Authorization variables not filled up in Bex Portfolio

Similar Messages

• Hierarchy authorization variable not filled

  Hi experts,
  I'm trying to give users access to their node in the 0COSTCENTER hierarchy using a variable $VARHCECO in a authotitazion object. This object has 0COSTCENTER equal to ' ' and 0TCTAUTHH equal to $VARHCECO. In the report variable customer exit this variable is filled in the I_STEP = 0 with the information that is stored in a ODS. Each user only can view his/her subtree cost centers.
  Finally, in the query, a authorization variable is used in order to choose the nodes that the user has authorization.
  The problem is that in runtime, neither the variable VARHCECO nor the I_STEP = 0 is reached because the customer exit is only called for i_VNAME blank and I_STEP = 3. As a consequence, I get an authorization error because of the variable is never filled.
  How can I manage for the customer exit is called for variable VARHCECO and I_STEP = 0?
  Many thanks in advance,
  David Moreno

  Hi David,
  We have handled a similar scenario (not for cost center but for Organization Unit hierarchy) in a different way. Instead of using authorization object, we have defined a variable through customer exit.
  The flow goes like this. You define a variable for which the values get filled up through customer exit. User do not have the flexibiity pass any values to this variable. It by default goes to the master, Picks up the Organization unit, he is assigned to, calls the function module which identifies the nodes under that Org unit hierarchy.. Passes the list of Org_units to e_t_range.
  By this he can by default see all objects/employees under his org unit and the Hierarchy below that only.
  Trust this helps.
  Thanks n Regards
  Meyyappan

• Authorization variable not filled with authorization values

  Hello All
  I post a similar message earlier this week, I thought that my issue was solved, but it was not.
  I've got a workbook with 4 differents queries.
  There as an authorizations variable in each query. This variable properties is as follows :
  **General tab**
  Type of variable : characteristic value
  Processing type : authorization
  Characteristic : company code
  **Details**
  Variable represents : selection options
  Variable is : optional
  Variable is ready for input : yes
  I've followed recommandations from OSS notes 976680
  My issue is : if I run each query individually, variable is filled with authorized values
  If I run the workbook, variable is not filled with authorized value, so when end user run the workbook, BW consider that end user wants to see all data and get "No authorization".
  I don't understand why variable within the workbook doesn't show the authorized values and why the queries do.
  Any suggestion about this issue ????
  Thanks
  Catherine

  Hi
  thanks for replying
  I ran the query with UserID from RSECADMIN and I could open the query. But if I want to select 0profit_ctr I get this error No authorization to characteristic values.
  I  checked the log and this is the message.
  Value Authorization
  InfoProvider FIGL_MP1
  Value Authorization for Characteristic 0PROFIT_CTR
  Building the Buffer...
  Building the Buffer...
  No Authorization for Values
  thanks

• Authorization Variable not prefilling on RRI jump

  Hi,
  I have an Authorization Variable which prefills according to the users authorized values - this works fine in all instance EXCEPT when I jump from another query.
  Has anyone seen this before?
  Anybody know why?
  What is the function which prefills the variable?
  The jump goes to a web analyzer session. The session works fine if I just execute the jump query - but as soon as the url contains passed variables the authorization variable does not prefill.
  eg. http://sldn1450dap:6777/sap/bw/BEx?SAP-LANGUAGE=EN&CMD=LDOC&INFOCUBE=H3FST_M_M&QUERY=QFCMM_AD0060_V2_JMP - works fine, variable prefills
  http://sldn1450dap:6777/sap/bw/BEx?SAP-LANGUAGE=EN&CMD=LDOC&INFOCUBE=H3FST_M_M&QUERY=QFCMM_AD0060_V2_JMP&VAR_NAME=8BBS_ID&VAR_VALUE=43RUCKR22P5SIA2LJXEE2XJBN - variable does not prefill
  Desperate to sort this one out. 2 days to release deadline and spending days on this.
  Regards
  Neville

  Hi Neville,
  First query also has the same authorization variable?
  if yes it should work.
  Otherwise add the same object and variable in the first query also.
  Regards,
  Vijay.

