Access Rights Portal

Is there anyway to get the access rights information of all pages in Portal and also a way to modify (add or remove) access to all pages (and not to go through each page).
Thanks in advance
Remy

For doing that programatically, take a look at following link: http://portalstudio.oracle.com/pls/ops/docs/FOLDER/COMMUNITY/PDK/PLSQL/DOC/PLDOC_9026/wwsec_api.html
To list few as under:
- Function privilege_list returns an array containing all of the privileges currently granted on a specified object
- Function grantee_list return a list of users who have been granted privileges on a specific object, given an object type and an object name.
Try modifying the access to all pages using Global privs. Example below shows how to programmatically grant group MYGROUP with the global privilege to create page groups.
wwsec_api.set_group_acl(
p_group_id => wwsec_api.group_id('MYGROUP'),
p_object_type_name => wwsec_api.ANYSITE_OBJ,
p_name => wwsec_api.ALL_OBJECTS,
p_privilege => wwsec_api.CREATE_PRIV
And similarily, 'remove_group_acl' for removing the privileges.
Hope above helps....

Similar Messages

  • Access to portal

    Hi all,
    We have a portal 9.0.2. When users logs in from within intranet they have some access rights. But if they login
    from internet I could like to restrict their access, for some users. How to do this?
    The Portal can be accessed thru'
    the Internet too.
    We would like to restrict the access from the
    Internet (outside the firewall) to only certain users.
    How do I do that? Do I have to put some kind of
    restrictions at the SSO or WebCache or at Firewall ?
    with thanks

    One (non-SAP) was of doing this would be to use a https accelerator in front of the portal to do https into your company network and then http to the portal.
    Or - https runs on a different port, so they could connect to this.  However, this would be very messy (technical term ) as it is recommended that if you use http, you should use it everywhere throughout the environment (i.e. when accessing ITS/ BSP/BW reports) or vice versa, if using https you should use it everywhere.
    Hope that helps.
    Paul

  • URL access rights of a partner application for different user groups

    I have deployed an application in OC4j_Portal, enabled the SSO feature by doing the required entry in mod_osso file.
    Now I want a certain group of users to be able to access the URL of my application and not the others.
    Right now every valid user of the OID can access it.
    How should i restrict the access?

    If this is a Portal application you could define the access in Portal. Otherwise you might need to change your code and check if the logged in user is a member of the group you want to grant the access.
    Otherwise a custom LoginManager might solve your problem (JAAS). Check out http://www.oracle.com/technology/products/jdev/howtos/10g/jaassec/index.htm
    cu
    Andreas

  • ACCESS with PORTAL

    Hi All,
    Can we integrate an ACCESS application with Oracle Portal? If so, can any one guide me through the process?
    Thanks
    Raj

    From web.xml ..
    <servlet-mapping>
    <servlet-name>AppManagerServlet</servlet-name>
    <url-pattern>/appmanager/*</url-pattern>
    </servlet-mapping>
    Cheers
    Dennis
    Karthi wrote:
    Sorry Chris,
    I don't get you.
    What do you mean "any thing" also ?
    How do we manage the appmanager URL mapping in web.xml ?
    Please explain in bit detail
    Thanks,
    Karthi.
    "Chris Jolley" <[email protected]> wrote in message
    news:4086f3f3$[email protected]..
    you can use either one in production. .portal files are not just fordevelopment
    the only difference is your end users or admins cant customize them
    as far as the long urls, are you worries aboutwebappname/appmanager/portalpath/desktopath
    being too long?
    Some things that might help
    -you can make your webapp name anything you like
    -appmanager can be anything also just change your web.xml
    -portal path can be anything also,
    -desktop path you can get rid of by specifying a URI for the portal thatjust
    forwards you to
    a default desktop.
    "Karthi" <[email protected]> wrote:
    Hi all,
    As of docs, I came to know that the portal can be access by .portal file
    during the development.
    And using appmanager in producation . Is my understanding right?
    If so, what is the recommended way to manage the long urls?
    I mean to ask how efficiently we can use the PathTrim directive of apache
    to
    achive this.
    Or is there a better way.
    Thanks,
    Karthi

