Access to portal desktop denied through gateway

I'm trying to get the gateway component to configured and working. I've installed gateway on a separate box from my portal server. When I go to the gateway url (using either https or http) I get prompted to login. Once I submit my user credentials, I get this message:
     Access to this resource is denied !!
     Contact your administrator
If I enter incorrect user credentials, I get an authentication failed, as expected. So authentication is working, but for some reason, I just can't get to the portal desktop! I ensured that my user account has the Access List service. And I haven't changed any URL allow/deny lists from whatever the default templates were, they still allow *.
Any ideas?
Thanks,
Patricia

Are you able to get to the portal desktop without going throwing the gateway ?
What the does the debug error logs show ?

Similar Messages

  • Unable to access/load a specific webpage through gateway

    I am unable to access http://giftedhomeschoolers.org from any of our devices on our home network.  This is the only website that we are have this issue.  Tried on several computers (MAC, Windows) and mobile devices (Kindle, iPhone).  On iPhone, when I disable the wifi I am able to get to the site.  Any help is appreciated.

    In these situations it can be basically four things:
    1) DNS problem: the AT&T DNS servers can't resolve the IP address of the site
    2) Server black list: AT&T is deliverately blocking traffic to the IP based on earlier misdeeds from it
    3) Routing issue: There's a bad routing table somewhere between you and the remote site
    4) Site Configuration Issue: The server is configured not to respond to your IP address range, due to outdated configuration issue, or blocking due to past misdeeds at your address.
    You can work with AT&T Technical Support on 1 through 3, though the tier 1 people won't have a clue, and half of the tier 2 people won't either, and the rest may not be able to spare the time.
    You'd have to work with the site itself if the problem is #4.
     

  • Several Portal Desktops

    Good Morning :
    We have an (EP) intranet and a (EP) website and we are going to develop an extranet only for external stakeholders, so we have developed a custom login in the website and it works, but we would like to disable intranet users to access using this login.
    We were doing some changes using the Portal Display Rules Editor, but We didn't had the expected results.
    It is possible to do that?
    By Internet, enable only one role(or group) to have access to one "portal display" and
    disable others to have access to the portal even if they have roles and another portal display assigned.
    We have mapped the LDAP users to the UME.
    I was reviewing the following document.
    http://help.sap.com/saphelp_nw70/helpdata/en/95/92b2f7d2f14a6da7a8b5d66808d1f6/content.htm
    Thanks in advance.
    Edited by: Oscar Pablo Leon Saldivar on Mar 14, 2008 10:39 AM

    I discover that my real problem is when I change my "Default Portal Desktop" (copied to my user folder called extranet) to use another Portal Framework.
    Only super_admin_role has the owner permission to access to my Portal Desktop, so when you try to access the portal with the user XXXTEST shows the following the message:
    "Error occurred while trying to access desktop: "portal_content/COLPExtranet/Extranet". The object does not exist or you are not authorized to access it. If this problem persists, contact your system administrator"
    That is OK, because the user does'nt have permissions to use my Portal Desktop.
    But when I change the Portal Framework related to the Portal Desktop, the user XXXTEST can access the Portal Desktop. I didn't change the permissions to see the Portal Desktop.
    Have you seen that problem in EP?.

  • Issue on Portal desktop object

    Hi All
    I am getting the following on the portal desktop object.
    Error occurred While trying to access desktop:"portal_content/Test/com.bhm.desktop/testDT".the object does not exist or you are not authorized to access. Please contact system administrator
    i had check the name of the portal desktop object "testDT" which already exists in the portal content directory and having right permission as "Every One".
    Still i am getting this issue , the master rule collection as follows for setting the desktop as follows.
    IF Group = testDT
         THEN Portal Desktop = "pcd:portal_content/every_user/general/defaultDesktop
    IF User = TST33
        THEN Portal Desktop = "pcd:portal_content/every_user/general/defaultDesktop
    IF User = *
        THEN Portal Desktop = "pcd:portal_content/Test/com.bhm.desktop/testDT
    Currently the above  issue which i mentioned was getting for user "TST56".
    Is there any other authorization or permission required to access the portal desktop?.Please help me on this.
    Thanks in advance.
    Regards,
    Kalki reddy

    Hi,
    Please check this [link|http://wiki.sdn.sap.com/wiki/display/EP/PortalDeveloperRoles-DefaultDesktoplogin+issue]
    Make sure that you set eu_role permissions properly.
    Hope it helps.
    Regards,
    Abhijeet

