Open the linksys setup page...Under the Wireless tab,Change the Channel Width to 20MHz only,Channel to 11 and click on save settings...Under the Advanced Wireless Settings,Change the Beacon Interval to 75,Change the Fragmentation Threshold to 2304,Change the RTS Threshold to 2304 and Click on Save Settings...
On the I-Touch..Go to Settings>>>General>>>Reset>>>Now select Reset Network Settings.This will now reboot and restore you network connections.

Time Capsule Access Control and Extended Network Question

I have a Time Capsule where I have set up a wireless network access list…and extended the network using an Airport Express unit. The Airport Express unit also has settings for an Access Control list. Do these need to be the same as the those for the network from TC that it is extending…or does that happen automatically…and if not what on earth are they for?
Thanks for any help…this doesn't seem clear from what I've read/seen.
James

I have a Time Capsule where I have set up a wireless network access list…and extended the network using an Airport Express unit. The Airport Express unit also has settings for an Access Control list. Do these need to be the same as the those for the network from TC that it is extending…or does that happen automatically…and if not what on earth are they for?
Unfortunately, they are not automatically applied to each base station in an extended network. You would have to manually enter the exact same list in each base station.

How do I set up timed access control for a time past midnight

I would like to set up timed access control for a number of my devices that would stretch past midnight... An open network from 6AM to 2AM - effectively only blocking access from 2AM tp 6AM in the morning....
Any notion on how to do this? the timed factily does not like the setting to enable 6A to 2A, says the times are invalid.
Setting up timed access from 6AM to 11:59P, then doing another from 12A to 2A causes a service "hiccup" of 1 Minute.

Set up each device as follows:
Everyday........Between.......6:00 AM and 11:59 PM
Add a second rule for each device that will state....
Everyday.....Between.......12:00 AM and 2:00 AM
You might think that there would be a one minute break between 11:59 PM and 12:00 AM, but that will not be the case, at least on every AirPort that I have ever programmed.. Reason.....11:59 is really 11:59:59:59 turning off at 12:00 AM. But, you have a second rule to allow access at 12:00 AM, so the AirPort will be "on" at the same time the first rule ends, so there will be no break.
If you really want the second rule to turn the AirPort "off" at 2:00 AM.......then set that time for 1:59 AM. If you set the rule for 2:00 AM, then AirPort will really turn off at 2:01 AM.

To run OHS at port 80 using solaris role based access control

Hi.
I already know & have done setuid root to ohs/bin/.apachectl to allow ohs to listen to port 80. Now on a new OFM 11.1.1.4 install, I want to use Solaris Role Based Access Control (RBAC) instead. Is it possible? RBAC does work as I can run a home built apache2 httpd at port 80 withOUT suid root.
On Solaris 10, I enabled oracle uid to run process below port 1024 using RBAC
/etc/user_attr:
oracle::::type=normal;defaultpriv=basic,net_privaddr
Change OHS httpd.conf Listen from port 8888 to port 80.
However, opmnctl startproc process-type=OHS
failed as below with nothing showing in the diag logs:
opmnctl startproc: starting opmn managed processes...
================================================================================
opmn id=truffle:6701
0 of 1 processes started.
ias-instance id=asinst_1
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
ias-component/process-type/process-set:
ohs1/OHS/OHS/
Error
--> Process (index=1,uid=187636255,pid=25563)
failed to start a managed process after the maximum retry limit
Thx,
Ken

Just to add my two cents here.
The commando used on Solaris to assign the right privilege to bind TCP ports < 1024 is:
# usermod -K defaultpriv=basic,*net_privaddr* <your_user_name>
Restart the opmnctl daemond.
After that OHS/Apache user can bind to lower TCP ports.
Regards.
Edited by: Tuelho on Oct 9, 2012 6:05 AM

Access control in workflow

Similar Messages

Maybe you are looking for