Assign Security Zone Permissions to Portal Role
Hi all
I have created a portal role, say 'ABC', in my folder and assigned some users to this role. Now I want to assign security zone permissions for this role, ABC. When I try to do so, I am not able to find this role under 'Assign New Permissions' of permissions editor.
What more do I need to do to get this role for assigning permissions?
I am using Netweaver 2004s.
I appreciate your answers with good points.
Thanks in advance
Tejo
HI Fabien
Thanks for the reply. I tried with wildcard search. I am not able to find that role. When I search for all roles in permissions editor I see some 32 roles. When I searched the number of roles in User Administration tab, there are 55 roles( 40 in Portal Role datasource and 15 in UME database datasource).
I can see my role in User Administration window, but not in Permission editor.
Thanks
Tejo
Similar Messages
-
Customizing Message "No portal roles are assigned for this user"?
Hello,
we would like to give the user some hint on who to speek with in case he has no portal roles assigned.
So we would like to customize the messaage "No portal roles are assigned for this user" to some customer spezific text or to redirekt to a customer specific iView.
I would appreciate any kind of hints.
Best regards,
Lutz RottmannHi,
Check these threads.
Customizing message "No portal roles are assigned for this user"
No portal roles are assigned for this user
Regards,
Harini S -
Cusomize message "No portal roles are assigned for this user"?
Hello,
we would like to give the user some hint on who to speek with in case he has no portal roles assigned.
So we would like to customize the messaage "No portal roles are assigned for this user" to some customer specific text or to redirect to a customer specific iView.
I would appreciate any kind of hints.
Best regards,
Lutz RottmannHi,
Check this thread.
Customizing message "No portal roles are assigned for this user"
No portal roles are assigned for this user
Regards,
Harini S -
Hi,
Can anyone explain in simple terms, what Security zone refers to. I went thru the Help materials and got to know that it adds an additional level of security. But where in real scenario's would I use this option. Mostly all my applciation will be launched thru iViews only rather than direct URL. Can anyone give a practical scenario.
Regards
Gandolf.Hi,
One mechanism for controlling access to portal components and services in the portal is via security zones, as follows:
1) Developers assign their components and services to a security zone, by specifying the security zone in the portalapp.xml.
2. Once the components and services are deployed to the portal, a portal administrator assigns permissions on the security zone. The permissions of a security zone control access to all components and services in that security zone
<b>Controlling Portal Component Access through iViews</b>
When an iView is launched by a user at runtime, the Portal Runtime (PRT) initially determines if the user is assigned end user permission to the role object containing the iView. If authorized, the user can view the iViews content.
Security zones offer an extra, but optional, layer of code-level security to iViews accessed through standard role-based assignment. When this functionality is activated, the PRT also checks if the user has been assigned end user permission to the iViews portal component in its designated security zone. Note that this check is performed after the end user permission to the iView has been approved. The user must pass both checks to view the iViews content
Hope this helps,
Regards,
Ameya -
Security Zones and portalapp.xml
On the page http://help.sap.com/saphelp_nw04/helpdata/en/25/85de55a94c4b5fa7a2d74e8ed201b0/content.htm
it says that the settings (security zone, permission) in the portalapp.xml defines who can access this application.
Then it says that PRT checks the users iView-permission and then optionally the security zone permission, depending on the setting of the parameter -Dcom.sap.nw.sz=true in the J2EE.
Question:
When this parameter is disabled (default), are the security zones just not checked when accessing an application throug an iView or also when they are accessed through direct URL?Hi Manuel,
I just checked it against our SP12 installation, with the same component, which has the same settings as yours:
> it can be run by any authenticated user
This at least does not hold for our portal installation. Each access with the given URL, called by an authenticated user which does not have one of the admin roles set within the security zones, ends with:
Access denied (Object: com.sap.portal.system/security/sap.com/NetWeaver.Portal/high_safety/com.sap.portal.runtime.system.console/components/ClusterAdminConsole)
The application permissions do not play a role here, these are for the iView wizards, which applications are to be chosen.
So, double check the user you are testing with; maybe the version is buggy?
> In the Security-Zone-Permissions
> ara:/security/sap.com/NetWeaver.Portal/high_safety/com.sap.portal.runtime.system.console
Under components/ClusterAdminConsole the same settings are to be found? (I expect it, but just to be sure.)
Hope it helps
Detlev -
Automate the assignment of iviews, pages, workset to role....
Hello Gurus,
We are using EP 7.0. Is there any tool available in EP 7.0 that will automate the assignment of different content objects, like assignments of iviews, pages and workset to role.
