Authorizations in ESR?
As mentioned in my blog, I am posting a set of questions on ESR in this forum as an interesting way of sharing relevant information with the community. In the true spirit of forums, the one who answers the question is rewarded!
Q - I want to set authorizations on who can edit the Service Interfaces I create. Is it possible? If so, how can I do that?
Hi,
Yes it is possible. IT was even possible in pre-PI 7.1 days using the concept of data-dependant authorisations. However, in the ESR it has become much easier to implement.
For instructions on how to do it in PI 7.0, click [here|https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/a005629b-c063-2910-0fb8-f57dc68abaca].
There is more information on SAP Help [here|http://help.sap.com/saphelp_nw04/helpdata/en/d6/63f6413a15e23ee10000000a155106/frameset.htm].
Daniel Bianchin has written an excellent article on how to do this (and various other things) called 'Usability Features in SAP NetWeaver PI 7.1 Development and Configuration Times'. To access it, click [here|https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/a0e7734f-e969-2a10-24b6-df58a710941c].
Regards
Manish
Similar Messages
-
Restrcing XML messages in SXMB_MONI based on authorizations
Hi All,
How to restrict the visibility or display acess of Payload in sxmb_moni based on authorizations as we do restrict the visibility of design objects in ESR (Profile Based Authorization In ESR Using PI 7.1).
Please let us know your inputs on this. We have already searched but couldn't find any useful information.
Thanks,
VinodHi Vinod,
You can ensure that the following roles are not assigned to unauthorized userid's in SAP PI:
SAP_XI_MONITOR
SAP_XI_MONITOR_ENHANCED
SAP_XI_ADMINISTRATOR
SAP_XI_SUPPORT
To further explore the roles check the Role Maintenance transaction (PFCG) and the following link:
http://help.sap.com/saphelp_nw04/helpdata/en/58/d22940cbf2195de10000000a1550b0/content.htm
/people/michal.krawczyk2/blog/2006/01/02/xi-sxmbmoni--controlling-access-to-message-display -
Hi All,
I have requirement that i should only provide Read/Edit/Change access to ESR of my PI system. I also need to make sure that he have only Display access to ID.
Could you please help me with what roles i can use here?
Thank in advance.
Best Regards,
Prasad.Hi Prasad,
How To Setup Profile Based Authorization In ESR
Check this: http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/50a3efb4-57a1-2d10-a6b9-fed6d21799f8?quicklink=index&overridelayout=true
Thanks, -
Not able to see other users change list in IR/ID
Hi All,
I need to perform the CTS+ transports in PI 7.1 and when ever i am going to change list tab apart from my user id i am not able to see any other user id to transfer the objects to my id
Is some setting is missing or some role we need to assign.
Appreciate your reponse on this.
Thanks
AnkurHi Anku,
Have a look on this doc [Limit Authorization PI Content objects.pdf|http://www.sdn.sap.com/irj/scn/events?rid=/library/uuid/a005629b-c063-2910-0fb8-f57dc68abaca], and/or contact your basis team who manages the user roles...
The same in [e-learning|http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/40457bb0-c663-2910-85ad-f5f42edb715a].
just in case of... for ESR authorization, you have this one [How To Setup Profile Based Authorization In ESR Using PI 7.1 EHP1|http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/50a3efb4-57a1-2d10-a6b9-fed6d21799f8?QuickLink=index&overridelayout=true]
Else... a stupid question:
in "change list" tab, have you click on the "filter" button to be able to select "User = All" ?
and then to do your transfer...
Regards.
Mickael
Edited by: Mickael Huchet on Feb 14, 2012 9:24 AM -
Hi PI experts,
All of a sudden the Display/Edit button is disabled in ESR and I am not able to edit any objects (Message Mappings, Service Interfaces and so on). Is this related to authorization? I checked with BASIS guys and they said that they did not revoke any authorization for my user id.
At ABAP stack, I checked SU01 and I have SAP_ALL authorization. Is any authorization maintained at Java stack level? If yes, where and how can I check it?
Regards,
Dhawal.All of a sudden the Display/Edit button is disabled in ESR and I am not able to edit any objects (Message Mappings, Service
Interfaces and so on). Is this related to authorization? I checked with BASIS guys and they said that they did not revoke any
authorization for my user id.
Open the SWCV....double-click on it in ESR --> Check the option Objects are Modifiable then the display/ edit button will be enabled if you have the permission.
Regards,
Abhishek. -
No authorization for this action when startin ESR in PI
Hi,
We try to set up our authorizations correctly in PI, but when I try to start the ESR of PI I get the message 'No authorization for this action'. My user has the administrator role, developer role en configurator role.
In the log I see I got logged on correctly.
Anyone any idea what the reason might be for this problem? Or is there a way to trace the autorizations onthe JAVA stack?
Thanks for reacting.
KrisHello,
You could also try the following:
Clear the Java Web Start cache
Java Web Start > File > Preferences > Advanced > Clear Folder
Restore the Java Web Start archives:
http://<server>:<port>/dir/start/index.jsp > Administration > Repository/Directory tab
-> Java Web Start Administration -> Restore Archives
If this fails you could try applying the latest patches for the XI components:
XIAF, XIAFC, XITOOL, XIGUI, MESSAGING
Regards,
Sarah -
After I logined PI7.1 ESR, I created a namespace in a software, and I created a folder,DT,MT,MM,OM, and so on. then I want to assign a authorization to my created things.For example, I rightly click on folder,and select edit authorization,I assign user:xxx a excute report authorization.I log off and login again,I can delete the folder. why? thanks!
Edit Authorization not supported by all the objects (one being DT)....so it may also happen that Folder is out of the supporting list.
-
Error in IB (When trying to import objects into ESR from SLD or from server
Hi Experts,
We are facing an error with the Integration builder recently. When we open Enterprise Services Repository of PI 7.1, we are able to see the GUI with objects perfectly. When we try to import an object into the repository from the server ( In ESR, choose Tools -> Import Design objects -> From Server), we are thrown with an exception...
