Authorization and hierarchy management

Hi,
I would like to authorize a user to maintain a hierarchy with RSH1 but I would like to allow him to only access to a part (noed) of the hierarchy.
I though about 2 possible solutions but I don’t now if it’s possible:
- I can use the Authorization Object S_RS_HIER. Is it possible to allow access only to a noed (and subtree data) of a hierarchy with this Authorization Object ?
- I though about the “authorization with hierarchy” (and AO TCTAUTHH ) of transaction RSSM but I think that this functionality is only useful to control/filter data based on hierarchy from a particular cube but that it’s not done to control acces to the hierarchy itselve.
Do you think I am true?
Thank you for your help.
Best regards
J. Sorel

Nobody can help me please?
Many thanks
J sorel

Similar Messages

  • Learning SAP BW authorizations structure and hierarchy  -  concepts

    Hello Experts,
    I need a good document for learning Authorizations structuring and hierarchy in SAP BIW 3.5 . I am giving authorizations in BIW but do not hv conceptual nd fundamentalistic knowledge of SAP BW authorizations and its structure . Plz send a good document for learning BW authorizations .............................it may be an excerpt frm FU&FU guide. My Email Id is [email protected]
    A short but complete SAP BW fundamentalistic , concepts and structure & hierarchy covering document is appreciated.
    Requested to revert at earliest as this is very urgent.
    Points guaranteed.
    Regards,
    Somya

    Hi maheshwari ,
    Use these steps for authorizations,
    1.before going to authorizations u have to decide on which Infoobject u have to apply authorizations.
    EX: SD--- Sales Org, MM -> palnt ,purorg,FI> companycode.
    first u ahve to decide which area & on which Infoobject.
    2.goto that Infoobject --> change there check the checkbox Authorization relavent object cahechbox
    2.after that U Have to goto RSSM there u have to create authorization object
    Ex: Zxxx ( XXX is Infoobject Name ).
    3. In the same transaction Screen u have Infocube selection radio Button check that then select on which cube(cube means under that cube all Quaries) u have to make authorization for that perticuler Infoobject.
    4.next goto PFCG create role & save it
    5.goto Authorization tab in that selct edit authorization it will give automatiaclly authorization Templates in that u have to select only S_RS_RREPU & press Enter.
    6. Select manual pushbutton it will ask authorisation object enter ur authorization object what u have created ( zxxx) .
    7.click generate +enter
    8. goto user tab Enter userId+enter + click on usercomparision+ enter
    9.save the role.
    FOR HIRARCHIES:
    1. goto RSSM There u have one rediobutton called authorization hierarchy ( this radio button is very below the RSSM screen)
    2. there u have to select Hierachy on which u have to apply authorization.
    Thanks,
    kiran

  • Possible to combine Value and Hierarchy Authorizations?

    Hello Experts!
    Could anyone please tell me something about the interaction between value and hierarchy authorizations for the same info object?
    I created an authorization for an info object which makes use of both in some queries. But if you activate a hierarchy in query designer, the value authorizations seem not to work anymore. Instead the hierarchy authorizations restrict the analysis result. I get datasets in the result without having the corresponding value authorizations.
    Is there a way to ONLY use value authorizations which also work if you activate a hierarchy on an info object???
    Thanks in advance.....
    Bye,
    Joerg

    No you can't. GRE is only designed to carry routing protocols and multicast traffic over VPNs.
    It is also bad design practise to design a network that carry's L2 vlan's over a WAN or internet link.
    You have to ask yourself why you would want to carry VLANs over VPNs?
    Hope this helps.

  • Manage BOBJ folder authorization with Solution Manager

    Hi Expert,
    At first I'll speak about our landscape, it include SAP BW as DWH, BO 4.1 for WEBI reporting (it is a migration project, the universes are connected to the infocube BW) and solution manager as central system for the monitoring and authorization management.
    I'm new on BO, and I'm facing this question: is it possible with abap role Sol Man to manage the authorization for the folders on BOBJ launch pad?
    I'm thinking if it is possible to create an abap role with menu hierarchy, and to import this into BOBJ (like with enterprise portal) in order to post the webi report into a specific folder with it's own authorization roles.
    I know that it's possible to import abap role from BW to BO, so it should be possible also from sol man, but this concerns the 'data' authorization.
    has anyone faced this issue?
    Thank you in advance.
    Lucia

    Unfortunately, this is not possible and big limitation regarding the integration with BO and BW. You need to import the rolesand assign them to folders manually...
    You could automate it if you know SDK but you will have to evaluate if it's worth the effort

  • What is the Purpose of Account  Hierarchy Manager

    Dear Members
    Advantages of Account Hierarchy Manager.
    Regards
    Padarthy

    Hi,
    You question is answered in "Oracle General Ledger User Guide", Chapter 7 - The Account Hierarchy Manager.
    Applications Releases 11i and 12
    http://www.oracle.com/technology/documentation/applications.html
    Regards,
    Hussein

  • Discuss Identity and Access Management in the Cloud

    Identity and access management in the cloud refers to the processes, technologies, and policies for managing cloud systems identities and controlling how these identities can be used to access cloud resources. Three separate processes are used in most cloud
    identity and access management solutions:
    Identity provisioning and storage
    Authentication
    Authorization
    Identity management in a cloud system requires a complex collection of technologies to manage authentication, authorization and access control across distributed environments. These environments might include assets both on the internal cloud, which would
    be an on-premises private cloud, and services accessed on the public cloud. These environments can also cross-security domains, as when two enterprise-level organizations collaborate and enable cross-domain access to users from the partner security domain.
    You can learn more about these topics in the article Identity and Access Management in the Cloud.
    Let's talk about that article and the topics of identity and access management in the cloud! Use this thread to get it started.
    Thanks!
    Tom
    Learn more about Private Cloud at the
    Private Cloud Solutions Hub

    Tom,
    I am a novice and attempting to achieve a proof of concept of single sign on.  One example I read stated one should install Identity and Access on VS2012.  I did this on two different machines.   One was in the office domain and it shows the
    item "Identity and Access..." in the context menu of the MVC project I created.  The other machine is my laptop.  I followed the same procedure that worked on the desktop, yet the Identity and Access item in the project context menu does not show.
     One difference is that the laptop is not part of a domain, but I am attempting this proof of concept in Windows Azure with the laptop, since we do not have a test AD in our corporate domain.
    Is this the right forum to inquire about this issue?  Do you have a recommendation about a better forum?
    Stephen Pidgeon

  • CRMD_ORDER: how to set default values for Requester and Change Manager

    Hello Folks,
    how do I set default values in TA crmd_order?
    I drew my organizational hierarchy using TAs bp and ppoma_crm.
    When a new Change Request (e. g. SDHF) is created, I want the four roles (Requester, Change Manager, IT Operator and Developer) to be set automatically, not manually.
    Both Requester (= Key User) and Change Manager are derivable. I did not find anything in SPRO neither in the OSS neither here.
    Points will be rewarded as a matter of course!
    Thanx in advance!

    Hi Dirk,
    look for Define Access Sequence & Define Partner Determination Procedure in SPRO and read the IMG Activity Documentation. You can find it in the Service Desk config, but it works for the other transaction types too.
    Basically, you create Access Sequences where you tell the Partner Determination Procedure where to look for the values for the Partner Function fields.
    The Access Sequence can use lots of sources for the information, including your org structure.
    regards,
    Jason

  • Login and Content Management Portlets in 8.1 SP2 Portal app

    Hi all,
    1. Create a portal domain in 8.1 SP2.
    2. Create a portal app , web , import the portlets ( Login and content
    management ) and relevant files and start the server. No exceptions.
    3. Page 1 - >Login portlet Login into the portal with success
    message
    4. Page 2 - >Content Portlet Click on the page to browse the
    contents
    5. For the first time, I am getting this exception
    javax.transaction.TransactionRolledbackException: EJB Exception: :
    java.lang.NullPointerException
    at $Proxy1.haveCurrent(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at
    sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39
    at
    sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl
    .java:25)
    at java.lang.reflect.Method.invoke(Method.java:324)
    at
    com.bea.p13n.usermgmt.AtnProviderProxy$Runner.run(AtnProviderProxy.java:113)
    at
    weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubjec
    t.java:353)
    at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:144)
    at com.bea.p13n.usermgmt.AtnProviderProxy.invoke(AtnProviderProxy.java:84)
    at $Proxy12.haveCurrent(Unknown Source)
    at
    com.bea.p13n.usermgmt.internal.GroupManagerImpl.getGroupNamesForUser(GroupMa
    nagerImpl.java:962)
    at
    com.bea.p13n.usermgmt.internal.GroupManager_hq5p2c_EOImpl.getGroupNamesForUs
    er(GroupManager_hq5p2c_EOImpl.java:46)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at
    sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39
    at
    sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl
    .java:25)
    at java.lang.reflect.Method.invoke(Method.java:324)
    at
    com.bea.wlw.runtime.core.control.EJBControlImpl.invoke(EJBControlImpl.jcs:60
    4)
    at
    com.bea.wlw.runtime.core.dispatcher.DispMethod.invoke(DispMethod.java:373)
    at com.bea.wlw.runtime.core.container.Invocable.invoke(Invocable.java:423)
    at com.bea.wlw.runtime.core.container.Invocable.invoke(Invocable.java:396)
    at com.bea.wlw.runtime.jcs.container.JcsProxy.invoke(JcsProxy.java:389)
    at $Proxy11.getGroupNamesForUser(Unknown Source)
    at
    com.bea.p13n.controls.userInfoQuery.UserInfoControlImpl.getGroupNamesForUser
    (UserInfoControlImpl.jcs:152)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at
    sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39
    at
    sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl
    .java:25)
    at java.lang.reflect.Method.invoke(Method.java:324)
    at
    com.bea.wlw.runtime.core.dispatcher.DispMethod.invoke(DispMethod.java:367)
    at com.bea.wlw.runtime.core.container.Invocable.invoke(Invocable.java:423)
    at com.bea.wlw.runtime.core.container.Invocable.invoke(Invocable.java:396)
    at com.bea.wlw.runtime.core.container.Invocable.invoke(Invocable.java:248)
    at
    com.bea.wlw.runtime.jcs.container.JcsContainer.invoke(JcsContainer.java:84)
    at
    com.bea.wlw.runtime.core.bean.BaseContainerBean.invokeBase(BaseContainerBean
    .java:198)
    at
    com.bea.wlw.runtime.core.bean.SLSBContainerBean.invoke(SLSBContainerBean.jav
    a:103)
    at
    com.bea.wlwgen.StatelessContainer_nni20l_ELOImpl.invoke(StatelessContainer_n
    ni20l_ELOImpl.java:99)
    at
    com.bea.wlwgen.p13controlsSLSBContAdpt.invokeOnBean(p13controlsSLSBContAdpt.
    java:59)
    at
    com.bea.wlw.runtime.core.bean.BaseDispatcherBean.runAsInvoke(BaseDispatcherB
    ean.java:153)
    at
    com.bea.wlw.runtime.core.bean.BaseDispatcherBean.invoke(BaseDispatcherBean.j
    ava:54)
    at
    com.bea.wlw.runtime.core.bean.SyncDispatcherBean.invoke(SyncDispatcherBean.j
    ava:160)
    at
    com.bea.wlw.runtime.core.bean.SyncDispatcher_k1mrl8_EOImpl.invoke(SyncDispat
    cher_k1mrl8_EOImpl.java:100)
    at
    com.bea.wlw.runtime.core.dispatcher.Dispatcher.remoteDispatch(Dispatcher.jav
    a:161)
    at
    com.bea.wlw.runtime.core.dispatcher.ServiceHandleImpl.invoke(ServiceHandleIm
    pl.java:414)
    at
    com.bea.wlw.runtime.core.dispatcher.WlwProxyImpl._invoke(WlwProxyImpl.java:2
    75)
    at
    com.bea.wlw.runtime.core.dispatcher.WlwProxyImpl.invoke(WlwProxyImpl.java:26
    4)
    at $Proxy9.getGroupNamesForUser(Unknown Source)
    at portlets.content.contentController.begin(contentController.jpf:801)
    at sun.reflect.GeneratedMethodAccessor160.invoke(Unknown Source)
    at
    sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl
    .java:25)
    at java.lang.reflect.Method.invoke(Method.java:324)
    at
    com.bea.wlw.netui.pageflow.FlowController.invokeActionMethod(FlowController.
    java:1504)
    at
    com.bea.wlw.netui.pageflow.FlowController.getActionMethodForward(FlowControl
    ler.java:1430)
    at
    com.bea.wlw.netui.pageflow.FlowController.internalExecute(FlowController.jav
    a:761)
    at
    com.bea.wlw.netui.pageflow.PageFlowController.internalExecute(PageFlowContro
    ller.java:211)
    at
    com.bea.wlw.netui.pageflow.FlowController.execute(FlowController.java:591)
    at
    org.apache.struts.action.RequestProcessor.processActionPerform(RequestProces
    sor.java:484)
    at
    org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:274)
    at
    com.bea.wlw.netui.pageflow.PageFlowRequestProcessor.process(PageFlowRequestP
    rocessor.java:651)
    at
    com.bea.wlw.netui.pageflow.AutoRegisterActionServlet.process(AutoRegisterAct
    ionServlet.java:527)
    at
    com.bea.wlw.netui.pageflow.PageFlowActionServlet.process(PageFlowActionServl
    et.java:152)
    at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:507)
    at
    com.bea.wlw.netui.pageflow.PageFlowUtils.strutsLookup(PageFlowUtils.java:152
    5)
    at
    com.bea.netuix.servlets.controls.content.PageflowContent.preRender(PageflowC
    ontent.java:379)
    at com.bea.netuix.nf.ControlLifecycle$6.visit(ControlLifecycle.java:388)
    at
    com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker
    .java:619)
    at
    com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker
    .java:630)
    at
    com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker
    .java:630)
    at
    com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker
    .java:630)
    at
    com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker
    .java:630)
    at
    com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker
    .java:630)
    at
    com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker
    .java:630)
    at
    com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker
    .java:630)
    at
    com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker
    .java:630)
    at
    com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker
    .java:630)
    at
    com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker
    .java:630)
    at
    com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker
    .java:630)
    at
    com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker
    .java:630)
    at
    com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker
    .java:630)
    at
    com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker
    .java:630)
    at com.bea.netuix.nf.ControlTreeWalker.walk(ControlTreeWalker.java:137)
    at com.bea.netuix.nf.Lifecycle.runOutbound(Lifecycle.java:220)
    at com.bea.netuix.nf.Lifecycle.run(Lifecycle.java:158)
    at
    com.bea.netuix.servlets.manager.UIServlet.runLifecycle(UIServlet.java:357)
    at com.bea.netuix.servlets.manager.UIServlet.service(UIServlet.java:198)
    at
    com.bea.netuix.servlets.manager.PortalServlet.service(PortalServlet.java:559
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
    at
    weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(Servle
    tStubImpl.java:971)
    at
    weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java
    :402)
    at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:28)
    at
    weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
    at
    com.bea.p13n.servlets.PortalServletFilter.doFilter(PortalServletFilter.java:
    313)
    at
    weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
    at
    weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(W
    ebAppServletContext.java:6356)
    at
    weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubjec
    t.java:317)
    at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:118)
    at
    weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletCo
    ntext.java:3635)
    at
    weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java
    :2585)
    at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:197)
    at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:170)
    ; nested exception is:
    java.lang.NullPointerException
    6. But when i go to search tab and come back to browse tab , every thing
    seems to be normal and I can see the repository hierarchy
    Karthi.

    Sorry I forgot to add this information to my previous post.
    Please note that I am using RDBMS Authenticator in 8.1 SP2 with oracle 9.2.0
    and the set up is very fine with no problem. Order of the Authenticator
    changed with RDBMS Authenticator as the first one.
    Thanks,
    Karthi
    "Karthi" <[email protected]> wrote in message
    news:[email protected]...
    Hi all,
    1. Create a portal domain in 8.1 SP2.
    2. Create a portal app , web , import the portlets ( Login and content
    management ) and relevant files and start the server. No exceptions.
    3. Page 1 - >Login portlet Login into the portal with success
    message
    4. Page 2 - >Content Portlet Click on the page to browse the
    contents
    5. For the first time, I am getting this exception
    javax.transaction.TransactionRolledbackException: EJB Exception: :
    java.lang.NullPointerException
    at $Proxy1.haveCurrent(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at
    sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39
    at
    sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl
    .java:25)
    at java.lang.reflect.Method.invoke(Method.java:324)
    at
    com.bea.p13n.usermgmt.AtnProviderProxy$Runner.run(AtnProviderProxy.java:113)
    at
    weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubjec
    t.java:353)
    atweblogic.security.service.SecurityManager.runAs(SecurityManager.java:144)
    at com.bea.p13n.usermgmt.AtnProviderProxy.invoke(AtnProviderProxy.java:84)
    at $Proxy12.haveCurrent(Unknown Source)
    at
    com.bea.p13n.usermgmt.internal.GroupManagerImpl.getGroupNamesForUser(GroupMa
    nagerImpl.java:962)
    at
    com.bea.p13n.usermgmt.internal.GroupManager_hq5p2c_EOImpl.getGroupNamesForUs
    er(GroupManager_hq5p2c_EOImpl.java:46)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at
    sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39
    at
    sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl
    .java:25)
    at java.lang.reflect.Method.invoke(Method.java:324)
    at
    com.bea.wlw.runtime.core.control.EJBControlImpl.invoke(EJBControlImpl.jcs:60
    4)
    at
    com.bea.wlw.runtime.core.dispatcher.DispMethod.invoke(DispMethod.java:373)
    at com.bea.wlw.runtime.core.container.Invocable.invoke(Invocable.java:423)
    at com.bea.wlw.runtime.core.container.Invocable.invoke(Invocable.java:396)
    at com.bea.wlw.runtime.jcs.container.JcsProxy.invoke(JcsProxy.java:389)
    at $Proxy11.getGroupNamesForUser(Unknown Source)
    at
    com.bea.p13n.controls.userInfoQuery.UserInfoControlImpl.getGroupNamesForUser
    (UserInfoControlImpl.jcs:152)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at
    sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39
    at
    sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl
    .java:25)
    at java.lang.reflect.Method.invoke(Method.java:324)
    at
    com.bea.wlw.runtime.core.dispatcher.DispMethod.invoke(DispMethod.java:367)
    at com.bea.wlw.runtime.core.container.Invocable.invoke(Invocable.java:423)
    at com.bea.wlw.runtime.core.container.Invocable.invoke(Invocable.java:396)
    at com.bea.wlw.runtime.core.container.Invocable.invoke(Invocable.java:248)
    at
    com.bea.wlw.runtime.jcs.container.JcsContainer.invoke(JcsContainer.java:84)
    at
    com.bea.wlw.runtime.core.bean.BaseContainerBean.invokeBase(BaseContainerBean
    .java:198)
    at
    com.bea.wlw.runtime.core.bean.SLSBContainerBean.invoke(SLSBContainerBean.jav
    a:103)
    at
    com.bea.wlwgen.StatelessContainer_nni20l_ELOImpl.invoke(StatelessContainer_n
    ni20l_ELOImpl.java:99)
    at
    com.bea.wlwgen.p13controlsSLSBContAdpt.invokeOnBean(p13controlsSLSBContAdpt.
    java:59)
    at
    com.bea.wlw.runtime.core.bean.BaseDispatcherBean.runAsInvoke(BaseDispatcherB
    ean.java:153)
    at
    com.bea.wlw.runtime.core.bean.BaseDispatcherBean.invoke(BaseDispatcherBean.j
    ava:54)
    at
    com.bea.wlw.runtime.core.bean.SyncDispatcherBean.invoke(SyncDispatcherBean.j
    ava:160)
    at
    com.bea.wlw.runtime.core.bean.SyncDispatcher_k1mrl8_EOImpl.invoke(SyncDispat
    cher_k1mrl8_EOImpl.java:100)
    at
    com.bea.wlw.runtime.core.dispatcher.Dispatcher.remoteDispatch(Dispatcher.jav
    a:161)
    at
    com.bea.wlw.runtime.core.dispatcher.ServiceHandleImpl.invoke(ServiceHandleIm
    pl.java:414)
    at
    com.bea.wlw.runtime.core.dispatcher.WlwProxyImpl._invoke(WlwProxyImpl.java:2
    75)
    at
    com.bea.wlw.runtime.core.dispatcher.WlwProxyImpl.invoke(WlwProxyImpl.java:26
    4)
    at $Proxy9.getGroupNamesForUser(Unknown Source)
    at portlets.content.contentController.begin(contentController.jpf:801)