We want to assign large no. of iviews, pages,worksets etc. to diffrenent roles. Is there anything available that will help us to automate the assignment, rather than manually assign the objects to the role as it will be a huge task and time consuming.
Any help will be highly appreciated.
Regards
Deb
[Points guranteed for helpful answers]Hi Deb,
as far as I know there is no standard tool for mass assignment of content objects to portal roles. But you can easily develop your own solution. The folloowing sections of the SAP Library should be helpful:
<a href="http://help.sap.com/saphelp_nw2004s/helpdata/en/44/43863b2e641193e10000000a155369/frameset.htm">How PCD Lookups are Performed</a>
<a href="http://help.sap.com/saphelp_nw2004s/helpdata/en/44/726396278212d0e10000000a422035/frameset.htm">Working with Semantic Objects</a>
<a href="http://help.sap.com/saphelp_nw2004s/helpdata/en/44/703fd42043053ce10000000a1553f6/frameset.htm">Delta Links</a>
Best regards,
Martin -
Hello,
Is there a quick way of removing all users that are assigned directly to to a portal role (not in a group) other than by removing them one by one ? If not, is there a way to disable them without removing them from the role.
Regards,
Phil.user admin > identity management > search the role > click on assigned users tab > search all the users by using * > click on modify > now click on select all button > click on remove.
I think this is the way we can remove all the users can be deleted at a time assigned to a particular role
regards,
vv. -
hi all,
Hhow to set the security zone of a portal object? Could anyone please provide me with a step by step guide to set up the security zone.
Thanks for your help
regards
PriyaHi Priya,
Start with SMP, under the NetWeaver 04 Documentation site:
<a href="https://websmp107.sap-ag.de/nw04doc">NW 04 Documentation</a>
On the left, click on How-To Guides:
On the right, click on Portal, Knowledge Management and Collaboration.
Scoll down to "How to Use Security Zones in NW04 SPS09"...
I hope that this helps,
Judson -
New role created and Security zone.
When I create the new role and I need to set the properties for that role. Then after I try to add this role to user and have user test the access.
Why there are some error happen and I need to go to 'security zone' by follow path from the error, then my new role into security zone, then user can access without any problem.
Please anyone explain why do we need to add role again in security zone even though we already set the property to that role in 'content administration.' Please let me know the difference. Thank you very much.Hi,
Security Zones are used to prevent unauthorized users from accessing iviews, Portal Components and Portal Services through a direct url used outside of the portal environment. It will be controlled by means of progressive safety levels and permissions, which are assigned by the system administrators to authorized users in the permission editor.
Regards,
Saraswathi -
Error " no portal roles are assigned"
hi experts,
i am getting Error while opening portal page with user J2EE_ADMIN
it is netweaver 2004ssr2.Error is "no portal roles are assigned".
and this user has role "sap_j2ee_admin"o
Just after completed installation i tried to open portal page.but this error i am getting.
Please help me.
i will reward points for help.
thanks in advance,
regards,
raju.Hi,
Please make sure it has super admin role and objects are added to role and define entry points and portal permissions are defined which enables the delegation of administrative tasks and content in the portal environment.
Hope it helps.
Regards,
Mona -
Restoring Default Permissions - security zones & applications
Hi - We're running EP 6, SP 15
I have stupidly clicked the "reset child permissions" button on three top node folders in the System Admin > Permissions editor. Meaning, of course, that the initial login screen was disabled. While I appreciate how stupid this was and that I shouldn't have done it, does anyone know a quick way of restoiring the Applications, Portal Content and Security Zones folders back to the delivered settings? These are the three folders I reset child permissions on while trying to fix something else.(Doh!)
Chosen method at present is to look at another, untouched portal system,(QAS) use the audit list editor to compare the settings on all objects within these three folders.
This sounds like a fairly big job! Any pointers gratefully received.
Thanks very much
AndyHi Deepak thanks for the swift reply. The help is helpful, but I had already started looking in the help thanks to one of the two (thread ID 140252 - sap help link similar to yours)
thankfully this lists the default settings on the zones. the fix i have applied is to give the Everyone group pemissions READ and END USER at the folder level - is this what most people do? As I understand it the only problem is that Applications are directly accessible through the URL - Are there other issues I am missing?
Thanks again (yes I will come back and give points, once finished...!)
Andy -
Any way to remove Security Zone from portal?
Hi,
is it possible to somehow remove a Security Zone from portal? I know that security zones can be configured (craeated) by portal application developers in portalapp.xml file. However, when I undeploy such an application, I can still see it's security zone in "Permissions" editor. Is there any way to remove these unused security zones? I use EP 7.0.17.