Error when exectuting search (QUERY_ERROR)
& java.lang.NullPointerException
The server throws the above two exceptions. I have pasted the logs of the error when trying to import an object from the server and also from the sld, below.
Have any of you experieced the issue? Request you to please check this out and suggest what the problem could be. Thanks in advance.
Regards,
Basker
Log of the error received when trying to import an object from the server...
====================================================================
= Root Exception ===================================================
====================================================================
Thrown:
com.sap.aii.utilxi.swing.framework.ExecuteException: Error when executing search
at com.sap.aii.ib.gui.shelp.QueryPanel.executeQuery(QueryPanel.java:582)
at com.sap.aii.ib.gui.shelp.QueryPanel.startQuery(QueryPanel.java:595)
at com.sap.aii.ib.gui.shelp.QueryPanel$1.run(QueryPanel.java:218)
at com.sap.aii.utilxi.misc.thread.ThreadPool$ThreadPoolThread.run(ThreadPool.java:392)
Caused by: java.lang.NullPointerException: null
at com.sap.aii.utilxi.core.collections.ArrayUtil.appendArrays(ArrayUtil.java:331)
at com.sap.aii.ib.gui.xiitem.services.XiItemServiceProvider.queryXiItems(XiItemServiceProvider.java:273)
at com.sap.aii.ib.gui.xiitem.services.XiItemServiceProvider.queryXiItems(XiItemServiceProvider.java:241)
at com.sap.aii.ib.gui.shelp.StandardQueryAccessor.executeQuery(StandardQueryAccessor.java:68)
at com.sap.aii.ib.gui.shelp.QueryPanel.executeQuery(QueryPanel.java:567)
... 3 more
====================================================================
== Content from the LogHandler =====================================
====================================================================
#12 13:44:56 AWT-EventQueue-2 ERROR com.sap.aii.utilxi.swing.toolkit.ExceptionDialog: Throwable
Thrown:
com.sap.aii.utilxi.swing.framework.ExecuteException: Error when executing search
at com.sap.aii.ib.gui.shelp.QueryPanel.executeQuery(QueryPanel.java:582)
at com.sap.aii.ib.gui.shelp.QueryPanel.startQuery(QueryPanel.java:595)
at com.sap.aii.ib.gui.shelp.QueryPanel$1.run(QueryPanel.java:218)
at com.sap.aii.utilxi.misc.thread.ThreadPool$ThreadPoolThread.run(ThreadPool.java:392)
Caused by: java.lang.NullPointerException: null
at com.sap.aii.utilxi.core.collections.ArrayUtil.appendArrays(ArrayUtil.java:331)
at com.sap.aii.ib.gui.xiitem.services.XiItemServiceProvider.queryXiItems(XiItemServiceProvider.java:273)
at com.sap.aii.ib.gui.xiitem.services.XiItemServiceProvider.queryXiItems(XiItemServiceProvider.java:241)
at com.sap.aii.ib.gui.shelp.StandardQueryAccessor.executeQuery(StandardQueryAccessor.java:68)
at com.sap.aii.ib.gui.shelp.QueryPanel.executeQuery(QueryPanel.java:567)
... 3 more
#11 13:44:55 Pool-Thread-0 FINE AutoLog.created.java.lang.NullPointerException: java.lang.NullPointerException
at com.sap.aii.utilxi.core.collections.ArrayUtil.appendArrays(ArrayUtil.java:331)
at com.sap.aii.ib.gui.xiitem.services.XiItemServiceProvider.queryXiItems(XiItemServiceProvider.java:273)
at com.sap.aii.ib.gui.xiitem.services.XiItemServiceProvider.queryXiItems(XiItemServiceProvider.java:241)
at com.sap.aii.ib.gui.shelp.StandardQueryAccessor.executeQuery(StandardQueryAccessor.java:68)
at com.sap.aii.ib.gui.shelp.QueryPanel.executeQuery(QueryPanel.java:567)
at com.sap.aii.ib.gui.shelp.QueryPanel.startQuery(QueryPanel.java:595)
at com.sap.aii.ib.gui.shelp.QueryPanel$1.run(QueryPanel.java:218)
at com.sap.aii.utilxi.misc.thread.ThreadPool$ThreadPoolThread.run(ThreadPool.java:392)
#10 13:44:55 Pool-Thread-0 DEBUG AutoLog.created.java.lang.NullPointerException: null
#9 13:44:55 Pool-Thread-0 FINE AutoLog.created.com.sap.aii.utilxi.swing.framework.ExecuteException: com.sap.aii.utilxi.swing.framework.ExecuteException: Error when executing search
at com.sap.aii.ib.gui.shelp.QueryPanel.executeQuery(QueryPanel.java:582)
at com.sap.aii.ib.gui.shelp.QueryPanel.startQuery(QueryPanel.java:595)
at com.sap.aii.ib.gui.shelp.QueryPanel$1.run(QueryPanel.java:218)
at com.sap.aii.utilxi.misc.thread.ThreadPool$ThreadPoolThread.run(ThreadPool.java:392)
Caused by: java.lang.NullPointerException
at com.sap.aii.utilxi.core.collections.ArrayUtil.appendArrays(ArrayUtil.java:331)
at com.sap.aii.ib.gui.xiitem.services.XiItemServiceProvider.queryXiItems(XiItemServiceProvider.java:273)
at com.sap.aii.ib.gui.xiitem.services.XiItemServiceProvider.queryXiItems(XiItemServiceProvider.java:241)
at com.sap.aii.ib.gui.shelp.StandardQueryAccessor.executeQuery(StandardQueryAccessor.java:68)
at com.sap.aii.ib.gui.shelp.QueryPanel.executeQuery(QueryPanel.java:567)
... 3 more
#8 13:44:55 Pool-Thread-0 DEBUG AutoLog.created.com.sap.aii.utilxi.swing.framework.ExecuteException: Error when executing search
#7 13:43:52 AWT-EventQueue-2 FINE AutoLog.created.com.sap.engine.services.security.exceptions.BaseLoginException: com.sap.engine.services.security.exceptions.BaseLoginException: Authentication did not succeed.
at com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule.login(BasicPasswordLoginModule.java:149)
at com.sap.engine.services.security.login.LoginModuleLoggingWrapperImpl.login(LoginModuleLoggingWrapperImpl.java:220)
at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:70)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:218)
at com.sap.engine.services.security.remoteimpl.login.RemoteLoginContextHelperImpl.login(RemoteLoginContextHelperImpl.java:78)
at com.sap.engine.services.security.remoteimpl.login.RemoteLoginContextHelperImplp4_Skel.dispatch(RemoteLoginContextHelperImplp4_Skel.java:64)
at com.sap.engine.services.rmi_p4.DispatchImpl._runInternal(DispatchImpl.java:351)
at com.sap.engine.services.rmi_p4.server.ServerDispatchImpl.run(ServerDispatchImpl.java:70)
at com.sap.engine.services.rmi_p4.P4Message.process(P4Message.java:62)
at com.sap.engine.services.rmi_p4.P4Message.execute(P4Message.java:37)
at com.sap.engine.services.cross.fca.FCAConnectorImpl.executeRequest(FCAConnectorImpl.java:872)
at com.sap.engine.services.rmi_p4.P4Message.process(P4Message.java:53)
at com.sap.engine.services.cross.fca.MessageReader.run(MessageReader.java:58)
at com.sap.engine.core.thread.execution.Executable.run(Executable.java:108)
at com.sap.engine.core.thread.execution.CentralExecutor$SingleThread.run(CentralExecutor.java:304)
predecessor system
com.sap.engine.services.security.exceptions.BaseLoginException: Authentication did not succeed.
at com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule.login(BasicPasswordLoginModule.java:149)
at com.sap.engine.services.security.login.LoginModuleLoggingWrapperImpl.login(LoginModuleLoggingWrapperImpl.java:220)
at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:70)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:218)
at com.sap.engine.services.security.remoteimpl.login.RemoteLoginContextHelperImpl.login(RemoteLoginContextHelperImpl.java:78)
at com.sap.engine.services.security.remoteimpl.login.RemoteLoginContextHelperImplp4_Skel.dispatch(RemoteLoginContextHelperImplp4_Skel.java:64)
at com.sap.engine.services.rmi_p4.DispatchImpl._runInternal(DispatchImpl.java:351)
at com.sap.engine.services.rmi_p4.server.ServerDispatchImpl.run(ServerDispatchImpl.java:70)
at com.sap.engine.services.rmi_p4.P4Message.process(P4Message.java:62)
at com.sap.engine.services.rmi_p4.P4Message.execute(P4Message.java:37)
at com.sap.engine.services.cross.fca.FCAConnectorImpl.executeRequest(FCAConnectorImpl.java:872)
at com.sap.engine.services.rmi_p4.P4Message.process(P4Message.java:53)
at com.sap.engine.services.cross.fca.MessageReader.run(MessageReader.java:58)
at com.sap.engine.core.thread.execution.Executable.run(Executable.java:108)
at com.sap.engine.core.thread.execution.CentralExecutor$SingleThread.run(CentralExecutor.java:304)
#6 13:43:52 AWT-EventQueue-2 DEBUG AutoLog.created.com.sap.engine.services.security.exceptions.BaseLoginException: Authentication did not succeed.
#5 13:43:52 AWT-EventQueue-2 FINE AutoLog.created.com.sap.engine.services.security.exceptions.BaseLoginException: com.sap.engine.services.security.exceptions.BaseLoginException: Cannot authenticate the user.
at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:175)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:218)
at com.sap.engine.services.security.remoteimpl.login.RemoteLoginContextHelperImpl.login(RemoteLoginContextHelperImpl.java:78)
at com.sap.engine.services.security.remoteimpl.login.RemoteLoginContextHelperImplp4_Skel.dispatch(RemoteLoginContextHelperImplp4_Skel.java:64)
at com.sap.engine.services.rmi_p4.DispatchImpl._runInternal(DispatchImpl.java:351)
at com.sap.engine.services.rmi_p4.server.ServerDispatchImpl.run(ServerDispatchImpl.java:70)
at com.sap.engine.services.rmi_p4.P4Message.process(P4Message.java:62)
at com.sap.engine.services.rmi_p4.P4Message.execute(P4Message.java:37)
at com.sap.engine.services.cross.fca.FCAConnectorImpl.executeRequest(FCAConnectorImpl.java:872)
at com.sap.engine.services.rmi_p4.P4Message.process(P4Message.java:53)
at com.sap.engine.services.cross.fca.MessageReader.run(MessageReader.java:58)
at com.sap.engine.core.thread.execution.Executable.run(Executable.java:108)
at com.sap.engine.core.thread.execution.CentralExecutor$SingleThread.run(CentralExecutor.java:304)
Caused by: com.sap.engine.services.security.exceptions.BaseLoginException: Authentication did not succeed.
at com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule.login(BasicPasswordLoginModule.java:149)
at com.sap.engine.services.security.login.LoginModuleLoggingWrapperImpl.login(LoginModuleLoggingWrapperImpl.java:220)
at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:70)
... 13 more
predecessor system
com.sap.engine.services.security.exceptions.BaseLoginException: Cannot authenticate the user.