    at sun.reflect.GeneratedMethodAccessor160.invoke(Unknown Source)
    at
    sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl
    .java:25)
    at java.lang.reflect.Method.invoke(Method.java:324)
    at
    com.bea.wlw.netui.pageflow.FlowController.invokeActionMethod(FlowController.
    java:1504)
    at
    com.bea.wlw.netui.pageflow.FlowController.getActionMethodForward(FlowControl
    ler.java:1430)
    at
    com.bea.wlw.netui.pageflow.FlowController.internalExecute(FlowController.jav
    a:761)
    at
    com.bea.wlw.netui.pageflow.PageFlowController.internalExecute(PageFlowContro
    ller.java:211)
    at
    com.bea.wlw.netui.pageflow.FlowController.execute(FlowController.java:591)
    at
    org.apache.struts.action.RequestProcessor.processActionPerform(RequestProces
    sor.java:484)
    at
    org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:274)
    at
    com.bea.wlw.netui.pageflow.PageFlowRequestProcessor.process(PageFlowRequestP
    rocessor.java:651)
    at
    com.bea.wlw.netui.pageflow.AutoRegisterActionServlet.process(AutoRegisterAct
    ionServlet.java:527)
    at
    com.bea.wlw.netui.pageflow.PageFlowActionServlet.process(PageFlowActionServl
    et.java:152)
    at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:507)
    at
    com.bea.wlw.netui.pageflow.PageFlowUtils.strutsLookup(PageFlowUtils.java:152
    5)
    at
    com.bea.netuix.servlets.controls.content.PageflowContent.preRender(PageflowC
    ontent.java:379)
    at com.bea.netuix.nf.ControlLifecycle$6.visit(ControlLifecycle.java:388)
    at
    com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker
    .java:619)
    at
    com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker
    .java:630)
    at
    com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker
    .java:630)
    at
    com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker
    .java:630)
    at
    com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker
    .java:630)
    at
    com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker
    .java:630)
    at
    com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker
    .java:630)
    at
    com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker
    .java:630)
    at
    com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker
    .java:630)
    at
    com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker
    .java:630)
    at
    com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker
    .java:630)
    at
    com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker
    .java:630)
    at
    com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker
    .java:630)
    at
    com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker
    .java:630)
    at
    com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker
    .java:630)
    at com.bea.netuix.nf.ControlTreeWalker.walk(ControlTreeWalker.java:137)
    at com.bea.netuix.nf.Lifecycle.runOutbound(Lifecycle.java:220)
    at com.bea.netuix.nf.Lifecycle.run(Lifecycle.java:158)
    at
    com.bea.netuix.servlets.manager.UIServlet.runLifecycle(UIServlet.java:357)
    at com.bea.netuix.servlets.manager.UIServlet.service(UIServlet.java:198)
    at
    com.bea.netuix.servlets.manager.PortalServlet.service(PortalServlet.java:559
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
    at
    weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(Servle
    tStubImpl.java:971)
    at
    weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java
    :402)
    at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:28)
    at
    weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
    at
    com.bea.p13n.servlets.PortalServletFilter.doFilter(PortalServletFilter.java:
    313)
    at
    weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
    at
    weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(W
    ebAppServletContext.java:6356)
    at
    weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubjec
    t.java:317)
    atweblogic.security.service.SecurityManager.runAs(SecurityManager.java:118)
    at
    weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletCo
    ntext.java:3635)
    at
    weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java
    :2585)
    at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:197)
    at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:170)
    ; nested exception is:
    java.lang.NullPointerException
    6. But when i go to search tab and come back to browse tab , every thing
    seems to be normal and I can see the repository hierarchy
    Karthi.

  • Administration Portal user and group managent performace issue

    Hi
    I have implemented a custom IPlanet LDAP authentication provider which provides
    a realization for the needed authentication, group and user management interfaces
    (UserReader, UserEditor, GroupReader, GroupEditor).
    The authentication provider itself seems to work fine, but I think I found a possible
    performance problem in the WebLogic Administration Portal, when I studied the
    authentication framework by remote debugging. Response times (with just one simultaneous
    user) are quite long (over 8 seconds) with 40 groups on the same hierarchy level
    on the Users, Groups and Roles tree. I'm developing with P4 processor and 1 Gb
    ram (512 Mb allocated for WLS)
    After little debugging I found out that every time a node in the group tree is
    dlicked isMember() method of the authentication provider gets called n * (n -1)
    times, where n is the number of visible groups in the hierachy tree. '
    What happens is that for each group, the membership of all the other visible groups
    is checked by the isMember(group, member, recursive), method call. Even the usage
    of a membership cache in this point didn't speed up the rendering noticeably.
    By placing a break point in the isMember() method and studying the call stack,
    one can see that all the isMember() calls are made during the rendering performed
    by the ControlTreeWalker. For example if there is 40 groups visible in the tree,
    the isMember() method gets called 1600 times. This seems quite heavy. With a
    small number of groups per hierarchy level this problem might not be serious,
    but in case where there would be over 30 000 customer companies using the portal
    and each having their own user groups, it could be an issue.
    The problem does not occur with WebLogic console and browsing of groups and users
    (using the same authentication provider) is fast with it. When a user is selected
    from the user list and the Groups tab is checked, the Possible Groups and Current
    Groups list boxes will get populated. When debugging this sequence, one can see
    that only the listGroups() method of the authentication provider is called once
    per list box and the order of method calls is of order n (rather than n^2 which
    is the case with the Administrator Portal).
    Has anyone had similar problems with Administrator Portal's performance?
    Ville

    Ville,
    You're correct about the performance degradation issue. This is being
    addressed in SP2.
    Thanks,
    Phil
    "Ville" <[email protected]> wrote in message
    news:[email protected]...
    >
    Hi
    I have implemented a custom IPlanet LDAP authentication provider whichprovides
    a realization for the needed authentication, group and user managementinterfaces
    (UserReader, UserEditor, GroupReader, GroupEditor).
    The authentication provider itself seems to work fine, but I think I founda possible
    performance problem in the WebLogic Administration Portal, when I studiedthe
    authentication framework by remote debugging. Response times (with justone simultaneous
    user) are quite long (over 8 seconds) with 40 groups on the same hierarchylevel
    on the Users, Groups and Roles tree. I'm developing with P4 processor and1 Gb
    ram (512 Mb allocated for WLS)
    After little debugging I found out that every time a node in the grouptree is
    dlicked isMember() method of the authentication provider gets called n *(n -1)
    times, where n is the number of visible groups in the hierachy tree. '
    What happens is that for each group, the membership of all the othervisible groups
    is checked by the isMember(group, member, recursive), method call. Eventhe usage
    of a membership cache in this point didn't speed up the renderingnoticeably.
    >
    By placing a break point in the isMember() method and studying the callstack,
    one can see that all the isMember() calls are made during the renderingperformed
    by the ControlTreeWalker. For example if there is 40 groups visible inthe tree,
    the isMember() method gets called 1600 times. This seems quite heavy.With a
    small number of groups per hierarchy level this problem might not beserious,
    but in case where there would be over 30 000 customer companies using theportal
    and each having their own user groups, it could be an issue.
    The problem does not occur with WebLogic console and browsing of groupsand users
    (using the same authentication provider) is fast with it. When a user isselected
    from the user list and the Groups tab is checked, the Possible Groups andCurrent
    Groups list boxes will get populated. When debugging this sequence, onecan see
    that only the listGroups() method of the authentication provider is calledonce
    per list box and the order of method calls is of order n (rather than n^2which
    is the case with the Administrator Portal).
    Has anyone had similar problems with Administrator Portal's performance?
    Ville

  • Authorization log / Hierarchy node in SQL format

    Hi!
    I execute rsudo on a restricted user and the authorization log tells me that this fails because the user is not authorized for "Content(in SQL format): Node 5 8 0 31 E"
    Now how do I translate this sql format into something I can read? I've looked through the hierachy tables for the relevant characteristic but I can only identify 31 as the hierarchy sid and E as the version.

    Vice -
    We had to do basically the same thing for 0CRM_TR hierarchy, but our steps were a little different since we are on BI 7.0 - 2004S.
    We also had to limit the users visibility to data from certain nodes and below on the hierarchy. 
    1st, we made the 0CRM_TR object auth releveant. 
    2nd, we created an analysis authorization for the object via transaction code RSECADMIN.  In the transaction we had to specify the Hierarchy variable name that would be used in Queries.  We then selected the node (GUID) where we wanted the authorizaion to take place.  We set the Type Auth to 1(subtree and below) and Hierarchy Validity Area as 2(Name Identical).  We set it to 2 since the Hierarchy would always be loaded in the same name.

  • Cockpit - authorizations with hierarchy

    Hello,
    I have a problem in a cockpit, and it is relating to authorizations with hierarchy.
    I have an object of authorization already defined with certain criteria (bucket and node of the jerarquiaa that only I want that agrege deposit a user) this object in a rol, unitedly with a profile of visualizing the cockpit. When I enter with the user to visualize the cockpit I enter to all the nodes, my question is: Why not respecting my authorization for the node of the hierarchy that alone I want to show?
    thank you.
    Mike

    listo ya quedo

  • DAP and Delegated Management

    Hi,
    I am starting learning DAP, Mandated DAP and delegated management but it is bit tricky and i could not get them fully.
    Mandated DAP Verification allows a Controlling Authority to own a Security Domain that always requires to
    authorize a load process. This ensures that only Load File Data Blocks authorized by the Controlling Authority
    may be loaded on cards that contain this Security Domain.
    DAP Verification allows an Application Provider to own a Security Domain that requires authorizing a load
    process. This ensures that when associating a Load File to this Security Domain, the Application Provider must
    have authorized the Load File Data Block. This authorization may also serve as a means for a Security Domain to
    control the access to some of its services.
    Delegated Management allows Application Providers to perform Card Content changes (load, install and
    extradite) with pre-authorization from the Card Issuer. Applications Providers can also delete Executable Load
    Files and Applications associated to their on-card Security Domains without pre-authorization from the Card
    Issuer.Above is the text i have copied from GP2.2 and need assistance in it's understanding.
    Can anybody explains their usage, implementation and purpose ?
    Thank you,
    Regards

    DAP is a way to have a trusted party sign your applet code so that it can be verified by the card when you load your cap files. There is a public key in the SD that handles verification that will verify the signature from a secure private key.
    Mandated DAP means that all code loaded onto the SD must have a DAP signature.
    Delegated management is a way to give a trusted third party a token that they can use to load and install applications onto an SE. They can only load and install what they have tokens for.
    - Shane

  • How do I keep my downloaded content on my iPhone 4 when connectng to iTunes? It says erase and sync. I want to keep what I have downloaded, and manually manage contend on iTunes. Can I do this without it saying erase and sync?

    How do I keep my downloaded content on my iPhone 4 when connectng to iTunes? It says erase and sync. I want to keep what I have downloaded, and manually manage contend on iTunes. Can I do this without it saying erase and sync?

    No backup? Never a good idea to not maintain a backup of your important data. If you do not have a backup, follow these instructions:
    By design, the iphone will sync itunes content with one computer at a time. Any attempt to sync such content with a second computer will result in ALL itunes content being first erased from your phone & then replaced with the content from the second computer. This is a design feature and cannot be overridden. Because you formatted your computer, your phone, will see your computer as a "new" computer. The itunes content sync is one way: computer to phone. If you have photos that were synced to your phone or music ripped on your own that were not backed up, you will first have to extract them from your phone using third party software, before you do anything else:
    http://www.wideanglesoftware.com/touchcopy/index.php
    Once you've done that, do the following in the order specified:
    1. Disable auto sync when an ipod/iphone is connected under preferences in itunes(under the edit menu).
    2. Make sure you have one contact & one event in whatever supported applications you use for contact & calendar syncing. These entries can be fake, doesn't matter, the important point is that these programs not be empty.
    3. Connect your phone, itunes running, do not sync at this point.
    4. Store>Authorize this computer.
    5. File>Transfer Purchases(To make sure all purchased content on your phone will be in your itunes library).
    6. Right click in the device pane & select reset warnings.
    7. Right click again and select backup.
    8. Right click again & select restore from backup, select the backup you just made. When prompted to create another backup, decline.
    9. This MUST be followed by a sync to restore your itunes content, which you select from the various tabs, You'll get a popup regarding your contacts & calendars asking to merge or replace, select merge.
    That's as good as it gets without a backup of your itunes library and other important data..

  • Difference between Identity Manager and Access Manager

    hi,
    Can any body tell me the difference between Identity manager and Access Manager.
    thanks in advance
    regards
    dhawanmayur

    Access Manager is for access control (web authentication, authorization), Identity Manager is for identity (userid,profile,role, password etc) provision/management across multi resources (such as unix, active directory, peoplesoft, SAP) etc.

  • Authorize and authenticate user

    Hi,
    I understand the difference between authorization and authentication but most tools use a single or similar class to do both.
    Oracle seems to use BPMAuthorizationService to authorize using "jazn.com" and IWorkflowContext to authenticate an user.
    Please see the queries below and help me understand the rational behind using them.
    What is this ShortHistoryTaskType?
    Thanks,
    BPMAuthorizationService
    BPMAuthorizationService bpmAuthServ = wfSvcClient.getAuthorizationService
    ("jazn.com");
    IWorkflowServiceClient
    IWorkflowContext ctx = // Use default realm
                   querySvc.authenticate("bpeladmin", "welcome1", "jazn.com",null);
    Edited by: me_sun on Jul 8, 2009 10:31 AM

    can you confirm if you are using getActions or getAction API
    Also you may want to enable "Allow Management Operations" in AccessGate configuration in oamconsole
    what is exception you get while invoking api
    hope this helps

Maybe you are looking for

  • How can I change the color of a title bar?

    Ok, I have been looking for this answer for over a week now and nobody has yet given me an answer that works. So I am going to ask again. Here is a piece of code you can run to see what I am trying to do: public class RemoteDisplayFrame extends JFram

  • Cant move my stuff from an external harddrive!

    i have a windows laptop with a hard drive i have used for a while. all my pictures an videos are on that external hard drive. i recently just bouht a macbook and tried to move my files from the eternal harddrive onto my macbook. but it wouldnt let me

  • OpenDocument.aspx - pass multi value parameter when report type is actx

    We are running Crystal Reports XI R2 against a business objects infoview server. We have been successfully using the OpenDocuments method for opening crystal reports but have run into a snag.  When using a multi-value parameter, we can only get it to

  • Flash Player not installing for IE8

    I'm trying to install Flash Player into my IE8, but when I go to "Get Adobe Flash Player", it brings up a page saying "Sorry Adobe® Flash® Player is not available from Adobe.com for your device's operating system or browser." I checked the 'supported

  • Share script about ocsg & weblogic

    111setConnEnv.sh : #!/bin/bash # Set the general domain environment. . ~/ocsgCourse/domains/labDomain/bin/setDomainEnv.sh # The setDomainEnv script changes the working directory. # Use popd to jump back to where we were. popd # Set general environmen