• Container Variables Not Filled

  Hi,
  I have configured Alert Category and Alert Rules to trigger exceptions at Mapping, Adapter and Proxy level.  All these alerts are getting triggered properly.  But the container variable, &SXMS_FROM_SERVICE& is not getting populated and displays the tag as such.
  I infact checked the Note 947738 (Container Element not filled).  But this is for SP 09.  We are in Release 7.0 SP 11.  So the note is already implemented.
  But still I am facing this problem.  The container variables are not filled.  Can someone suggest how to fix this.
  Regards.
  Bala

  Hi,
  Are all the other Container Variables being populated?
  If yes, one option is to check note : 913858 . This note describes one question when the From Interface Container variable does not fill up. Check what it mentions.
  Regards
  Bhavesh

• Authorization variable - not work

  I need to define authorization criteria using 0COMP_CODE.
  1) I checked 0COMP_CODE as "Rilevant for authorization"
  2) I defined the object authorization using RSSM
  3) I put the authorization object into the roles (PFCG)
  4) I defined an authorization variables into the queries
  But when I execute the query, no authorization range is applied. 
  Where is my error?

  Hi Fabio,
  from your list it seems that everything is well...
  so, in the maintenance of the authorization objects, I suggest you to activate the extended trace function for the reporting (Transaction RSSM).
  Select key 'Authorization Check Log' to do this.
  Enter a user in the field 'User' or select one via F4 help. Then activate the trace for this user with the pushbutton 'Create' (F5).
  If the user is already entered, it is recommended to delete the old trace first.
  After you have carried out the authorization-relevant activity, you can display the current status of the trace for the user entered in the 'User' field by using key 'Display' (F6).
  After, remember to deactivate the trace for the entered user by using pushbutton 'Delete' (F2) and the existing trace of this user is deleted.
  The system stores the trace in the database according to the key fields, thus, if you start the same query several times in succession with the same parameters (in the authorizations, too), the checks appear only once in the trace and not several times as in a log.
  Hope it helps !
  Ciao,
  Roberto
  (and please don't forget to assign some points by clickin'on the yellow star to the contributors that help you !!!)

• Alert Configuration: SMTP Error in SOST, Container variables not filling.

  Hi All,
  I have been configured in XI System following sdn and Michal's blog.ALRTCATDEF,SCOT settings have been done and  When i try to test the alerts , alerts are reaching alert inbox but not to mail. And also in alert long text container variables are missing  I have been requested my basis team to implement sap note 835031. What exact cause for this could any body explain me. And also Please suggest me what has to be done when i get error in SOST 'Message cannot be transferred to node SMTP due to connection error (final) ' Do i have to follow steps mentiond in below link:
  http://forums.sdn.sap.com/thread.jspa?threadID=558231
  Thanks,
  Aparna.

  'Message cannot be transferred to node SMTP due to connection error (final)
  have you seen below threads:
  http://forums.sdn.sap.com/thread.jspa?threadID=1564087
  http://forums.sdn.sap.com/thread.jspa?threadID=567171

• SAP BO WebI Report on top of BI Bex Query with Authorization Variable

  Hi,
       We are trying to restrict row level data using BI 7.0 analysis authorization concept. We have an authorization variable in the Bex query and is working perfect in Bex Analyzer as well as in RSRT.
  Now we are trying to achieve the same thing in BO webI. We created an Universe using Authentication Mode SSO. We are on BOXI 3.1 and implemented SSO. When we try to run the query in WebI we get the error
     "A database error occured. The database error text is: Error in MDDataSetBW.GetCellData..(WS 10901)"
  Just for testing purpose, when we use query filter in WebI and use Values from List, it is showing only the authorized value it supposed to show and runs well with that value selected. But we have to achieve this without the query filter in WebI.
  So are we missing some thing here or any patch issue? Please share if you have done this type of reports in BO.
  Thanks in advance for your help.
  Moorthy.

  Yes I did run MDXTEST and it gives error as 'you do not have sufficient authorization'. The reason it is giving, I guess and we are debugging that to confirm, is first it looks for 0BI_ALL and throws error which is not the case in Bex. See the following trace in RSRT trace.
  InfoObject Properties Defined
  Reading of Directly Assigned Authorizations
  Direct Assignment Does Not Include Universal Authorization 0BI_ALL
  Reading the Indirect Assignments with Authorization Object S_RS_AUTH
  Does user have OBI_ALL?
  No, the User Does Not Have Universal Authorizion 0BI_ALL
  Negative Entry in SU53 Result of Failed Check for 0BI_ALL
  Indirect assignments found; no universal authorization
  Reduction of Authorization Dimensions on Characteristics in InfoProvider
  Reduction Successful
  Thanks!
  Moorthy

• Webi  Bypassing BEx Authorization Variable with SAP Exit

  BEx query has Hierarchy Node Variable with Authorization as processing type. Its set as User Input ready
  When the Webi report is refreshed, the LoVs appear as per the Authorization. However, if user doesn't select any value (pushes from right to left in variable screen) he gets NOT_AUTHORIZED error. Which is not intended, it should check the authorization in the background via SAP exit and populate the result. This is how it runs inBEx query.
  However, in Webi it's giving NOT_AUTHORIZED error? This is how the product is designed to work or is it a bug.
  I see several forum threads and SAP KBAs/notes but they are not answering my question. Could anyone please help.
  I am ready to provide more details on this error.
  Thanks,
  Tilak

  Hi,
  this is how authorization variable would work in any of the clients and not just Web Intelligence.
  You created an authorization variable which is configured as "read for input", so the user is getting prompted.
  So In Web Intelligence the LoV shows up.
  if the user does not select a value, then you are not sending a value, so you basically asking for all data and you are not allowed to see all data and therefore you are getting the message "no authorization".
  if you are making authorization variables as ready for input then the user needs to select the proper values - regardless of the BI tool.
  if you want the authorization to be check in the background then the authorization variable should be configured to not have ready for input.
  regards
  Ingo Hilgefort

• Optional BEx query variables not working in WebI

  Hi,
  I have an Webi report based on Bex Query using BICS connection.
  One characteristic is restricted with two variables. First an authorization variable and additional with an input ready variable.
  This input ready variable is optional. When it comes up in webi and you choose a value it doesn't filter on it.
  We are on BO 4.1. SP3 and BW 7.31.
  With SAP_ALL the optional prompt is working, but for a user with limited access, the optional variable doesn't work.
  I have already made a RSRT trace with a test user. But I'm not sure what's the problem.
  Trace returned:
  S_RS_AUTH  RC=4 -->  BIAUTH=0BI_ALL; type=RF;name=BICS_PROV_OPEN;
  But I don't want to give the user 0BI_ALL, otherwise my analysis authorizations for this info object would be obsolete.
  Any ideas?
  Thx and Regards,
  Katharina

  Hi Neetika,
  thank you for your advice!
  I tried the filter without authorziation variable and it was working.
  I in addition I tried another option: I defined auth variable as input ready and deleted filter variable and that would work working.
  With this setting I recognized that for the authorization variable all allowed values are set as default values! If you execute query with SAP_ALL no default is set, but with limited access the allowed values are set as default.
  This may be the problem here. I don't know if this behaviour is by design or if there is a problem with rights?
  But now I know where the problem comes from.
  Regards,
  Katharina

• Authorization Variable values in BEX.

  Hi all,
  I have a report with an authorization object (for example 0COUNTRY) restricted to an authorization variable.
  The object restricts the report according to the user's role. I want a user, with multiple country authorization, to be able to run the report on a few countries that he is authorized to see. For example he is authorized to see US DE FR & CH, and wants to run the report on DE & FR.
  So, I created the authorization variable "Ready for Input", but now when the user runs the report he <b>can insert</b> other values but when he click on the options he can choose from (F4),<b>he can't see the texts</b> (DE - Germany, FR - France) and he gets the message:
  <b>"BRAIN655 - No values available or not authorized to display"</b>
  Full points for the answer promised.
  Many thanks, Yaniv.

  I've done these steps when I createted this object long ago. I have no problem with the authorization itself. it works great.
  You are right, the selection option window shows the values US DE FR & CH, but I want the user to see the description also (when pressing F4) so he will be able to tell which countries to choose . that is when the message pops up.
  <b>It is like the user does not have the authorization to view the 0COUNTRY values and their texts</b>.

• Folders are not visible in BEx Portfolio tab of Save As popup window

  Hi All,
  when I try to save a report in BEx Web Analyzer by open Save As popup window, I can't see any folders in neither of Favorites, BEx Portfolio nor My Portfolio tabs, even though I've created some directories in "/documents/Public Documents" for example. I can only see the list of already saved reports.
  What needs to be done to be able to the folders in Save As (or Open) popup window?
  thank you,
  oleg

  Hi,
  Please check Note No. 988406 and the role mentioned in this link:
  http://help.sap.com/SAPHELP_NW04S/helpdata/EN/a5/4b0b40c6c01961e10000000a155106/frameset.htm
  I would also recommend that you try with the latest java patches. BIBASE and BIWEBAPP patches.
  Thanks,
  Michael

• Restrict authorization for saving BI query bookmark on BEx Portfolio

  Hi experts,
  I would like to find a way to control the saving query bookmark  functionality on BEx Portfolio. The problem is that every BI user can save in the BEx Portfolio which is observable to every user at global level. Is there a functionality to restrict the authorization so that only Power users are allowed to save bookmarks under BEx portofolio and where as non power user are allowed to access them
  Thanks

  Hi All,
  i'm also having same requirement, please reply with solution if any one did it,
  http://scn.sap.com/message/13836154
  Thanks
  Naga

• BEx Portfolio Authorizations

  Hello,
  We would like to create a folder structure in BEx portfolio, that contains folders and queries. Now my question: is it possible to give autorizations to this? For the end user only the folders should be visible, which contain queries, that he is allowed to execute.
  After a SDN and Google Search I couldn't get any findings. We are on BI 7.0.
  Thanks a lot for your effort.
  WBr
  Klaus Hirschegger

  Hi..
  check out this ..
  S_RS_DAS: Authorizations for working with Data Access Services
  S_RS_BTMP: Authorizations for working with BExWeb templates
  S_RS_BEXTX: Authorizations for the maintenance of BExtexts
  Authorization objects for the administration of analysis authorizations:
  S_RSEC: Authorization for assignment and administration of analysis authorizations
  S_RS_AUTH: Authorization object to include analysis authorizations in roles
  with regards,
  hari ..

• Some Out-Variables are not filled when one is missing (Oracle-Client 10)

  Hello everybody,
  we have a problem in our applications, written in C++ using OCI.
  All works fine with Oracle Client 8 and 9, the problem occurs when using Client 10.
  A simple example:
  select 1, 2, 3, 4, 5 from dual;
  I have 4 out-variables, the 3rd one is missing:
  OCIDefineByPos(..., 1, &out1, ...);
  OCIDefineByPos(..., 2, &out2, ...);
  OCIDefineByPos(..., 4, &out4, ...);
  OCIDefineByPos(..., 5, &out5, ...);
  When executing with Oracle Client 8 and 9, the result is:
  out1 = 1
  out2 = 2
  out4 = 4
  out5 = 5
  Executing the same with Oracle Client 10, the result is:
  out1 = 1
  out2 = 2
  out4 = 0
  out5 = 0
  When there is a selected column without a variable for it, all following out-variables are not filled. Can someone repeat and / or explain this? I read the Oracle Docs for the OCI 10, but nowhere is a hint about differences or changes in this behaviour. I know that when selecting a column I should spend an out-variable for it, but nobody is perfect.
  Here are some details:
  Oracle Client 10.2.0.1.0
  Client OS Windows XP SP1
  Oracle Database 10g Release 10.2.0.1.0
  Application developed with Visual Studio C++ 7.1
  Thanks for any help.
  Torsten
  Here's the code, I changed the simple OCI-example from the Oracle homepage:
  void ocitest()
  static text username = (text ) "xxx";
  static text password = (text ) "yyy";
  static OCIEnv *envhp;
  static OCIError *errhp;
  static sword status;
  sword out1, out2, out3, out4, out5;
  sb2 ind1, ind2, ind3, ind4, ind5; /* indicator */
  static text maxemp = (text ) "SELECT 1, 2, 3, 4, 5 FROM dual ";
  OCISession authp = (OCISession ) 0;
  OCIServer *srvhp;
  OCISvcCtx *svchp;
  OCIStmt stmthp, stmthp1;
  OCIDefine defnp1 = (OCIDefine ) 0;
  OCIDefine defnp2 = (OCIDefine ) 0;
  OCIDefine defnp3 = (OCIDefine ) 0;
  OCIDefine defnp4 = (OCIDefine ) 0;
  OCIDefine defnp5 = (OCIDefine ) 0;
  (void) OCIInitialize((ub4) OCI_DEFAULT, (dvoid *)0,
  (dvoid * (*)(dvoid *, size_t)) 0,
  (dvoid * (*)(dvoid *, dvoid *, size_t))0,
  (void (*)(dvoid *, dvoid *)) 0 );
  (void) OCIEnvInit( (OCIEnv **) &envhp, OCI_DEFAULT, (size_t) 0,
  (dvoid **) 0 );
  (void) OCIHandleAlloc( (dvoid *) envhp, (dvoid **) &errhp, OCI_HTYPE_ERROR,
  (size_t) 0, (dvoid **) 0);
  /* server contexts */
  (void) OCIHandleAlloc( (dvoid *) envhp, (dvoid **) &srvhp, OCI_HTYPE_SERVER,
  (size_t) 0, (dvoid **) 0);
  (void) OCIHandleAlloc( (dvoid *) envhp, (dvoid **) &svchp, OCI_HTYPE_SVCCTX,
  (size_t) 0, (dvoid **) 0);
  (void) OCIServerAttach( srvhp, errhp, (text *)"", strlen(""), 0);
  /* set attribute server context in the service context */
  (void) OCIAttrSet( (dvoid *) svchp, OCI_HTYPE_SVCCTX, (dvoid *)srvhp,
  (ub4) 0, OCI_ATTR_SERVER, (OCIError *) errhp);
  (void) OCIHandleAlloc((dvoid *) envhp, (dvoid **)&authp,
  (ub4) OCI_HTYPE_SESSION, (size_t) 0, (dvoid **) 0);