  • No FIM administrator...cannot access the portal

    Somehow my user object who has FIM admin rights got removed. How do I resolve this?
    TSTADMIN/adminfim is my user who is site collection administrator. This user was a part of SET Administrator.
    Permission MPR 'Admin can do anything' used this set as requet resource to allow all access on FIM portal.
    This user object is somehow removed and I do not have a single user who has FIM portal admin access. (I know the user is removed as I could search portal for users with another user who has limited access)
    If I try to access FIM portal using this user..I get below error
    [ServiceFaultException: The endpoint could not dispatch the request.] Microsoft.ResourceManagement.WebServices.EnumerationClient.Enumerate(Message request) +226 Microsoft.ResourceManagement.WebServices.EnumerationClient.Enumerate(Enumerate
    enumerate, EnumerateHelper helper) +242 Microsoft.ResourceManagement.WebServices.Client.ResourceTemplate.EnumerateResources(SearchParameters parameters) +782 [UnwillingToPerformException: The endpoint could not dispatch the request.] Microsoft.ResourceManagement.WebServices.Client.ResourceTemplate.EnumerateResources(SearchParameters
    parameters) +1457 Microsoft.IdentityManagement.WebUI.Controls.ConfigurationModelBase.RetrieveResources(String type, String filter, List`1 attributes) +499 Microsoft.IdentityManagement.WebUI.Controls.UserConfigurationModel.RetrieveUserConfiguration()
    +536 Microsoft.IdentityManagement.WebUI.Controls.NavigationBarConfigurationModel.get_NavigationBars() +148 Microsoft.IdentityManagement.WebUI.Controls.NavigationBarProvider.BuildSiteMap() +242 Microsoft.IdentityManagement.WebUI.Controls.NavigationBarProvider.get_RootNode()
    +13 System.Web.UI.WebControls.SiteMapDataSource.GetNodes() +231 System.Web.UI.WebControls.SiteMapDataSource.GetTreeView(String viewPath) +35 System.Web.UI.WebControls.HierarchicalDataBoundControl.GetData(String viewPath) +43 System.Web.UI.WebControls.Menu.DataBindItem(MenuItem
    item) +53 System.Web.UI.WebControls.Menu.PerformDataBinding() +49 System.Web.UI.WebControls.HierarchicalDataBoundControl.PerformSelect() +114 System.Web.UI.WebControls.BaseDataBoundControl.EnsureDataBound() +82 System.Web.UI.WebControls.Menu.EnsureDataBound()
    +38 System.Web.UI.WebControls.Menu.OnPreRender(EventArgs e, Boolean registerScript) +64 Microsoft.SharePoint.WebControls.AspMenu.OnPreRender(EventArgs e) +166 System.Web.UI.Control.PreRenderRecursiveInternal() +108 System.Web.UI.Control.PreRenderRecursiveInternal()
    +224 System.Web.UI.Control.PreRenderRecursiveInternal() +224 System.Web.UI.Control.PreRenderRecursiveInternal() +224 System.Web.UI.Control.PreRenderRecursiveInternal() +224 System.Web.UI.Control.PreRenderRecursiveInternal() +224 System.Web.UI.Control.PreRenderRecursiveInternal()
    +224 System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +3394
    Event viewer gives me this error:
    Requestor: Internal Service
    Microsoft.ResourceManagement.Service: Microsoft.ResourceManagement.WebServices.Exceptions.UnwillingToPerformException: Exception of type 'Microsoft.ResourceManagement.WebServices.Exceptions.UnwillingToPerformException' was thrown.
       at Microsoft.ResourceManagement.WebServices.ResourceManagementService.GetCurrentUserFromSecurityIdentifier()
       at Microsoft.ResourceManagement.WebServices.ResourceManagementService.GetCurrentUser()
       at Microsoft.ResourceManagement.WebServices.ResourceManagementService.Create(Message request)
    Please assist.

    Is the User object for the account deleted or is it just missing attributes? (Like objectsid)
    If you've deleted the object completely, then there's no easy way to get it back - you've effectively locked yourself out of the portal. 
    https://social.technet.microsoft.com/Forums/en-US/e7d149f2-1fa4-4b2a-8177-67c026978b89/builtin-administrator-account-deleted?forum=ilm2
    If you just need the object guid, try this post
    https://social.technet.microsoft.com/Forums/en-US/6ab2fbeb-2877-424c-989c-6ddaac1b0df6/how-to-recover-objectsid-fim-admin-and-builton-synchronization-user?forum=ilm2
    Sorry for the bad news

  • Using Multiple Domain Names to Access Our Portal

    We operate one domain corp.company.com but all internal intranet web servers get  assigned the address inside.ZZZ. The inside.ZZZ is on our IE exclusion list but company.com is not. Adding company.com seems to be a miserable task so we are looking at adding an alias so our users can access the server at the new inside.ZZZ url. We have DNS pointing the URL to the right server and that seems to be working properly.
    Something within the application is redirecting the page to gnwhepdev.corp. company .com (our server’s domain address) after the initial login.  Since *.corp. company .com is not in the exclusion list, it is considered an outside address and rerouted.  We are trying to find some way to pass the alias within the  application itself so that we don’t need *.corp. company .com in the exclusion list and we can point users to the inside.ZZZ url.
    Our team researched this issue and found documentation that supported the use of multiple domain names to access a Enterprise Portal.  The documentation that we found is below:
    How To…Configure the J2EE Engine Deployment Descriptor (Version 1.00 – July 2004)
    https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/d0eb8120-b66c-2910-5795-894f384fc054
    Particularly on page 13-15 in the documentation it talks about enabling the portal via multiple domain names (Section 3.7:  Using Multiple Domain Names to Access the Portal).  Also, the documentation says the following:
         You must have sever proxy servers, each with a different domain name.  You then activate the filter mechanism and configure it to work with several proxy servers
    We have several questions about the possiblities of being able to set this up and whether it would require another server where Web Dispatcher would need to be installed for this configuration to work properly.  Can someone please provide some insight into what needs to be configured and answer the question about the Web Dispatcher?  Also, if Web Dispatcher is required, what steps need to be done to configure?  If Web Dispatcher is not needed, what will we need to do apart from that to set this up for our Enterprise Portal system?

    It is but you have to use masking......
    http://iwebfaq.org/site/iWeb_Domains.html