Regards,
TomasHi Michael,
thank you, it seems that PCD Inspector is the right place. There is just one small problem: I located the unused security zone, marked it and clicked "Delete" button. I got following message:
"To use this function of the PCD Inspector, enter the 'super admin' permission key in the personalization dialog, which you can open by clicking the Personalize option in the main tray"
Problem is that I don't know what is the "'super admin' permission key" or where to find it. I can't find anything on this topic. Can anybody help me with this?
Regards,
Tomas -
No portal roles are assigned for this user.If this problem persists, contac
I am trying to access portal first time using j2ee_admin user. It is saying "No portal roles are assigned for this user.If this problem persists, contact your system administrator."
iam using abap+java enginee how config in abap enginne ,iwant which role to assign j2ee_admin user
i already asiigned sap_j2ee_admin,SAP_BC_JSF_COMMUNICATION,SAP_BC_JSF_COMMUNICATION_RO but it show same problem
please help me..
Edited by: Mugala Balu on Aug 7, 2010 5:53 PM
Edited by: Mugala Balu on Aug 8, 2010 7:48 AMBalu,
Well this issue has been discussed many a times in forums. You would have to point your data source to ABAP system.
Check this thread in [here|J2EE Failed to start , after changing UME datasource;.
Good Luck!
Sandeep Tudumu -
Hi All,
We have installed EP 7.0. The problem we are facing is : The "Portal Content" folder is not displayed under the "Browse Category" of content administration & system administration.
Why is it so? Do we need to add some other portal Roles to the user? If so.., which role we should add?
Also we are trying to add the portal role ID
" com.sap.pct.pdk.JavaDeveloper". But when we search for this role , we could not found this role. Whether the role has been renamed?
Kindly provide your suggestion on the above queries.
Regards,
Eben.Hi,
Re: How to create and assign role
Portal:How to assign a Folder to a Role in Protal
I hope the above links will help you,
Regards,
Harish -
Automating Portal Role Assignment
Hi Everyone,
At my project we are looking to automate the process of Portal Role assignment.
With our current design, a user initially logs into the ISA and ICSS Portal as an anonymous Portal user. To view all content the user will be required to register himself on the portal. Once the user registers himself, a user record is created on the backend CRM system. Now when he tries to log into the portal with his new username and password he gets a blank screen because he has no Portal Roles assigned to him.
We need need to create Portal Roles for each CRM user. The new Portal Role will be based on user type in the CRM system. Since we have several users logging in and creating new accounts, we need to automate this process of mapping a CRM user to an appropriate Portal Role and then actually creating the Portal Role on the Portal.
Has some one does this before or has an idea how to do this?
Any help will be really appreciated...
Thanks!
Muhammad Osman YousufHi Michael,
Thanks for the help so far. Do you think the following mappings would work with the solution you recommended?
On the CRM side we have CRM_ROLE_A, CRM_ROLE_B, and CRM_ROLE_C and on the Portal sider we have PORTAL_ROLE_A and PORTAL_ROLE_B.
All mappings given are possible...
CRM_ROLE_A = PORTAL_ROLE_A
CRM_ROLE_B = PORTAL_ROLE_A and PORTAL_ROLE_B
CRM_ROLE_C = PORTAL_ROLE_B
Thanks!
Muhammad Osman Yousuf
Maybe you are looking for
-
I have an airport extreme and express setup. My extreme is in my 2nd floor office with windows facing the water. My dock is about 250 ft away down a very steep hill. I have the express about 100 ft down the hill in an electrical waterproof box attach
-
Mac Mini i5/2.5GHz/4GB RAM MD387xx/A
Hello, I have this Mac Mini i5/2.5GHz/4GB RAM MD387xx/A, and I just want to know if I can put those RAM (16GB) in it. https://www.digitec.ch/de/s1/product/kingston-hyperx-impact-2x-8gb-ddr3-1600-sod imm-204-arbeitsspeicher-3229730?tagIds=76 Thanks
-
Where Can I find content for Final Cut Studio!
Hello, I had final cut studio on my program but I didn't know that it came with content. I threw the box away. Is there a way where I can get those content for the programs? Thanks
-
SXI_CACHE - Integration Directory Cache problem
hi im getting this on 001 but not xxx client. I id post installation also. i switch client 001 to another. while SXI_CACHE - Integration Directory Cache TC i can't see cache also manu option that adpter engine. Thanks Sachin
-
Hi experts , Runtime Errors UNCAUGHT_EXCEPTION Except. CX_FP_RUNTIME_USAGE Date and Time 17.09.2010 09: