BPM user role access

Similar Messages

• How can I see which roles or users have access to a table?

  How can I see which roles or users have access to a table?
  For a given table, how can I see the grants, who and what?
  Many thanks

  dba_tab_privs.
  Grantee can be a role or an user, as roles are fake users.
  Sybrand Bakker
  Senior Oracle DBA

• Pull User Role from identity manager in BPM process

  Hi,
  How can I pull user name, user role from different identity manager in order to configure hierarchy workflow in BPM process? can any one guide me on that??
  Regards,
  Amik

  I'm having the same problem on WebLogic 10.3

• ABAP User Roles and Query for accessing particular T- codes and Reports

  dear Gurus
  I have one problem, i want to know about ABAP User Query ,i have one requirement my user wants to Lock all the HR Std versus Customized reports in T- code SQ01,other department peoples also see the Payslips and Hr personal reports which is harmfull to the dept so i want to Lock all the reports in Std T- code in SQ01 and i have created one Customized User Roles or Query in which the T-codes and Reports are assigned only those particular user can access the T-codes and Std reports .how can it be possible i dont have any idea about user roles and Queries .
  kindly help me out or send me some documents related to user roles and queries
  regards ritesh sharma

  Hi Ritesh,
  https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/103cafc2-7a64-2b10-14b3-eddb7d324561
  Regards,
  Flavya

• User role to access configuration management in NWA

  Hi,
  What USER role is required to create the destination information in configuration management in NWA. When I access NWA, I only have access to SOA management which has only Monitoring tools with role SOA technical ADmin.
  I need this to convert IDOC XML to flat file.
  thanks
  Prashanth

  Hi Prasanth,
  I am not sure about the exact role but, the ABAP role "SAP_NWA_FULL" & Java role "NWA_SUPERADMIN" will certainly help. This is the role that i had when i was trying a similar scenario.
  Please take a look at the following link which might be helpful:
  http://help.sap.com/saphelp_nwpi71/helpdata/en/45/c7ca8e89e45592e10000000a1553f7/content.htm
  You can infact ask your Basis team to help you out with this.
  I hope this helps.
  Regards, Gaurav.
  Edited by: Kumar Gaurav on Nov 9, 2010 5:57 AM

• Database design for Role/User based access to the application..

  We want to implement Role/User based access to the application.
  Can anyone tell me whats the optimized way of storing the data {User, Role, Access_Type etc} in the database.. The Roles might get added in the future so i dont want to maintain a single table to map User-Access_Type..
  Access_Type -->
  AT_1 | AT_2 |AT_N |
  ------- |------- |------- -|------|
  User_1 | | | |
  ------- |------- |--------|------ |
  User_2 | | | |
  ------- |------ -|--------|------ |
  I want to maintain a table which will map user with the Access_Type, which should be mainatained in a different table..
  Any help would be highly appreciated..
  Thanks in Advacnce,
  Shridhar..

  You find your answer here:
  http://jakarta.apache.org/tomcat/tomcat-5.0-doc/realm-howto.html

• How do I see the users/roles which have quota access to a Tablespace?

  How do I see the users/roles which have quota access to a Tablespace?
  Thanks

  Thank you very much.
  select username from dba_ts_quotas where tablespace_name='&tablespacename';
  did the job!
  regards

• What role needs to be assigned to the user to access existing custom OData services?

  Hi all,
  What role needs to be assigned to the user to access existing custom OData services?
  With SAP ALL its working. But cannot assign that to all users. Whats the specific role for this?
  I tried with /IWFND/RT_GW_USER. But it says the role does not exist.
  Thank you,
  Achu

  Hi,
  As usual you need to build a role by yourself based on your requirements. In case of Odata services there are two different TADIR services that needs to be added. One corresponds to authorization to execute logic on backend server and the other one to access service on front end server. You can get specific services by tracing one call using ST01. For Fiori apps from SAP you get role templates. You can use them for inspiration.
  Cheers

• Access ejb-jar.xml progrmmatically for viewing the  user roles and methods

  We are using Weblogic 8.1 sp 4 (jdk 1.4.2). Is there any way within our application where we can display all the methods a user can access and all the roles available within ejb-jar.xml ?
  Thanks in Advance
  DRG

  Local interfaces are for communication between ejbs and their clients when both are in the same JVM. The clients can be normal clients, jsps, servlets, and other ejbs. If the client is not in the same JVM you cannot use local interfaces even though your client is another ejb.
  Advantage of using local interface is it reduces the network overhead.
  For more information you can download Mastering Enterprise Java Beans Third Edition by Ed Roman. You can go through 45
  You can download pdf version from.
  http://www.theserverside.com/books/wiley/masteringEJB/index.tss.
  Let me know the URL of the ejb doc that you referred.
  Thanks..