at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:175)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:218)
at com.sap.engine.services.security.remoteimpl.login.RemoteLoginContextHelperImpl.login(RemoteLoginContextHelperImpl.java:78)
at com.sap.engine.services.security.remoteimpl.login.RemoteLoginContextHelperImplp4_Skel.dispatch(RemoteLoginContextHelperImplp4_Skel.java:64)
at com.sap.engine.services.rmi_p4.DispatchImpl._runInternal(DispatchImpl.java:351)
at com.sap.engine.services.rmi_p4.server.ServerDispatchImpl.run(ServerDispatchImpl.java:70)
at com.sap.engine.services.rmi_p4.P4Message.process(P4Message.java:62)
at com.sap.engine.services.rmi_p4.P4Message.execute(P4Message.java:37)
at com.sap.engine.services.cross.fca.FCAConnectorImpl.executeRequest(FCAConnectorImpl.java:872)
at com.sap.engine.services.rmi_p4.P4Message.process(P4Message.java:53)
at com.sap.engine.services.cross.fca.MessageReader.run(MessageReader.java:58)
at com.sap.engine.core.thread.execution.Executable.run(Executable.java:108)
at com.sap.engine.core.thread.execution.CentralExecutor$SingleThread.run(CentralExecutor.java:304)
Caused by: com.sap.engine.services.security.exceptions.BaseLoginException: Authentication did not succeed.
at com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule.login(BasicPasswordLoginModule.java:149)
at com.sap.engine.services.security.login.LoginModuleLoggingWrapperImpl.login(LoginModuleLoggingWrapperImpl.java:220)
at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:70)
... 13 moreHi Rajeev,
Thanks for your inputs. I myself am a basis guy. I ve already checked all the authorizations given to the user - PISUPER, and have found it to be fine. Can't understand why this security issue crops up still. anyways, i m getting this error when trying to import an object from the server. If i try to create a new object and during the process, try to import the SCV from SLD, i m facing with an error again, of a different sort. The log says...
====================================================================
= Root Exception ===================================================
====================================================================
Thrown:
com.sap.aii.utilxi.misc.api.BaseRuntimeException: Internal error during bean lookup for bean SldAccessServiceBean
at com.sap.aii.ib.clsif.gen.BeanAccessHandler.handleRuntimeExInBusinessMethod(BeanAccessHandler.java:113)
at com.sap.aii.ib.client.sldAccess.impl.SldAccessServiceDelegate.getSwcvLinks(SldAccessServiceDelegate.java:55)
at com.sap.aii.ibrep.gui.workspace.WorkspaceCreatePanel.getSwcvLinksAdapter(WorkspaceCreatePanel.java:520)
at com.sap.aii.ibrep.gui.workspace.WorkspaceCreatePanel.access$000(WorkspaceCreatePanel.java:75)
at com.sap.aii.ibrep.gui.workspace.WorkspaceCreatePanel$4.getResult(WorkspaceCreatePanel.java:449)
at com.sap.aii.utilxi.swing.toolkit.InterruptableProgressDialog$1.construct(InterruptableProgressDialog.java:190)
at com.sap.aii.utilxi.swing.toolkit.SwingWorker$2.run(SwingWorker.java:126)
at java.lang.Thread.run(Unknown Source)
Caused by: com.sap.aii.utilxi.misc.api.BaseRuntimeException: Internal error during bean lookup for bean SldAccessServiceBean
at com.sap.aii.ib.clsif.login.LoginServiceImpl.getHomeInterface(LoginServiceImpl.java:460)
at com.sap.aii.ib.clsif.login.LoginServiceImpl.getBusinessInterface(LoginServiceImpl.java:425)
at com.sap.aii.ib.clsif.gen.BeanAccessHandler.getBean(BeanAccessHandler.java:60)
at com.sap.aii.ib.client.sldAccess.impl.SldAccessServiceDelegate.getBean(SldAccessServiceDelegate.java:79)
at com.sap.aii.ib.client.sldAccess.impl.SldAccessServiceDelegate.getSwcvLinks(SldAccessServiceDelegate.java:49)
... 6 more
Caused by: com.sap.aii.ib.core.ejbutil.HomeFactoryException: Exception during lookup operation of object with name sap.com/com.sap.xi.repository/SldAccessServiceBean, cannot resolve object reference.
at com.sap.aii.ib.clsif.login.EJBHomeFactory.lookUpHome(EJBHomeFactory.java:381)
at com.sap.aii.ib.clsif.login.LoginServiceImpl.getHomeInterface(LoginServiceImpl.java:456)
... 10 more
Caused by: com.sap.engine.services.jndi.persistent.exceptions.NamingException: Exception during lookup operation of object with name sap.com/com.sap.xi.repository/SldAccessServiceBean, cannot resolve object reference.
at com.sap.engine.services.jndi.implclient.ClientContext.lookup(ClientContext.java:528)
at com.sap.engine.services.jndi.implclient.ClientContext.lookup(ClientContext.java:637)
at javax.naming.InitialContext.lookup(Unknown Source)
at com.sap.aii.ib.clsif.login.EJBHomeFactory.lookUpHome(EJBHomeFactory.java:353)
... 11 more
Caused by: javax.naming.NamingException: Error occurs while the EJB Object Factory trying to resolve JNDI reference Reference Class Name:
Type: clientAppName
Content: sap.com/com.sap.xi.repository
Type: interfaceType
Content: remote
Type: home
Content: com.sap.aii.ib.sbeans.sldAccess.SldAccessServiceHome
Type: ejb-link
Content: SldAccessServiceBean
Type: remote
Content: com.sap.aii.ib.sbeans.sldAccess.SldAccessServiceRemote
com.sap.engine.services.jndi.persistent.exceptions.NamingException: Exception while trying to get InitialContext.
