Admin defined roles in Web Admin

Similar Messages

• Weblogic Portal 9.2 | Access on portlets/JPF based on user defined roles.

  Hi,
  In my application, i have created some roles in the embedded LDAP of weblogic. Example. ViewBillsRole, ViewTicketsRole, etc.
  Now my requirement is that if a user hits the URL directlyy for bills, he should be shown it instead he should be taken to some page.
  Example: http://localhost:7001/myPortalWeb/myPortal.portal? _nbfp=true&;pageLabel=bills
  This URL when hit directly should take user to login screen. How can i restrict this? How can i access roles present in embedded LDAP. I saw some annotation rolesAllowed in page flow controller properties, but wasnt of much help.
  Can anyone tell me how can i achive my goal? Thanks
  Saurabh

  Hey Cindy,
  Thanks for your response. Let me be more clear in what i am looking for:
  Suppose my application has 4 modules e.g; Bills,Orders,Tickets,Services.
  Now i have defined some roles like ViewBillsRole,ViewTicketsRole,ViewOrdersRole and so on.
  When the user logs in and tries to manipulate the URL in such a fashion that he changes the _pageLabel property to that of bills and he is not authorized to access bills, he should be taken to some page with a message.
  For this when i did the following:
  @Control
  UserInfoControl userInfoControl;
  List<String> roleName =
  userInfoControl.getAvailableUserRoles(getRequest());
  I can see the roles mentioned above and i can check
  boolean isUserInRole = userInfoControl.isCurrentUserInRole(getRequest(), ColtConstants.VIEW_BILLS_ROLE);
  This lets me know if a user should be taken to the BILLS page or not. But if i use this approach to solve my problem, i need to make changes in all the modules across the application, which i think is not the best solution.
  I wish if i can configure this roles property on Controller level than action level.
  Now i saw allowRoles on controller level. This also internally uses approach 1 to determine what all roles are assigned to the user. But if a user has a particular role, still it thorws UnfulfileldRoleException.
  I hope you got my point. I am not sure where is the controller checking for allowRoles. If it is checking in request, i have it there.
  Do i need to configure all the roles in web.xml ? If yes then it means i have 2 places where roles are mapped. 1. Web.xml and 2. LDAP.
  Let me know what can be the best solution to cater my problem. The links you have sent doesnt seem to work right now.
  Thanks a lot in advance,

• Need api for changing security role in web.xml !!

  My requirement is to change the value of the deployment descriptor "security-role" (in web.xml) through an api and inturn to persist the new value in web.xml. Also I need to know if this change is automatically redeployed or an explicit redeployment is needed ? In that case how do I redeploy using an api call ?
  I found a lot of apis related to roles like createRole, removeRole etc.. But there are no apis to change the name of the role and inturn persist in web.xml.
  Do I need to provide any more information ? Let me know
  Thanks,
  Karthick

  why and when do you change security-role? try to use ant task (perhaph you need xpath also). it´s the better when you perform task about life´s cycle of application.
  please, describe your problem.
  of course in you change web.xml you must restart the application.

• User Defined Exceptions in Web Service

  I am trying to create complex user defined exceptions in Web services I am creating. Is there a way in JDeveloper to assist in modifying the WSDL to include all required parameters for fault handling that I can use to do this? Or do I have to write the XML manually in the WSDL file. Any recommended ways to accomplish this?

  Hello,
  raise duplicate_loan; won't avoid the trigger to insert and commit. If you really want to avoid the insertion, use the raise_applicatrion_error() instead.
  For instance : Raise_Application_Error( -20001, 'Insertion cannot be validated' );Then in your Forms module, you can catch it like this:
     Begin
     Insert Into ...
     when others then
        LC$Erreur := Substr( SQLERRM,1 , 500 );
        LN$err_code := ABS(SQLCODE);
        If LN$err_code = 20001 Then ...
     End;
  ...Francois

• How to define roles for the reports that i have created using WAD?