  • Accessing Intranet Web application (protected by  Agent)  through Gateway

    Hi All,
    I have installed Sun Portal Server in one machine and SRAGateway on different machine and also I have an intranet Web Application server(not accessable through internet), is protected by Access Manager Policy Agent.
    I am just displaying this web application Url in a portal desktop . So when user access the Gateway (https://host.com) , after successful authentication he can able to see the portal desktop with web application url. After clicking this url he can enter in to the Web Application.
    I am able to enter into the portal desktop , but when I click the web application url its giving the following error" (https://gatwayhost.domain.com/http://websver.domain.com)
    "Unable to connect to the host, Contact Administrator
    Please help me to solve this.
    Thanks in Advance

    We use a reverse proxy because we had specific requirements. It's more complex than just using the rewriter proxy and maybe not the best solution for you.
    The setup is quite simple, you install an apache server (with mod_proxy module) , you install the access manager agent on top of apache and you set the httpd.conf to tell the apache to act as a reverse proxy.
    You tell the gateway to use the reverse proxy instead of the real site. In our case we simply add a line poiting to the reverse proxy for the server name in the /etc/hosts file.
    You open the http port 80 in your firewall from the gateway to the apache reverse proxy and from the apache to the intranet website.
    And it's done.

  • Error when accessing Portal desktop

    Hi All,
    I've created a custom portal desktop which is working fine in our Dev system.
    I exported the content, theme, desktop etc fine last week into our QA box but now I have an issue. When I use a user without the Super_Admin role, I get the following message (I have changed the actual desktop name below - its NOT the default desktop I am having prolems with...) -
    "Error occurred while trying to access desktop: "portal_content/com.sap.pct/every_user/general/com.sap.portal.defaultDesktop". The object does not exist or you are not authorized to access it. If this problem persists, contact your system administrator."
    Now, I have been through the SDN forums and looked for this issue. I've looked at notes 869690 and 856865 as well as many of the threads on this but nothing has resolved the issue.
    I have gone into the PCD and set all of the directories that are relevant to allow the Everyone group READ access. The users that I am testing are members of that group and have roles that should allow them to see the desktop fine - they work within Dev without issue and all permissions seem the same.
    To recap, I've checked permissions in the PCD, the Main Rules are ok, the desktop exists and has the correct permissions and I have a rule assigned to the users and groups. My Dev desktop works but my QA one doesn't.
    Does anyone else have experience of this issue? or perhaps even an answer?
    Thanks

    Hello,
    I have encountered the same problem and I followed all the suggestions as mentioned in the threads.
    However no luck. Still having a problem and our QA testing starts on Monday.
    Wondering if there is any other solution to this problem.
    Thanks.
    Regards,
    Sunil

  • I have a Mac computer and am trying to use a Photoshop CS4 program, but after accessing my desktop files through Adobe Bridge and clicking twice on any of the pictures to get into Photoshop,  instead of entering photoshop I get an enlarged version of the

    I have a Mac computer and am trying to use a Photoshop CS4 program, but after accessing my desktop files through Adobe Bridge and clicking twice on any of the pictures to get into Photoshop, instead of entering photoshop, I get on the lefthand side an enlarged version of the picture with red, yellow and green buttons on top. Any suggestions on what is wrong, or what can be corrected ?

    And there is the problem. Your pictures are opening up in Mac's own Preview app.
    Do you want all your jpegs to open in Photoshop, or only when you are in Bridge?
    Selecting a program to open a certain file is called: File Type Association.
    You can choose this at the MacOS level or the Bridge level.
    Here's how to do both:
    Either MacOS or Bridge has the wrong app associated with the jpeg. Let's start with MacOS
    Close Bridge and Preview. Select one of your jpegs, and press Cmd i, That will bring up the file info window.
    Go down to the "Open with" section of File Info.
    Choose Photoshop CS4 and click on the Change All... button to apply this choice to every jpeg on your Mac.
    Then open Bridge and see if double-clicking opens it in Photoshop.
    Now that means all jpegs on your Mac will open in Photoshop.  Maybe you don't want that.
    You can set your jpegs to open in Preview when Bridge is closed.
    When you open Bridge, there is Preferences > File Type Associations where you can direct Bridge to open the jpegs in Photoshop when you are viewing in Bridge.

  • Error while testing ECC and Portal-Connect to SAP gateway failed

    Dear Experts,
    While testing ABAP connection in Portal i am getting below error.