at com.sap.engine.services.jndi.InitialContextFactoryImpl.getInitialContext(InitialContextFactoryImpl.java:488)
at javax.naming.spi.NamingManager.getInitialContext(Unknown Source)
at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
at javax.naming.InitialContext.init(Unknown Source)
at javax.naming.InitialContext.<init>(Unknown Source)
at com.sap.engine.services.ejb3.runtime.impl.EJBObjectFactory.getObjectInstance(EJBObjectFactory.java:73)
at com.sap.engine.services.ejb3.runtime.impl.EJBObjectFactory.getObjectInstance(EJBObjectFactory.java:58)
at javax.naming.spi.NamingManager.getObjectInstance(Unknown Source)
at com.sap.engine.services.jndi.implclient.ClientContext.lookup(ClientContext.java:521)
at com.sap.engine.services.jndi.implclient.ClientContext.lookup(ClientContext.java:637)
at javax.naming.InitialContext.lookup(Unknown Source)
at com.sap.aii.ib.clsif.login.EJBHomeFactory.lookUpHome(EJBHomeFactory.java:353)
at com.sap.aii.ib.clsif.login.LoginServiceImpl.getHomeInterface(LoginServiceImpl.java:456)
at com.sap.aii.ib.clsif.login.LoginServiceImpl.getBusinessInterface(LoginServiceImpl.java:425)
at com.sap.aii.ib.clsif.gen.BeanAccessHandler.getBean(BeanAccessHandler.java:60)
at com.sap.aii.ib.client.sldAccess.impl.SldAccessServiceDelegate.getBean(SldAccessServiceDelegate.java:79)
at com.sap.aii.ib.client.sldAccess.impl.SldAccessServiceDelegate.getSwcvLinks(SldAccessServiceDelegate.java:49)
at com.sap.aii.ibrep.gui.workspace.WorkspaceCreatePanel.getSwcvLinksAdapter(WorkspaceCreatePanel.java:520)
at com.sap.aii.ibrep.gui.workspace.WorkspaceCreatePanel.access$000(WorkspaceCreatePanel.java:75)
at com.sap.aii.ibrep.gui.workspace.WorkspaceCreatePanel$4.getResult(WorkspaceCreatePanel.java:449)
at com.sap.aii.utilxi.swing.toolkit.InterruptableProgressDialog$1.construct(InterruptableProgressDialog.java:190)
at com.sap.aii.utilxi.swing.toolkit.SwingWorker$2.run(SwingWorker.java:126)
at java.lang.Thread.run(Unknown Source)
Caused by: java.io.IOException: Can't get Socket. Reason:Connection timed out: connect
at com.sap.engine.interfaces.cross.io.transport.PortManager.getRealSocket(PortManager.java:284)
at com.sap.engine.interfaces.cross.LoadBalancerImpl.getAllAccessPoints(LoadBalancerImpl.java:97)
at com.sap.engine.interfaces.cross.CrossObjectBroker.getDestination(CrossObjectBroker.java:142)
at com.sap.engine.services.jndi.InitialContextFactoryImpl.getInitialContext(InitialContextFactoryImpl.java:347)
at javax.naming.spi.NamingManager.getInitialContext(Unknown Source)
at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
at javax.naming.InitialContext.init(Unknown Source)
at javax.naming.InitialContext.<init>(Unknown Source)
at com.sap.engine.services.ejb3.runtime.impl.EJBObjectFactory.getObjectInstance(EJBObjectFactory.java:73)
at com.sap.engine.services.ejb3.runtime.impl.EJBObjectFactory.getObjectInstance(EJBObjectFactory.java:58)
at javax.naming.spi.NamingManager.getObjectInstance(Unknown Source)
at com.sap.engine.services.jndi.implclient.ClientContext.lookup(ClientContext.java:521)
at com.sap.engine.services.jndi.implclient.ClientContext.lookup(ClientContext.java:637)
at javax.naming.InitialContext.lookup(Unknown Source)
at com.sap.aii.ib.clsif.login.EJBHomeFactory.lookUpHome(EJBHomeFactory.java:353)
at com.sap.aii.ib.clsif.login.LoginServiceImpl.getHomeInterface(LoginServiceImpl.java:456)
at com.sap.aii.ib.clsif.login.LoginServiceImpl.getBusinessInterface(LoginServiceImpl.java:425)
at com.sap.aii.ib.clsif.gen.BeanAccessHandler.getBean(BeanAccessHandler.java:60)
at com.sap.aii.ib.client.sldAccess.impl.SldAccessServiceDelegate.getBean(SldAccessServiceDelegate.java:79)
at com.sap.aii.ib.client.sldAccess.impl.SldAccessServiceDelegate.getSwcvLinks(SldAccessServiceDelegate.java:49)
at com.sap.aii.ibrep.gui.workspace.WorkspaceCreatePanel.getSwcvLinksAdapter(WorkspaceCreatePanel.java:520)
at com.sap.aii.ibrep.gui.workspace.WorkspaceCreatePanel.access$000(WorkspaceCreatePanel.java:75)
at com.sap.aii.ibrep.gui.workspace.WorkspaceCreatePanel$4.getResult(WorkspaceCreatePanel.java:449)
at com.sap.aii.utilxi.swing.toolkit.InterruptableProgressDialog$1.construct(InterruptableProgressDialog.java:190)
at com.sap.aii.utilxi.swing.toolkit.SwingWorker$2.run(SwingWorker.java:126)
at java.lang.Thread.run(Unknown Source)
at com.sap.engine.services.ejb3.runtime.impl.EJBObjectFactory.getObjectInstance(EJBObjectFactory.java:140)
at com.sap.engine.services.ejb3.runtime.impl.EJBObjectFactory.getObjectInstance(EJBObjectFactory.java:58)
at javax.naming.spi.NamingManager.getObjectInstance(Unknown Source)
at com.sap.engine.services.jndi.implclient.ClientContext.lookup(ClientContext.java:521)
... 14 more
Any clues what might be the issue?
thanks in advance,
Regards,
Basker -
RFC Lookup error :No RFC authorization for function module
Hi All,
I have created RFC in the PI system and enabled it as remote. I am working on PI7.1
I have imported RFC into Repository.But when i am trying to execute RFC lookup function in the graphical mapping I am getting No RFC authorization for function module error.