  Hi all,
  Can anyone let me know how to define roles for the reports generated using WAD. And what is the procedure for creating and defining roles. Is this process take care of Bw consultant nor the basis guys.
  Can anyone let me know the entire procedure about the roles in bw 3.5
  thanxs
  haritha

  Following links might helps you
  create a role
  https://www.sdn.sap.com/irj/sdn/wiki?path=/display/bi/authorizationinSAPNWBI&

• Call a user defined method in web dynpro from interactive forms

  Hi All,
  how to call a user defined method in web dynpro java, when a selecting value from drop down list which is in interactive forms by adobe
  thanks.
  Edited by: venkat99 on May 24, 2010 4:52 PM

  Well, you can use F4 help, of course, check here: http://help.sap.com/saphelp_nw70ehp1/helpdata/en/48/a1900622ec062be10000000a42189d/frameset.htm
  You need to select the value first and then use the submit button, which is mapped to the WD action submit (you have to set this up in WD designer!!). To use the submit button for more actions, you need to use something like a hidden field, where the value is set according to the action you want to do with your submit button. The submit sends this value back to WD, where you can switch the program code according to the value.
  Otto
  p.s.: and maybe this blog can help: /people/shruti.rathour/blog/2008/02/07/uploading-sap-interactive-form-on-the-abap-webdynpro-view

• Defining roles and access for OWB Designer

  Hi,
  Can i Define roles and access rights to different on 1 OWB Designer repository?
  I want to send my mappings for code review but i dont want them to log into the OWB designer with write access.
  How can i achieve this in the same OWB designer repository as the one i am using?
  I am using OWB 10.1.
  I found some table - WMP_USER_ROLES,WMP_GROUP_ROLES,WMP_GROUP_REPOSITORIES
  when i logged into the designer schema through sqlplus
  Thanks
  Sagar

  Hi Sagar,
  Yes you can do that. Basically you can create a db user, and then register the user with a repository. By default that user has all privileges, however it now is audited per user as to what he/she did. How to do this look at the doc (find SecurityHelper)
  To enable you to protect metadata there are a couple of strategies (implemented via a simple PL/SQL API). For an example (this one works with policies on the module level) take a look here (http://www.oracle.com/technology/sample_code/products/warehouse/files/Dev_Status_Policy.SQL)
  This would work as follows:
  - Create user REVIEW
  - Register user REVIEW to repos QA
  - For a module you want review for, set the status to QA
  Now the REVIEW user logs in and he can look at QA but cannot touch.
  Hope this helps,
  Jean-Pierre
  In your situation

• How to transfer role to Web Portal

  Hello Friends..
  Need some help.
  There is some specific requeirment of my project.
  We have some Bex Queries which have been assigned under one particuler role and we can execute the same from Buss explores.
  Now I just want to transfer this role to enterprise portal , so i can see all the iview for all queries under the same role.
  Currently we are creating all iview manually which is unlogical.
  Could you please let me know how can we transfer role to Web , so we can see all iview.
  I hope my question is clear to all of you. Thanks in advance.
  Regards

  Thanks for your help.
  But I m not transporting the Web tempaltes and i view any where.
  I just want to chck all Iview and Webtemplates be there for all queries and reports in same server.
  When i go in Portal , all iviews shld be created automatically for all reports.
  For this , we need to transfer our roles from Bex to Web portal , so it automatices create all iview for all report.
  But i dont have idea , how can we do this..
  Please let me know if any one of you have any idea.
  Regards

• Access a JCo dest define in the Web Content Administrator

  I have got a J2EE application developed on NDS and i want to access and use a JCo destination defined in the Web Dynpro Content Administrator as a Web Dynpro application done.
  First: is it possible or not ?
  and if yes please tell me how ?
  Cheers,
  Eric Gourdou.