• Query user roles and access

  hi,
  How can query user roles and access in whole database? I want to list username, status, rights, and role
  thanks
  P

  Hi,
  The data dictionary view dba_users has one row per user.
  The data dictionary view dab_role_privs has one row for every distinct combination of user and role that actually occurs ion your database,
  Are you interested in system privileges? See dba_sys_privs.
  Are you interested in individual grants, like the privilege to UPDATE a given table, or the privilege to execute a given stored procedure? See dba_tab_privs. (Don't be fooled by the name; it's not just for tables.)
  I hope this answers your question.
  If not, post some CREATE statements, that create tables, roles, and whatever else you want, and some GRANT statmeents that grant privileges on those objects. Pos the results that you would want to get from those objects and grants.

• Access User Roles

  Hi,
  Can I access user roles by using the following code and if so, then how do I retrieve the role information from the iterator.
  //This is code for getting Username and role.
  IWDClientUser user1 = WDClientUser.forceLoggedInClientUser();
  IUser user2 = user1.getSAPUser();
       try{
            if (user2 != null) { IUserAccount[] acct = user2.getUserAccounts();
            if(acct[0] != null)
                String strUserid = acct[0].getLogonUid();
                 wdComponentAPI.getMessageManager().reportSuccess("name"+strUserid);
                 Iterator it = acct[0].getRoles(true);
       catch (UMException e) {
            wdComponentAPI.getMessageManager().reportSuccess(e.toString());
  Thanks,
  Jay

  Hi
    This should help you.
  //Get Role Information
    if (it.hasNext()) {
      IRoleFactory rfact = UMFactory.getRoleFactory();
      while (it.hasNext()) {
          String roleName = (String) it.next();
          IRole role = null;
          try {
              role = rfact.getRole(roleName);
              wdComponentAPI.getMessageManager().reportSuccess("Role:" + roleName 
              + "Display Name:"    + role.getDisplayName()
              + "ID: " + role.getUniqueID()
              + "Uniquename: " + role.getUniqueName()
              + "Description: " + role.getDescription());
          } catch (UMException e) {
          wdComponentAPI.getMessageManager.reportException("error: " + e.getLocalizedMessage(),true);
  regards
  ravi

• BPM Application: Task access related issue

  Hi Gurus,
  I have one secure (using ADF security) Application(Simple ADF Application), which will write data in XML format into a JMS Queue.After login to application,user can use that functionality. Then that message is fetched by one BPM Application and creates one task against a BPM user. This two applications are working fine upto this level, but after login to BPM workspace using BPM user , I am not able to see the task details(but in inbox task is reflected) after clicking on the task instance and I am getting error message like this :
  ======================================================================================================
  javax.servlet.ServletException: Can not access the task details of jcooper using logged in user Sharmistha
       at oracle.bpel.services.workflow.client.worklist.util.WorkflowFilter.doFilter(WorkflowFilter.java:201)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
       at oracle.adf.library.webapp.LibraryFilter.doFilter(LibraryFilter.java:176)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
       at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:111)
       at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
       at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:413)
       at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:94)
       at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:161)
       at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
       at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:136)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
       at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
       at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
       at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
       at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
       at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
       at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
       at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
  ======================================================================================================
  Task owner bpm:getPerformer() is not found in application OracleBPMProcessRolesApp and realm jazn.com. This task is associated with task definition default/DemoApplicationBP!1.0/InitiateEnquiry.
  Either set a seeded owner or seed this owner who is not found.
  ORABPEL-30080
  Task owner role not seeded.
  Task owner bpm:getPerformer() is not found in application OracleBPMProcessRolesApp and realm jazn.com. This task is associated with task definition default/CustomerConnectionBP!1.0/InitiateEnquiry.
  Either set a seeded owner or seed this owner who is not found.
       at oracle.bpel.services.workflow.task.impl.TaskService.initiateTask(TaskService.java:1550)
       at oracle.bpel.services.workflow.task.impl.TaskService.initiateTask(TaskService.java:666)
       at oracle.bpel.services.workflow.task.impl.TaskService.initiateTask(TaskService.java:614)
  ======================================================================================================
  where jcooper is the BPM user and Sharmistha is user of the secured application.
  I tried to add BPM users in the secured application , but that does not work. (it is mandatory that BPM user and Secured Application's user should be different)
  How to resolve this type of problem. any type of suggestion on this would be helpful.
  Thanks is Advance
  Sharmistha