  • Dp* commands failed w/ SMSLdapObject: insufficient access rights to access

    My dpadmin list/modify fails to execute. The amSMS log is below. What aci I lost? Any help is appreciated.
    Regards
    11/20/2005 03:17:15:659 AM MST: Thread[main,5,main]
    SMSEntry: cache enabled: true
    11/20/2005 03:17:16:023 AM MST: Thread[main,5,main]
    SMSLdapObject: LDAP Initialized successfully
    11/20/2005 03:17:16:349 AM MST: Thread[main,5,main]
    Initialized LDAPEvent listner
    11/20/2005 03:17:16:412 AM MST: Thread[main,5,main]
    CachedSubEntries::getInstance DN: ou=DAI,ou=services,dc=sun,dc=com
    11/20/2005 03:17:16:432 AM MST: Thread[main,5,main]
    CachedSMSEntry::getInstance: ou=DAI,ou=services,dc=sun,dc=com
    11/20/2005 03:17:16:441 AM MST: Thread[main,5,main]
    SMSLdapObject.read() retry: 0
    11/20/2005 03:17:16:451 AM MST: Thread[main,5,main]
    WARNING: SMSLdapObject: insufficient access rights to access DN=ou=DAI,ou=services,dc=sun,dc=com
    11/20/2005 03:17:16:461 AM MST: Thread[main,5,main]
    ERROR: CachedSubEntries: unable to register for notifications:
    Message:The user does not have permission to perform the operation.
    at com.sun.identity.sm.ldap.SMSLdapObject.read(SMSLdapObject.java:231)
    at com.sun.identity.sm.SMSEntry.read(SMSEntry.java:334)
    at com.sun.identity.sm.SMSEntry.read(SMSEntry.java:326)
    at com.sun.identity.sm.SMSEntry.<init>(SMSEntry.java:162)
    at com.sun.identity.sm.CachedSMSEntry.getInstance(CachedSMSEntry.java:307)
    at com.sun.identity.sm.CachedSubEntries.<init>(CachedSubEntries.java:72)
    at com.sun.identity.sm.CachedSubEntries.getInstance(CachedSubEntries.java:204)
    at com.sun.identity.sm.ServiceManager.getVersions(ServiceManager.java:409)
    at com.sun.identity.sm.ServiceManager.serviceDefaultVersion(ServiceManager.java:427)
    at com.sun.identity.sm.ServiceConfigManager.<init>(ServiceConfigManager.java:94)
    at com.iplanet.am.sdk.AMCommonUtils.populateManagedObjects(AMCommonUtils.java:497)
    at com.iplanet.am.sdk.AMCommonUtils.<clinit>(AMCommonUtils.java:113)
    at com.iplanet.am.sdk.AMStoreConnection.<clinit>(AMStoreConnection.java:141)
    at com.sun.portal.desktop.context.DSAMEConnection.<init>(DSAMEConnection.java:89)
    at com.sun.portal.desktop.context.DSAMEAdminDPContext.init(DSAMEAdminDPContext.java:110)

    - what's the complete command ?
    - which user is used ?
    /ulf

  • SMSLdapObject: insufficient access rights to access

    The dpadmin command failed w/ SMSLdapObject: insufficient access rights to access. The amSMS log is below. What aci did I lose? Any help is appreciated.
    Regards
    11/20/2005 03:17:15:659 AM MST: Thread[main,5,main]
    SMSEntry: cache enabled: true
    11/20/2005 03:17:16:023 AM MST: Thread[main,5,main]
    SMSLdapObject: LDAP Initialized successfully
    11/20/2005 03:17:16:349 AM MST: Thread[main,5,main]
    Initialized LDAPEvent listner
    11/20/2005 03:17:16:412 AM MST: Thread[main,5,main]
    CachedSubEntries::getInstance DN: ou=DAI,ou=services,dc=sun,dc=com
    11/20/2005 03:17:16:432 AM MST: Thread[main,5,main]
    CachedSMSEntry::getInstance: ou=DAI,ou=services,dc=sun,dc=com
    11/20/2005 03:17:16:441 AM MST: Thread[main,5,main]
    SMSLdapObject.read() retry: 0
    11/20/2005 03:17:16:451 AM MST: Thread[main,5,main]
    WARNING: SMSLdapObject: insufficient access rights to access DN=ou=DAI,ou=services,dc=sun,dc=com
    11/20/2005 03:17:16:461 AM MST: Thread[main,5,main]
    ERROR: CachedSubEntries: unable to register for notifications:
    Message:The user does not have permission to perform the operation.
    at com.sun.identity.sm.ldap.SMSLdapObject.read(SMSLdapObject.java:231)
    at com.sun.identity.sm.SMSEntry.read(SMSEntry.java:334)
    at com.sun.identity.sm.SMSEntry.read(SMSEntry.java:326)
    at com.sun.identity.sm.SMSEntry.<init>(SMSEntry.java:162)
    at com.sun.identity.sm.CachedSMSEntry.getInstance(CachedSMSEntry.java:307)
    at com.sun.identity.sm.CachedSubEntries.<init>(CachedSubEntries.java:72)
    at com.sun.identity.sm.CachedSubEntries.getInstance(CachedSubEntries.java:204)
    at com.sun.identity.sm.ServiceManager.getVersions(ServiceManager.java:409)
    at com.sun.identity.sm.ServiceManager.serviceDefaultVersion(ServiceManager.java:42 7)
    at com.sun.identity.sm.ServiceConfigManager.<init>(ServiceConfigManager.java :94)
    at com.iplanet.am.sdk.AMCommonUtils.populateManagedObjects(AMCommonUtils.java:497)
    at com.iplanet.am.sdk.AMCommonUtils.<clinit>(AMCommonUtils.java:113)
    at com.iplanet.am.sdk.AMStoreConnection.<clinit>(AMStoreConnection.java:141)
    at com.sun.portal.desktop.context.DSAMEConnection.<init>(DSAMEConnection.jav a:89)
    at com.sun.portal.desktop.context.DSAMEAdminDPContext.init(DSAMEAdminDPContext.jav a:110)