  Hi, we're trying the solution described above.
  The application cannot be deployed on the WAS due to the following call:
  WDJCOClientConnection client =
  WDSystemLandscape.getJCOClientConnection(“myJCOClient”);
  Here is the exception thrown by the deployment service:
  server ID 8240151:com.sap.engine.services.deploy.exceptions.ServerDeploymentException: Application xxx cannot be started.
  Reason: it has hard reference to resource tcwdwebdynpro with type service, which is not active on the server.
  at com.sap.engine.services.deploy.server.ReferenceResolver.processReferenceToService(ReferenceResolver.java:458)
  at com.sap.engine.services.deploy.server.ReferenceResolver.processMakeReference(ReferenceResolver.java:396)
  at com.sap.engine.services.deploy.server.ReferenceResolver.beforeStartingApplication(ReferenceResolver.java:328)
  at com.sap.engine.services.deploy.server.application.StartTransaction.beginCommon(StartTransaction.java:178)
  at com.sap.engine.services.deploy.server.application.StartTransaction.beginLocal(StartTransaction.java:152)
  at com.sap.engine.services.deploy.server.application.ApplicationTransaction.makeAllPhasesLocal(ApplicationTransaction.java:356)
  at com.sap.engine.services.deploy.server.application.ParallelAdapter.runMe(ParallelAdapter.java:80)
  at com.sap.engine.services.deploy.server.application.ParallelAdapter$1.run(ParallelAdapter.java:218)
  at com.sap.engine.frame.core.thread.Task.run(Task.java:64)
  at com.sap.engine.core.thread.impl5.SingleThread.execute(SingleThread.java:79)
  at com.sap.engine.core.thread.impl5.SingleThread.run(SingleThread.java:150)
  Do you have any information on how to activate the service or how to reference the jar in the J2EE application.
  By trying to define the service with a weak reference, the deployment works but a ClassNotFound exception is thrown.

• Use WebLogic Admin defined role in EJB permission

  Hi all!
  Can someone please tell me how it's possible to:
  - Define a role in WebLogic Admin console and use it in the EJB permissions.
  OR
  - Define custom attributes (like hours of access) to the roles in the xml descriptors.
  thanks in advance,
  Richard

  Hi Slavik
  >Will it always work ?
  What do you mean?
  >Have I made everything to make it work ?
  Yes, it shall work.
  >Is there a way to make the role-group mapping programmatically ?
  In fact the operation belongs to administrative or configuration phase of your App's life cycle. Naturally It's not a developer's responsibility. From other point of view at development time you cannot predict UME roles/groups that will be on J2EE server during application deployment. Developer cannot predict even target J2EE server. Different servers can have own UME roles/groups.
  Still at development time it's possible to design very restricted mapping. There are three constants 'all', 'administrators', 'guests' which you can use in XML descriptors. These constants will be mapped to the corresponding UME roles during deployment.
  BR, Siarhei

• Hyperion Shared Services Import security files where to define roles-11.1.2

  Hi,
  I want to create the shared services security import file. Do anyone knows where to define the group or user roles for it. Earlier we have to changes in CSImportexport.
  Now in version 11.1.2.1 things are different.
  Do anyone knows about it.
  Thanks!!!!

  Thanks for the reply.
  I am taking export only first and this is what i got from export, if you see below under role id there are some codes generated internally, if I have to give any group different roles like planner, application creator, interactive user... where in csv file I can define those.
  #provisioning     
  project_name ----------     application_name     -----role_id     --------------------------------------------------------------------------------------------- product_typ--------user_id-------     user_provider     
  Default Application Group---     CPSPlan-----     native://DN=cn=HP:0003,ou=HP,ou=Roles,dc=css,dc=hyperion,dc=com?ROLE--     HP-11.1.2.0-------     admin--------Native Directory     
  Default Application Group---     CPSPlan-----     native://DN=cn=HUB:2,ou=HUB,ou=Roles,dc=css,dc=hyperion,dc=com?ROLE---     HUB-11.1.2.0-----     admin--------Native Directory     
  Default Application Group---     CPSPlan-----     native://DN=cn=HP:0001,ou=HP,ou=Roles,dc=css,dc=hyperion,dc=com?ROLE--     HP-11.1.2.0-------     devusr-------Native Directory     
  Default Application Group---     CPSPlan-----     native://DN=cn=HP:0001,ou=HP,ou=Roles,dc=css,dc=hyperion,dc=com?ROLE--     HP-11.1.2.0-------     OMBUsr-----     Native Directory     
  Default Application Group---     CPSPlan------native://DN=cn=HP:0003,ou=HP,ou=Roles,dc=css,dc=hyperion,dc=com?ROLE--HP-11.1.2.0-------     processadmin-----     Native Directory     
  Regards.

• How does Azure Compute Emulator (or the Azure one) determine if a role is web project or something else ("The Web Role in question doesn't seem to be a web application type project")?

  I'm not sure if this is F# specific or something else, but what could cause the following error message when trying to debug locally an Azure cloud service:
  The Web Role in question doesn't seem to be a web application type project.
  I added an empty F# web api Project to a solution (which adds Global.asax etc., I added an OWIN startup class Startup etc.) and then from an existing
  cloud service project I picked Roles and
  chose Add
  -> Web Role Project in solution, which finds the F# web project (its project type guids are 349C5851-65DF-11DA-9384-00065B846F21 and F2A71F9B-5D33-465A-A702-920D77279786),
  of which the first one seem to be exactly the GUID that defines a web application type.
  However, when I try to start the cloud project locally, I get the aforementioned error message. I have a C# Web Role project that will start when I remove the F# project. I also have F# worker
  role projects that start with the C# web role project if I remove this F# web role project. If I set the F# web project as a startup project,
  it starts and runs as one would expect, normally.
  Now, it makes me wonder if this is something with F# or could this error message appears in C# too, but I didn't find anything on Google. What kind of checks are there when starting the emulator and which one needs
  failing to prompt the aforementioned message? Can anyone shed light into this?
  Sudet ulvovat -- karavaani kulkee

  Sudet,
  Yeah you are right, the GUID mentioned seems to be correct and the first one i.e. {349C5851-65DF-11DA-9384-00065B846F21} means the web application project which compute emulator uses to determine while spawning up role instances.
  You might want to compare the csproj of your C# and F# web projects which might give some pointers.
  Are you able to run your F# web project locally in IIS? If yes then you will definitely be able to run it on azure so I will recommend to test it in IIS Express first.
  Here are some other tips which you can refer or see If you are yet to do those settings
  1. Turn on the IIS Express - You can do it by navigating to project properties
  2. Install Dependent ASP.NET NuGets / Web Api dependencies (If there are any missing), Reference System.Web assembly
  Also I will suggest to refer this nice article about how to create a F# web Api project
  http://blog.ploeh.dk/2013/08/23/how-to-create-a-pure-f-aspnet-web-api-project/
  Hope this helps you.
  Bhushan | http://www.passionatetechie.blogspot.com | http://twitter.com/BhushanGawale