    Dear All,
    My error is rectified with below thread.
    SLDCHECK: Error when opening an RFC connection (CPIC-CALL: 'ThSAPOCMIT'...
    Hi,
    You need to create an RFC to the SLDCHECK:
    1. In your web browser, enter the URL of SAP NetWeaver Administrator using the following pattern:
    http://<host>:<port>/nwa
    2. Choose Configuration Management u2192 Infrastructure u2192 Jco RFC Provider.
    3. Choose Create.
    4. Enter the connection and transport parameters as required.
    Field
    Description
    Program ID
    We recommend that you use the following pattern: SLDAPI_<SAPSID>, where SAPSID is the system identifier of the AS Java system.
    Gateway host
    Gateway service
    If your AS Java is an add-on installation to an ABAP system, use the gateway of the ABAP system. You can look up the gateway parameters of an ABAP system using transaction SMGW.
    If your AS Java is a standalone installation, we recommend using a gateway on the Central Services Instance host. As of SAP NetWeaver 7.1, usage type AS Java that comprises SLD also contains an SAP RFC Gateway.
    Server Count (1..20)
    Enter 3.
    5. Choose Next.
    6. Enter logon data to the ABAP repository. You can either use an existing RFC destination from SAP NetWeaver Administrator u2192 Configuration Management u2192 Security u2192 Destinations or you specify the ABAP repository explicitly. The destination should point preferably to an AS ABAP close to SLD. If SLD is running on an AS Java standalone installation, the calling AS ABAP can be used instead. We recommend to create and use an RFC destination instead of explicitly specifying the connect parameters here. In both cases, the following parameters are required
    Field
    Description
    System Landscape Directory 15
    User Manual 03.04.2008
    Application Server Host
    System Number
    Client
    Language
    User
    Password
    Enter the logon data for the AS ABAP system. You must specify an existing user with appropriate authorizations for RFC.
    If you are running a system with both usage types AS ABAP and AS Java, use the logon data for this system.
    If your AS Java is a standalone installation, use the logon data for the calling ABAP system.
    7. Choose Next.
    8. Leave the default values in the next steps.
    9. Create the Jco RFC destination by choosing Finish.
    Result
    The Jco RFC destination creates a number of u201CServer Countu201D RFC server threads on your AS Java. These RFC servers register at the RFC Gateway specified. You may configure multiple ABAP systems to connect to these RFC servers. In this case, the Server Count should be increased when TIME_OUT exceptions are observed.
    Creating an RFC Destination for the SLD ABAP API on the AS ABAP Side
    Use
    If you want to configure an ABAP application to access data in the SLD through the SLD ABAP API, you have to create an RFC destination on the ABAP system side.
    Prerequisites
    An RFC destination for the SLD ABAP API is created on the AS Java side.
    Procedure
    1. Call transaction SM59.
    2. Select TCP/IP connections and choose Create.
    3. In the RFC Destination field, enter SAPSLDAPI.
    4. On the Technical Settings tab page, select the Registered Server Program indicator.
    5. In the Program ID field, enter the same program ID as the one you entered when you created an RFC destination for the SLD ABAP API on the AS Java side. We recommend that you use the following pattern: SLDAPI_<SAPSID>, where SAPSID is the system identifier of the AS Java system.
    6. Choose MDMP & Unicode and select the Unicode indicator.
    7. Choose Save.
    8. Test the RFC destination by choosing Connection Test.
    If the display shows the response times, you have configured the RFC destination correctly.

  • ACCESS with PORTAL

    Hi All,
    Can we integrate an ACCESS application with Oracle Portal? If so, can any one guide me through the process?
    Thanks
    Raj

    From web.xml ..
    <servlet-mapping>
    <servlet-name>AppManagerServlet</servlet-name>
    <url-pattern>/appmanager/*</url-pattern>
    </servlet-mapping>
    Cheers
    Dennis
    Karthi wrote:
    Sorry Chris,
    I don't get you.
    What do you mean "any thing" also ?
    How do we manage the appmanager URL mapping in web.xml ?
    Please explain in bit detail
    Thanks,
    Karthi.
    "Chris Jolley" <[email protected]> wrote in message
    news:4086f3f3$[email protected]..
    you can use either one in production. .portal files are not just fordevelopment
    the only difference is your end users or admins cant customize them
    as far as the long urls, are you worries aboutwebappname/appmanager/portalpath/desktopath
    being too long?
    Some things that might help
    -you can make your webapp name anything you like
    -appmanager can be anything also just change your web.xml
    -portal path can be anything also,
    -desktop path you can get rid of by specifying a URI for the portal thatjust
    forwards you to
    a default desktop.
    "Karthi" <[email protected]> wrote:
    Hi all,
    As of docs, I came to know that the portal can be access by .portal file
    during the development.
    And using appmanager in producation . Is my understanding right?
    If so, what is the recommended way to manage the long urls?
    I mean to ask how efficiently we can use the PathTrim directive of apache
    to
    achive this.
    Or is there a better way.
    Thanks,
    Karthi

  • Sun Java Enterprise Portal Desktop creation from scratch

    Please see below our request.
    1.     What I need?
    We are expert in J2EE and relative technologies. We just want a support which helps them to move in a right direction to adopt and excel with SUN JES. Basically, this document expects a guidance to show right direction in creating SUN JES Desktop. Below are the bullet points which try to explain the actual expectation from the response documentation:
    •     Sun JES Desktop: We require hands on documentation which would assist us in creating a desktop from scratch. This documentation should unveil step by step demonstration of Sun portal desktop creation. The document can assume that all the components with SUN JES are already been installed with default sample desktops.
    •     Replica of existing Directory server to new Directory server: We would like to understand the procedure involve in creating a replica of existing directory server. We have already exported LDIF file from the existing directory server. But when we are importing it to the directory server installed at our local machine, it is prompting us with an error message that schema for the importing content not available. This suggests that we have not created schema at our local machine. Therefore, we would require an assistance to export all the content from an existing directory server to new directory server along with the schema.
    •     Change Deployment: It should explain all the required steps involved for re-deployment of the content available with the portal. In other words, if there is a change made in the content of the portal (any JSP, JAR or configurable file) then what are the steps required to re-deploy and reflect the changes on portal?
    2.     Current Status
    2.1.     SUN JES Installation and Configuration
    We are through with initial setup of SUN JES. We have installed entire required component on our local machine (Windows XP) with default configuration for sample desktop which includes:
    •     Sun Application server
    •     Sun Directory server
    •     Sun Access Manager
    •     Sun Portal server (Instance created in web server)
    •     Sun Instant messaging
    •     Sun Web server
    The setup also includes configuration of sample portal (myPortal) which has some desktops already created like enterprise, developer and community desktop.
    2.2.     Component understanding
    We have gone through almost all the documents available under SUN documents. But we felt those were rather high level understanding documents. We have basic understanding of the all the components which come up with SUN JES.
    3.     Desktop Example
    As we are very new to the SUN JES, we expect something which is very basic to understand. In other words, when we start with any Java or programming language, we use to have Hello World short of program. Similarly, we expect a very simple desktop which just assist in learning steps involved in creation of desktop from scratch. Here, we can assume that all the required components are already being installed and running. Let us take an example:
    Suppose we have 4-5 users who belong to different groups. These groups have some defined policies (Something that we use to create with access manager). On the basis of the groups, they are allowed to access the sites available with the portal.
    User - A, B, C, D
    Group – I, II
    User-Group Mapping
    A, D -> I
    B, C -> II
    Desktop contents:
    Page displaying URL for google.com and myhcl.in
    Group I – On click of google.com, it should display the page in channel. Whereas, on the click of myhcl.in, it should display a message, quoting “You are not authorized to view this page.
    Group II - On click of myhcl.in, it should display the page in channel. Whereas, on the click of google.com, it should display a message, quoting “You are not authorized to view this page.
    Again, in all we just require a very basic desktop, which helps us in understanding the procedure involve in creating a SUN portal desktop. We think that this exercise would cover and help us in understanding all the nitty-gritty involved for learning SUN JES. Please feel free to add anything which you think will help us in learning SUN portal.
    Please let me know if anything unclear.

    Hello,
    I am not sure how much you are comfortable with profile creation for the different users.
    while user provisioning, if you are aware of kind of user and can assign the profile then this could be easily done.
    what if you don't show the link for unauthorised user instead of showing message that "You are not authorised....."
    create two different profile with two different channel having links and assign appropriate profile to the users.
    - sumant

  • How to restrict access to portal based on entitlements.

    Hi,
    I am working on weblogic 8.1 portal project. i want to restrict the user to access
    the portal based on the entitlements. However when user try to login he is seeing
    Weblogic Error 403 forbidden page. How to display custom error page, instead of
    weblogic default error page.
    How to programatically check whether user has access to portal or not based on
    entitlements.
    Please give me code.
    regards,
    -chada-

    Chada,
    The 403 is by design. If you want to place a page in front of one or more
    portal desktops and only show links to desktops the current user is entitled
    to, review the attachment.
    -Phil
    "Chada" <[email protected]> wrote in message
    news:3fcd6969$[email protected]..
    >
    Hi,
    I am working on weblogic 8.1 portal project. i want to restrict the userto access
    the portal based on the entitlements. However when user try to login he isseeing
    Weblogic Error 403 forbidden page. How to display custom error page,instead of
    weblogic default error page.
    How to programatically check whether user has access to portal or notbased on
    entitlements.
    Please give me code.
    regards,
    -chada-[login.zip]

  • How to get argument value from portal desktop URL

    hi,guys
    I have a question ,it is how to get argument value.see:
    in one portal desktop,I have a hyperlink like this
    http://localhost:7001/TestPortal/appmanager/testPortal/testDST?eventId=1
    after click,then will be switch another desktop "testDST"
    I tried to get value from request,but failure.
    @RequestMapping
    public String listTestList(RenderRequest request, RenderResponse response,ModelMap model) {
    //HttpServletRequest httpRequest = (HttpServletRequest) ; //request.getAttribute("javax.portlet.portletc.httpServletRequest");
    //log.debug("httprequest eventId>>>" + httpRequest.getParameter("eventId"));
    log.debug("render request eventId>>>" + request.getParameter("eventId"));
    I can't get this value from request,also tried httpServeltRequest,but httpServletRequest can't get,it is null;
    so ,how to get this value,thank you very much.
    regards
    aris

    Hello,
    It is true for JSR168 portlets that you can't just arbitrarily set parameters on a URL and get access to them inside your portlet- you must use the appropriate APIs on the PortletURL class to set parameters that you can retrieve. This is the only portable (standards-compliant) way to implement the functionality you want.
    However, for your particular use-case, you can get the URL parameters from the (non-JSR168) HttpServletRequest object. The only reason you are getting a null object for that is because the attribute name is wrong. This should work:
    HttpServletRequest httpRequest = (HttpServletRequest)(request.getAttribute("javax.servlet.request"));
    String eventId = httpRequest.getParameter("eventId");
    Kevin

  • Accessing multiple portals at the same time?

    Is it possible to access multiple portals at the same time?
    For example, what I want to achieve is different properties (layout,
    portlets, look & feel) for different groups of users accessing the same
    portal. The Associated Groups part on the Portal admin page is not
    fulfilling our requirements. So we decided to have different portals for
    different groups of users, all working through one portal, and accessing
    their custom portals. Is this achievable?
    What we are thinking is: put the common functionality in the repository
    portal directory, and the custom portlets/jsps in the group-specific portal
    directories. This way we can customize portal behavior for different groups
    of users. Is this achievable?
    Thanks.
    Amit

    You have to user respective DRILL commands present in WAD to configure the drill operations on multiple characteristics...

  • Creating portal desktop for the user

    Hi All-
    Please help me out...
    1) Could you let me know the detailed procedure ( if possible please provide screen shots) to create "Portal Desktop for the user".
    2)Suppose we developed a webDynpro Application and we need to make it Role Based access....please let me how to achieve this..
    3)Help me out in creation of "Roles" in Portal Content Development and the steps to assign pages to "Roles"
    Regards,
    Cris

    Hi Cris,
    Follow these links for the required info.
    Creating Portal Desktop for specific user
    Portal Branding for specific user
    Creating Roles & worksets
    http://help.sap.com/saphelp_nw04/helpdata/en/4f/bceaffeb8c114ebef8255b63079c7c/frameset.htm
    Integrating webdynpro in portal
    https://www.sdn.sap.com/irj/sdn/downloaditem?rid=/library/uuid/2fffe990-0201-0010-aab0-e61c3250bcf3
    Hope I am helpful.
    Cheers,
    Santhosh

  • Use ip address to access the portal

    If there any way to access a portal through ip address instead of fully qualified domain name.  I need to access the portal in my office through an external ip address in a router.  The port forewarding force an ip address even I define a hostname for my router.

    Hi Wing ,
    yes you can , but some pieces of the portal depend on full hostname resolution ( for domain security) . So Single Sign On to backends will not work properly (if at all) plus Javascript will act funnily in your browser (depending on the settings ).
    Also you need to make sure any content in an Iview that is displayed in an Iframe is domain-name resolvable to your browser (e.g. other non-portal hosts ) .
    Much better to go through a Reverse Proxy in the DMZ ..see various posts in the Implementation forum .
    Regards
    Daniel

Maybe you are looking for