  (void) OCIAttrSet((dvoid *) authp, (ub4) OCI_HTYPE_SESSION,
  (dvoid *) username, (ub4) strlen((char *)username),
  (ub4) OCI_ATTR_USERNAME, errhp);
  (void) OCIAttrSet((dvoid *) authp, (ub4) OCI_HTYPE_SESSION,
  (dvoid *) password, (ub4) strlen((char *)password),
  (ub4) OCI_ATTR_PASSWORD, errhp);
  checkerr(errhp, OCISessionBegin ( svchp, errhp, authp, OCI_CRED_RDBMS,
  (ub4) OCI_DEFAULT));
  (void) OCIAttrSet((dvoid *) svchp, (ub4) OCI_HTYPE_SVCCTX,
  (dvoid *) authp, (ub4) 0,
  (ub4) OCI_ATTR_SESSION, errhp);
  checkerr(errhp, OCIHandleAlloc( (dvoid *) envhp, (dvoid **) &stmthp,
  OCI_HTYPE_STMT, (size_t) 0, (dvoid **) 0));
  checkerr(errhp, OCIHandleAlloc( (dvoid *) envhp, (dvoid **) &stmthp1,
  OCI_HTYPE_STMT, (size_t) 0, (dvoid **) 0));
  checkerr(errhp, OCIStmtPrepare(stmthp, errhp, maxemp,
  (ub4) strlen((char *) maxemp),
  (ub4) OCI_NTV_SYNTAX, (ub4) OCI_DEFAULT));
  checkerr(errhp, OCIDefineByPos(stmthp, &defnp1, errhp, 1, (dvoid *) &out1,
  (sword) sizeof(sword), SQLT_INT, (dvoid *) &ind1, (ub2 *)0,
  (ub2 *)0, OCI_DEFAULT));
  checkerr(errhp, OCIDefineByPos(stmthp, &defnp2, errhp, 2, (dvoid *) &out2,
  (sword) sizeof(sword), SQLT_INT, (dvoid *) &ind2, (ub2 *)0,
  (ub2 *)0, OCI_DEFAULT));
  /* checkerr(errhp, OCIDefineByPos(stmthp, &defnp3, errhp, 3, (dvoid *) &out3,
  (sword) sizeof(sword), SQLT_INT, (dvoid *) &ind3, (ub2 *)0,
  (ub2 *)0, OCI_DEFAULT));*/
  checkerr(errhp, OCIDefineByPos(stmthp, &defnp4, errhp, 4, (dvoid *) &out4,
  (sword) sizeof(sword), SQLT_INT, (dvoid *) &ind4, (ub2 *)0,
  (ub2 *)0, OCI_DEFAULT));
  checkerr(errhp, OCIDefineByPos(stmthp, &defnp5, errhp, 5, (dvoid *) &out5,
  (sword) sizeof(sword), SQLT_INT, (dvoid *) &ind5, (ub2 *)0,
  (ub2 *)0, OCI_DEFAULT));
  /* execute and fetch */
  if (status = OCIStmtExecute(svchp, stmthp, errhp, (ub4) 1, (ub4) 0,
  (CONST OCISnapshot *) NULL, (OCISnapshot *) NULL, OCI_DEFAULT))
  if (status == OCI_NO_DATA)
  else
  checkerr(errhp, status);
  void checkerr(OCIError *errhp, sword status)
  text errbuf[512];
  sb4 errcode = 0;
  switch (status)
  case OCI_SUCCESS:
  break;
  case OCI_SUCCESS_WITH_INFO:
  (void) printf("Error - OCI_SUCCESS_WITH_INFO\n");
  break;
  case OCI_NEED_DATA:
  (void) printf("Error - OCI_NEED_DATA\n");
  break;
  case OCI_NO_DATA:
  (void) printf("Error - OCI_NODATA\n");
  break;
  case OCI_ERROR:
  (void) OCIErrorGet((dvoid *)errhp, (ub4) 1, (text *) NULL, &errcode,
  errbuf, (ub4) sizeof(errbuf), OCI_HTYPE_ERROR);
  (void) printf("Error - %.*s\n", 512, errbuf);
  break;
  case OCI_INVALID_HANDLE:
  (void) printf("Error - OCI_INVALID_HANDLE\n");
  break;
  case OCI_STILL_EXECUTING:
  (void) printf("Error - OCI_STILL_EXECUTE\n");
  break;
  case OCI_CONTINUE:
  (void) printf("Error - OCI_CONTINUE\n");
  break;
  default:
  break;
  }

  Use int/long instead sword .