• Question on defining taglib in  web.xml

  I am using netbeans to develop a j2ee5 web application.
  I created a web application project using the wizard.
  When I defined a <taglib> in the web.xml, it detected an error.
  cvc-complex-type.2.4.a: Invalid content was found starting with element 'taglib'. One of '{"http://java.sun.com/xml/ns/javaee":description, "http://java.sun.com/xml/ns/javaee":display-name, "http://java.sun.com/xml/ns/javaee":icon, "http://java.sun.com/xml/ns/javaee":distributable, "http://java.sun.com/xml/ns/javaee":context-param, "http://java.sun.com/xml/ns/javaee":filter, "http://java.sun.com/xml/ns/javaee":filter-mapping, "http://java.sun.com/xml/ns/javaee":listener, "http://java.sun.com/xml/ns/javaee":servlet, "http://java.sun.com/xml/ns/javaee":servlet-mapping, "http://java.sun.com/xml/ns/javaee":session-config, "http://java.sun.com/xml/ns/javaee":mime-mapping, "http://java.sun.com/xml/ns/javaee":welcome-file-list, "http://java.sun.com/xml/ns/javaee":error-page, "http://java.sun.com/xml/ns/javaee":jsp-config, "http://java.sun.com/xml/ns/javaee":security-constraint, "http://java.sun.com/xml/ns/javaee":login-config, "http://java.sun.com/xml/ns/javaee":security-role, "http://java.sun.com/xml/ns/javaee":env-entry, "http://java.sun.com/xml/ns/javaee":ejb-ref, "http://java.sun.com/xml/ns/javaee":ejb-local-ref, "http://java.sun.com/xml/ns/javaee":service-ref, "http://java.sun.com/xml/ns/javaee":resource-ref, "http://java.sun.com/xml/ns/javaee":resource-env-ref, "http://java.sun.com/xml/ns/javaee":message-destination-ref, "http://java.sun.com/xml/ns/javaee":persistence-context-ref, "http://java.sun.com/xml/ns/javaee":persistence-unit-ref, "http://java.sun.com/xml/ns/javaee":post-construct, "http://java.sun.com/xml/ns/javaee":pre-destroy, "http://java.sun.com/xml/ns/javaee":message-destination, "http://java.sun.com/xml/ns/javaee":locale-encoding-mapping-list}' is expected.
  Here is my web.xml:
  <?xml version="1.0" encoding="UTF-8"?>
  <web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
  <welcome-file-list>
  <welcome-file>
  index.jsp
  </welcome-file>
  </welcome-file-list>
  <taglib>
  <taglib-uri>/mytag</taglib-uri>
  <taglib-location>/WEB-INF/mytag.tld</taglib-location>
  </taglib>
  </web-app>

  As of servlet 2.4 (jsp 2.0), you'll have to move the taglib declarations inside a <jsp_config> element.
  <jsp-config>
      <taglib> ..........your stuff
  </jsp-config>ram.

• Are Pre-defined roles available for Customizing Synchronization?

  Hello Guys,
  In the SAP Help for Solution Manager: <<http://help.sap.com/saphelp_sm40/helpdata/en/48/647e3ddf01910fe10000000a114084/content.htm>>
  it's mentioned that certain authorizations needs to be given for the involved people (admin & customizer), in both the SOLMAN & the component systems.
  Also, its said that the role Application Consultant has all authorizations which are needed to set-up the Customizing Distribution in the SAP Solution Manager system & the authorization profile S_CUS_CMP can be used in the component systems.
  But the AC role "SAP_SOL_AC_COMP" & "S_CUS_CMP" profile donot have all the necessary authorizations specified.
  E.g: Role SAP_SOL_AC_COMP doesnot have project creation authority, whereas S_CUS_CMP has only some authorizations.
  So my question is:
  Along with these two, are there any other roles/profiles which complete the gaps & are readily available for usage ?
  Last option would be to manually create & include the mentioned auth. objects.
  Thanks & Regards
  Chaitu

  Hello Chait,
  Regarding your two questions:
  1) There are seperate roles available for customizing purposes, please check note 803142 <i>Roles for satellite systems</i>. The note administration list an xls with the respective roles for customizing distribution and comparison, namely
  SAP_BC_CUS_ADMIN
  SAP_BC_CUS_CUSTOMIZER
  S_CUS_CMP
  2) What I can recommend is the quick reference for setting up Customizing Distribution which is also part of the help documentation
  http://help.sap.com/saphelp_sm40/helpdata/en/c4/533d4050d89523e10000000a1550b0/content.htm
  Regards,
  Doreen

• How to define role approver/owner - through condition id in ERM 10.0

  Hi All,
  We have created a BRF + rule for Role approver with Business Process & Function area by giving the Result value as Condition ID eg., Z001
  We have provided this condition ID Z001 - in Role Owners table [Under Set Up- Role Owners] and defined the role approver and assignment approver with the User details.
  Now when we are trying to create a role with the above attribute combination of Business Process & Function area - the role is not picking up the Role Owners automatically in Owners/Approver tab [In 5.3 we can maintain approval criteria where we can define the role owners/approvers based on different attributes].
  Are we missing any configuration setting here for auto pick up of Role Owners based on defined attributes from Role Owner table.
  Thanks and Best Regards,
  Srihari.K

  Hello All,
  Please help us , I am also struggling with same issue.
  Thanks in advance,
  Jagat