Unhandled RFC exception: <rfc:Z_MAIL_LOOKUP.Exception xmlns:rfc="urn:sap-com:document:sap:rfc:functions"><Name>RFC_ERROR_SYSTEM_FAILURE</Name><Text>No RFC authorization for function module Z_MAIL_LOOKUP.</Text><Message><ID>RFC_ERROR_SYSTEM_FAILURE</ID><Number>341</Number></Message><Attributes><V1>RFC_NO_AUTHORITY</V1></Attributes></rfc:Z_MAIL_LOOKUP.Exception> com.sap.aii.mapping.api.StreamTransformationException: Unhandled RFC exception: <rfc:Z_MAIL_LOOKUP.Exception xmlns:rfc="urn:sap-com:document:sap:rfc:functions"><Name>RFC_ERROR_SYSTEM_FAILURE</Name><Text>No RFC authorization for function module Z_MAIL_LOOKUP.</Text><Message><ID>RFC_ERROR_SYSTEM_FAILURE</ID><Number>341</Number></Message><Attributes><V1>RFC_NO_AUTHORITY</V1></Attributes></rfc:Z_MAIL_LOOKUP.Exception> at com.sap.aii.mappingtool.flib7.RfcLookup.cacheMore(RfcLookup.java:95) at com.sap.aii.mappingtool.tf7.rt.AMultiResIterator$MultiOutIterator.gotoNextContext(AMultiResIterator.java:95) at com.sap.aii.mappingtool.tf7.AMappingProgram.processNode(AMappingProgram.java:315) at com.sap.aii.mappingtool.tf7.AMappingProgram.processNode(AMappingProgram.java:406) at com.sap.aii.mappingtool.tf7.AMappingProgram.start(AMappingProgram.java:496) at com.sap.aii.mappingtool.tf7.Transformer.start(Transformer.java:133) at com.sap.aii.mappingtool.tf7.AMappingProgram.transform(AMappingProgram.java:626) at com.sap.aii.ibrep.server.mapping.exec.ExecuteXiMappingCommand.transformInternal(ExecuteXiMappingCommand.java:197) at com.sap.aii.ibrep.server.mapping.exec.ExecuteXiMappingCommand.execute(ExecuteXiMappingCommand.java:94) at com.sap.aii.ib.server.mapping.exec.CommandManager.execute(CommandManager.java:43) at com.sap.aii.ibrep.server.mapping.ServerMapService.execute(ServerMapService.java:40) at com.sap.aii.ibrep.server.mapping.MapServiceBean.execute(MapServiceBean.java:40) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at com.sap.engine.services.ejb3.runtime.impl.RequestInvocationContext.proceedFinal(RequestInvocationContext.java:43) at com.sap.engine.services.ejb3.runtime.impl.AbstractInvocationContext.proceed(AbstractInvocationContext.java:166) at com.sap.engine.services.ejb3.runtime.impl.Interceptors_StatesTransition.invoke(Interceptors_StatesTransition.java:19) at com.sap.engine.services.ejb3.runtime.impl.AbstractInvocationContext.proceed(AbstractInvocationContext.java:177) at com.sap.engine.services.ejb3.runtime.impl.Interceptors_Resource.invoke(Interceptors_Resource.java:71) at com.sap.engine.services.ejb3.runtime.impl.AbstractInvocationContext.proceed(AbstractInvocationContext.java:177) at com.sap.engine.services.ejb3.runtime.impl.Interceptors_Transaction.doWorkWithAttribute(Interceptors_Transaction.java:38) at com.sap.engine.services.ejb3.runtime.impl.Interceptors_Transaction.invoke(Interceptors_Transaction.java:22) at com.sap.engine.services.ejb3.runtime.impl.AbstractInvocationContext.proceed(AbstractInvocationContext.java:177) at com.sap.engine.services.ejb3.runtime.impl.AbstractInvocationContext.proceed(AbstractInvocationContext.java:189) at com.sap.engine.services.ejb3.runtime.impl.Interceptors_StatelessInstanceGetter.invoke(Interceptors_StatelessInstanceGetter.java:16) at com.sap.engine.services.ejb3.runtime.impl.AbstractInvocationContext.proceed(AbstractInvocationContext.java:177) at com.sap.engine.services.ejb3.runtime.impl.Interceptors_SecurityCheck.invoke(Interceptors_SecurityCheck.java:21) at com.sap.engine.services.ejb3.runtime.impl.AbstractInvocationContext.proceed(AbstractInvocationContext.java:177) at com.sap.engine.services.ejb3.runtime.impl.Interceptors_ExceptionTracer.invoke(Interceptors_ExceptionTracer.java:16) at com.sap.engine.services.ejb3.runtime.impl.AbstractInvocationContext.proceed(AbstractInvocationContext.java:177) at com.sap.engine.services.ejb3.runtime.impl.DefaultInvocationChainsManager.startChain(DefaultInvocationChainsManager.java:133) at com.sap.engine.services.ejb3.runtime.impl.DefaultEJBProxyInvocationHandler.invoke(DefaultEJBProxyInvocationHandler.java:164) at $Proxy1005_10002.execute(Unknown Source) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at com.sap.engine.services.rmi_p4.P4DynamicSkeleton.dispatch(P4DynamicSkeleton.java:234) at com.sap.engine.services.rmi_p4.DispatchImpl._runInternal(DispatchImpl.java:351) at com.sap.engine.services.rmi_p4.server.ServerDispatchImpl.run(ServerDispatchImpl.java:70) at com.sap.engine.services.rmi_p4.P4Message.process(P4Message.java:62) at com.sap.engine.services.rmi_p4.P4Message.execute(P4Message.java:37) at com.sap.engine.services.cross.fca.FCAConnectorImpl.executeRequest(FCAConnectorImpl.java:872) at com.sap.engine.services.rmi_p4.P4Message.process(P4Message.java:53) at com.sap.engine.services.cross.fca.MessageReader.run(MessageReader.java:58) at com.sap.engine.core.thread.execution.Executable.run(Executable.java:108) at com.sap.engine.core.thread.execution.CentralExecutor$SingleThread.run(CentralExecutor.java:304) Runtime exception when processing target-field mapping /ns0:MT_FileDummy/File; root message: Unhandled RFC exception: <rfc:Z_MAIL_LOOKUP.Exception xmlns:rfc="urn:sap-com:document:sap:rfc:functions"><Name>RFC_ERROR_SYSTEM_FAILURE</Name><Text>No RFC authorization for function module Z_MAIL_LOOKUP.</Text><Message><ID>RFC_ERROR_SYSTEM_FAILURE</ID><Number>341</Number></Message><Attributes><V1>RFC_NO_AUTHORITY</V1></Attributes></rfc:Z_MAIL_LOOKUP.Exception>
13:42:37 End of test
Edited by: Rams on Apr 17, 2009 1:43 PMHi! Rams,
I think the issue is related to Authentification Issue..Even though u did correctly please check once the below
1) Check any Typo Erros are there while configuring or giving names in Lookups.
2) please check Authorizations like ID and PWD and Sufficient Roles
3) Also please check did u given paramters correctly while doing RFC look up I mean paramers , Binding parameters and RFC channel name and adapter type or Simple type it must be an adapter
4) In ID part while configuring Interface determinaition you need to give your RFC look Up name there also..Hence check whether u given or not if yes correctly or not
5) Also remember one thing if your scenario is correct mostly you can know the result in mapping itself it seems while testing Message mapping and Interface mappings give your RFC look up paramters in the parameters tab present in TEST tab and later in Document tab give Input...and execute it works if it doesn;t works and if there is an issue with RFC you can get there only..ok
Also go through the below document::
[https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/20befc9a-aa72-2b10-ae9b-b0988791d457]
I hope this will give u brief idea...
Also check with basis while taking SAP_ALL authorization so that first u ill came to know whether issue is related to authentification or RFC module itself remote enabled and also do SXI_CACHE also ocne to refresh ESR and ID objects..
Regards::
Amar Srinivas Eli -
Authorization error in Repository after idle time
Hi all,
I have a problem in ESR where after some idle time I suddenly loose all my authorizations to perform any actions in Repository (sometimes also Directory). I'm even denied the authorization to close objects or the entire ESR altogether.
This happens after I have worked on an object, then leave it for some time (I have yet to find out the exact time). Then when I try to continue working on the object, a window pops up saying "User has no authorization".
Note that I have all necessary roles, and I can perform all the actions when I force-shut the ESR (by killing the ESR-process on OS-level) and log on again. However the objects are locked and I need to remove the lock from the Integration Builder Administration page in order to change the object. This is very annoying!
I have checked the Default Trace when this happens and found that the userID with which I am logged on has for some reason changed to J2EE_GUEST! I am guessing this is the reason I am not allowed to work on the object anymore, as J2EE_GUEST does not have the appropriate authorizations.
The Default Trace shows the following (my real user ID is in this system ERIKEN):
System exception
[EXCEPTION]
javax.ejb.EJBAccessException: Principal: Message buffer:
No messages available.
Transient data:
com.sap.security.core.persistence.imp.PrincipalDatabag Thu Feb 23 16:34:09 CET 2012
UniqueID: USER.R3_DATASOURCE.J2EE_GUEST
Type: USER
Home data source: R3_DATASOURCE
Private id part: J2EE_GUEST
Existence not checked.
"com.sap.security.core.usermanagement"|->"j_authscheme" (no time limit)="anonymous"
Persistent data:
com.sap.security.core.persistence.imp.PrincipalDatabag Thu Feb 23 16:34:09 CET 2012
UniqueID: USER.R3_DATASOURCE.J2EE_GUEST
Type: USER
Home data source: R3_DATASOURCE
Private id part: J2EE_GUEST
Principal exists.
Direct parents:
GRUP: GRUP.R3_ROLE_DS.SAP_J2EE_GUEST
GRUP.SUPER_GROUPS_DATASOURCE.EVERYONE
GRUP.SUPER_GROUPS_DATASOURCE.Anonymous Users
ROLE:
Why does this happen?
More importantly, how can I fix it?
This happens in different systems, on different releases, but this particular system is PI 7.11 - SP08. Java version is 1.6.0_29.
Appreciate any hints!
Regards,
KennethDear Kenneth
Solution in this note: 1622692 - PI ESR: No authorization for this action
Please check
Regards
Sourabh -
Pisuper Authorization error, I can't logged with any user on Int Builder
Hi SAP Guru's ,
Please help me as i new in SAP XI . I am unable to logged on in Integration Builder with any user i tried pisuper, sapuser but still got the same error "Authorization error, unknown username or password" . I check with T-Codo SU01 but pisuper does not exist so i create one user and assign him SAP_XI_Developer , SAP_XI_Configuration etc but still i am unable to login so kindly requesting you to please help me as quickly as possible.
even though i am unable to logged on user management with any user. PLease tell me the step by step configuration of how to setup each and every part of XI.check with naveen's reply
XI 7.0 - Authorization error; unknown username or incorrect password
Also visit the blog
Unable to open IR/ESR/ID ? (XI/PI/PI 7.1) [Updated for PI 7.1 support] -
Insufficient authorization to import software component version from SLD
hi guru
i can not import software component version from SLD into ESR. once the software component version has been chosen, a message will be displayed, Insufficient authorization to create object ElementTypeId: 0, Name: SALES, Vendor: sap, Version: 1.0, GUID: 32e93300b3e511decc06ecae0a421877, after CREATE button has been clicked.
any ideas? thanks
Edited by: Stephen Xue on Oct 8, 2009 12:00 PMHi Stephen,
If you want to create the SWCV and import that SWCV to the IR/ESR then your user having either one of the below roles.
SAP_XI_ADMINISTRATOR
SAP_XI_CONTENT_ORGANIZER
Go to transaction SU01 and give your user name and click on display.
Now click on Roles tab, here you check the above roles are appearing or not, if not then you don't have privilizes to do that things.
If you don't have that credentials then contact your BASIS guy.
FYI
http://www.erpgenie.com/sap/netweaver/xi/xiauthorizations.htm
Regards
Ramesh -
How to provide user authorization in PI objects
Hi experts,
I am working in PI 7.1, I wanted to know that if there is any way to control the access to PI objects developed in ESR & ID.
For example in my project team there are 3 team members and suppose I've developed some objects in ESR, say I have developed a Data type and for security reasons I wanted that the other two members of my team team can not edit/change that data type, So is there any way to do that in PI 7.1.
I have also tried to provide the authorization based on the userID, but it won't worked.
please suggest me, how it can be done or is it posible in PI.
As well as please suggest me what type of security can I provide to PI objects developed by an user.
Thanks,
NitinCheck this related post: Re: reg:Acess to Software Component version
A link reference is given to an elearning material...have a look at it.
Regards,
Abhishek. -
Open and close posting period authorization control TCODE: S_ALR_87003642
HI All,
Is there any chance to control the user to open and close another company code posting period variant in TCODE: S_ALR_87003642.
In our system we are using the same client for different countries. So user can able to change the other country company code posting periods.
We would like to control either on the country (or) organizational unit(company code) (or) posting period variant so that user can only open/close their country / company code posting periods.
Our present authorization role for open and close posting period contain the auth.Obj. : S_TABU_DIS.
Please share your knowledge if you come across this problem..
Thanks in advance..Hey Sandhya,
Congratz, this can be done using linbe item authorization with the object S_TABU_LIN.
Field ORG_CRIT - Value 02
Field ORG_FIeld1 - Value ZT001B
We have successfully done it in our client.
You need to contact your BASIS consultant for this.
Thanks,
Nitish -
Analysis Authorization in BO 4.0 Webi report
Hi All,
I am using BO 4.0 and creating connection from Information Design tool to a BW query using BICS client. This connection is then published to CMC.
We are using SAP authentication and importing the roles from BW system. We have added profiles to this role and these profiles have Analysis Authorization set on Company Code. So one user can access data to one company code and vice versa. Now this works well in Bex Analyzer, but if I try to create a report in Webi, the analysis authorization fails. I went through the forum before posting this question and I found that is in 3.1 version and in most cases using SSO in universe connection solved the problem.
However in 4.0 I am using BICS client and followed the same processes to create a connection but for some reason it doesn't work ? Is this suppose to work differently in 4.0 ?
I have tried:
1. To create connection in Information Design tool using SSO, selecting user ID and password. It doesn't work.
2. Checked the Bex query and it already has Company code as a Characteristic restrictions (I have made it a mandatory variable).
3. Publish the connection to CMC with my Enterprise and SAP ID and in both cases it doesn't work.
Please let me know if anyone encountered a similar issue and what is the best method to resolve this.
(BO 4.0 no service pack or fix pack installed on the system yet)
Thanks - Appreciate your help !
Prasad RasamIngo,
1. To create connection in Information Design tool using SSO, selecting user ID and password. It doesn't work.
>> Correct you need to setup you OLAP Connection with SSO.
>>> What I meant was I created the connections using both the methods, Using SSO it allows me to create a connection. The ID which I am using to create a connection has Admin access to BOBJ system. When I login as a regular user to create a Webi report and select this new connection, it throws an error message 'The DSL Service returned an error: com.businessobjects.dsl.services.workspace.impl.QueryViewAnalyzer$CannotGetCubeFromConnectionException: Cannot get the cube from the connection'
Using the other method to create a connection with User ID and password, I can create a connection and with the normal user login I can connect to the BW query but Analysis Authorization doesn't work.
Ingo : Could you be more specific what you mean here with the different users ? When you say "regular" user are you referring to an SAP credentials or SAP BusinessObjects Enteprrise credentials ?
2. Checked the Bex query and it already has Company code as a Characteristic restrictions (I have made it a mandatory variable).
>> The variable in the BEx query needs to be an authorization variable.
>>> This has already been set as Authorization variable. There is still a question here. If I select the variable as Authorization variable, I cannot set the other parameters in the query properties such as Mandatory variable (as this is greyed out).
Ingo : What other parameters would you like to configure ? Could you perhaps describe the scenario with more details ?
regards
Ingo Hilgefort
Maybe you are looking for
-
How-to move objects (users) from one ou to another using Powershell and an XLSX
Hi all, I have a spreadsheet that has headers. I need to move all of the objects on this exception report to the proper OU (all going to the same OU). The header that validates the need to move is called "Display Name". The process now is as follows.
-
My ihone 2g suddenly could not recognized by windows xp???
i have iphone 2g. suddenly 1 week ago it could not recognized by windows xp.my other aaple device work properly on same wondows.what can i do for iphone 2g?
-
Transfer from Adobe Photoshop Elements 6 on Windows XP to Adobe Photoshop Elements 12 on the Mac.
I want to transfer from Adobe Photoshop Elements 6 on Windows XP to Adobe Photoshop Elements 12 on the Mac. My problem is I have lost my catalog and Windows XP. I need help. I have installed the newest Mac version of Adobe Photoshop Elements 12 (PSE
-
Not sure where to post this, but monitors seems like the right spot. I have a Samsung LCD monitor connected to my powermac G4. I was trying to adjust the view setting on a game I was playing and it reset the whole monitor settings. Don't recall just
-
How does one MAKE a LIBRARY for GARAGE BAND to IMPORT?
I have been looking for some kind of SDK that would allow the creation of a library for GB and allow the sharing of libraries that multiple production teams can use.