    - what's the complete command ?
    - which user is used ?
    /ulf

  • How do I access the portal "builder"?

    It seems like I am successfully logging in as the orcladmin user via the Login link off of the portal home page (/pls/portal/portal.home), because there is no error upon logging in and I can access the OID admin pages. However, I can't seem to figure out how I get to the pages that will allow me to build portal pages, etc. All I see is the "Home", "Community" , "Refresh","Login" and "Help" buttons on the top navigator. Is there a url that I can type in to access the portal builder pages?
    I am quite certain that I am logging in properly because after my initial login, when I click the Login link, it does not take me to the login page, just leaves me where I am at.
    Upon my initial login, should'nt I be forwarded to the portal admin page or something??
    Any help would be appreciated.

    once you login, click on the "corporate documents" tab.
    a link to the "builder" should show up in the top right.
    clicking on that gets you what you want. (there is then a link to navigator on the top right of that page...if you want to work on pages).

  • Specifying access rights for page tabs

    Hello
    I have trouble with specifying access rights for tabs that are inside another tab.
    I have a group named "Customers" and a group for each of our customer companies. The company-groups are all members of the Customers group.
    Then i created a tab called "Customers" which i specified access rights to the Customers group.
    Under the customers tab, i created one tab for each customer and i've specified access rights to each tab.
    I want to accomplish that customers who log into the portal only are able to see theyr own tab, but this doesn't seem to work properly.
    Have anyone had this problem before?
    Regards
    Per-Jarle Sfther

    Per-Jarle,
    Are you sure that the users are not part of a group that is included in the group you gave access to on the tab?
    Rich

  • External sites and access rights

    After a search in oracle portal, only results are shown for item of which a user has access rights. That's great.
    Ultrasearch is capable of searching other (non-oracle) sites as well, so the result of a search may include both portal and non-portal results.
    How to deal with external sites which haver their own access scheme? We have two sites, one oracle portal site, one of a different vendor. In the future, hopefully, usermanagement will be centralized in one LDAP repository.
    I'd love to have one integrated search engine for both sites, which is capable of indexing all pages, but give only those results of which a user is authorized to.
    Can this be achieved by ultrasearch?

    Hi Ton
    In iAS 902, Ultra Search supports crawling of only public data from Portal page groups. These Portal page groups be from different portal instances. Currently, there is no support for limiting the data obtained from Portal page groups to that which a specific user may view.
    We are currently working on supporting authorized crawls/searches.
    This feature will allow you to perform a search as a specific user X. The search results returned for this user X will only contain links to documents that X is explicitly allowed to view. These documents can reside in multiple portal instances as long as all the portal instances have the same user space (i.e. share the same LDAP server).
    So, to summarize, in iAS 902 (and Oracle 92), Ultra Search only supports public searches.
    Regards
    Edward

  • Ultrasearch, external sites and access rights

    After a search in portal, only results are shown for item of which a user has access rights. That's great.
    Ultrasearch is capable of searching other (non-oracle) sites as well, so the result of a search may include both portal and non-portal results.
    How to deal with external sites which haver their own access scheme? We have two sites, one oracle portal site, one of a different vendor. In the future, hopefully, usermanagement will be centralized in one LDAP repository.
    I'd love to have one integrated search engine for both sites, which is capable of indexing all pages, but give only those results of which a user is authorized to.
    Can this be achieved by ultrasearch?

    At the moment, Ultra Search has no notion of Access Control for items that it searches so, in effect, Ultra Search can only crawl public content.

  • How do I fix an access rights error when launching Image Processor in Adobe Bridge CC?

    Often when I am working on files and want to batch process Jpegs for clients I get an error message from Image Processor.  It will state "I am unable to create a file in this folder.  Please check your access rights to this location ...."
    I have cleared cache and up'd my history levels.  I checked to make sure the files were not locked and read/write was enabled.  I am not sure why this error keeps occurring.  I am using Adobe Photoshop CC 2014 (2014.2.2 release) with Adobe Bridge CC (6.1.0.115)

    It's an endless circle.
    See if these instructions help: iTunes repeatedly prompts to authorize computer to play iTunes Store purchases

  • How to restrict access to portal based on entitlements.

    Hi,
    I am working on weblogic 8.1 portal project. i want to restrict the user to access
    the portal based on the entitlements. However when user try to login he is seeing
    Weblogic Error 403 forbidden page. How to display custom error page, instead of
    weblogic default error page.
    How to programatically check whether user has access to portal or not based on
    entitlements.
    Please give me code.
    regards,
    -chada-

    Chada,
    The 403 is by design. If you want to place a page in front of one or more
    portal desktops and only show links to desktops the current user is entitled
    to, review the attachment.
    -Phil
    "Chada" <[email protected]> wrote in message
    news:3fcd6969$[email protected]..
    >
    Hi,
    I am working on weblogic 8.1 portal project. i want to restrict the userto access
    the portal based on the entitlements. However when user try to login he isseeing
    Weblogic Error 403 forbidden page. How to display custom error page,instead of
    weblogic default error page.
    How to programatically check whether user has access to portal or notbased on
    entitlements.
    Please give me code.
    regards,
    -chada-[login.zip]

  • Can't access to Portal Admin Console.

    Hi all,
    I'm working with WLP 10.2. I've created the ear-file (using maven) and deployed it on server (with Unix-system). The current application works well.
    My current task is a creation portal in streaming mode. Unfortunately I can't access to Portal Admin console for resolving task. I always retrieve "Error 404 (Not found)".
    As I know the admin-tools.war is responsible for Portal Admin Console. I've checked admin-tools.war is running on server (with status "Active").
    I'm using the next path for running Portal Admin Console: {serverhost:port}/{context root of admin-tools}/portal.portal.
    Maybe, Should I set up(correct) application.xml or weblogic.xml?
    Please let me know if you have any ideas.
    Thanks,
    Yuriy

    I think your URL is wrong, try with the following...
    http://{server:port}/{name_your_ear}Admin/portal.portal
    name_your_ear= The name of your Enterprise Application.
    For example,
    http://localhost:7001/DemosEarAdmin/portal.portal
    I hope this helps

Maybe you are looking for

  • Error while starting listener on my database TNS-1255,TNS-12560, TNS-00525

    Hi All, I am newbie to oracle and i have been struggling from last one week to get this error corrected on my database. Listener services are not working due to which i'm unable to proceed my work. Please provide ur help as i really want to learn. Ed

  • Editing a Sequence of Link - v9 is painful, v7 is better

    We regularly take a page of text and create/edit multiple links to open different PDF files (document index list going to the chapter PDFs). With v7 of Acrobat, you edit the first, click on the second link (while the properties box was still visible)

  • Help to revive my Macbook Pro 2006

    Hey, My MBP was bought in late 2006. It is the first aluminum model I believe. It also runs very hot. To the point: Every move I make on it takes ages, I could write a sentence and it would roll the beach ball and hang for many seconds before I could

  • Sound just stopped working!

    Ok, so I opened imovie 08 today for the first time on my macbook pro today. I imported about 6 movies, and went to work on editing them, which was i pain because i was used to the last version, I worked for nearly 2 hours, finished the quick project

  • InDesign to eps problem

    When exporting an indesign file as an eps sometimes around a circular logo the background area will stay white behind it, so when put against a colored background it will show up white behind the logo instead of the color of the background.  How do I