  Hi, -CHS,
  i have a query regarding the code snippet.
  FacesContext facesContext = FacesContext.getCurrentInstance();
  org.apache.myfaces.trinidad.render.ExtendedRenderKitService service =org.apache.myfaces.trinidad.util.Service.getRenderKitService(facesContext, ExtendedRenderKitService.class);
  service.addScript(facesContext, "window.close();window.opener.location.href = window.opener.location.href;");
  If a create a button in my only JSF page in a simple ADF application and use this code snippet for that button action, then will it help to close the page?
  And yeah, here i have created a bounded task flow with a wild card and task return activity and added my JSF page in the taskflow. But now it is not closing my page on the button click.
  Can you tell me if i am doing any wrong?
  Please reply.
  Edited by: Ross Mi Ron John on Jul 27, 2011 5:46 AM

• User cannot access

  hi,
  i  am new to this forum,i have one doubt,
  user cannot access one authorization field , how can i analysis this issue, i know su 53 for find the authorization field...but user have 100 roles... how can i find the which role and object...plz help me..

  Hi Hassan,
  This is not the correct category. This message should be opened under security item. However, you can find the whole required authorization objects list, by using ST01 trace.
  Best regards,
  Orkun Gedik

• How can I add a user Role member that is from a different domain

  We are currently building out SCOM 2012 R2 to provide monitoring as a service to some of our customers.  As of now we have the RMS on our own department's domain (Domain A) which we have full control of and we have a gateway server that is on the company
  wide domain (Domain B) so that we can monitor other departments devices as the leverage this system.
  Monitoring is working just fine on both domains and we are just working on fine tuning SCOM so that we can roll it out as a service we offer to our customers.  One of the next steps we are working on before rolling it out is giving specific users access
  to view only their own devices, dashboards, and groups.  So I created a Read-Only profile and went to add a user to test it out, but that user is on Domain B and SCOM is unable to resolve this account.  I'm seeing Event ID 26319 with Error Code 1332.
  How can I get SCOM to discover devices on a different domain so that I can give them different permissions for accessing the Operations Console and/or Web Console?  Is this possible?
  Here is the Error I'm seeing.
  Log Name:      Operations Manager
  Source:        OpsMgr SDK Service
  Date:          2/4/2015 1:11:59 PM
  Event ID:      26319
  Task Category: None
  Level:         Error
  Keywords:      Classic
  User:          N/A
  Computer:      xxxxx.xxxx.xxxxxxxx.xxx
  Description:
  An exception was thrown while processing UpsertUserRolesV2 for session ID uuid:f3b4015e-9583-4237-b7a6-406826434553;id=40.
   Exception message: The creator of this fault did not specify a Reason.
   Full Exception: System.ServiceModel.FaultException`1[Microsoft.EnterpriseManagement.Common.UserRoleUserUnresolvedException]: The creator of this fault did not specify a Reason. (Fault Detail is equal to Microsoft.EnterpriseManagement.Common.UserRoleUserUnresolvedException:
  Unable to resolve the user [email protected] associated with the user role. Error code 1332. Check your active directory configuration.).
  Event Xml:
  <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    <System>
      <Provider Name="OpsMgr SDK Service" />
      <EventID Qualifiers="49152">26319</EventID>
      <Level>2</Level>
      <Task>0</Task>
      <Keywords>0x80000000000000</Keywords>
      <TimeCreated SystemTime="2015-02-04T21:11:59.000000000Z" />
      <EventRecordID>172748</EventRecordID>
      <Channel>Operations Manager</Channel>
      <Computer>xxxxx.xxxx.xxxxxxxx.xxx</Computer>
      <Security />
    </System>
    <EventData>
      <Data>UpsertUserRolesV2</Data>
      <Data>uuid:f3b4015e-9583-4237-b7a6-406826434553;id=40</Data>
      <Data>The creator of this fault did not specify a Reason.</Data>
      <Data>System.ServiceModel.FaultException`1[Microsoft.EnterpriseManagement.Common.UserRoleUserUnresolvedException]: The creator of this fault did not specify a Reason. (Fault Detail is equal to Microsoft.EnterpriseManagement.Common.UserRoleUserUnresolvedException:
  Unable to resolve the user [email protected]  associated with the user role. Error code 1332. Check your active directory configuration.).</Data>
    </EventData>
  </Event>
  Thanks for any help I can get in resolving this issue.
  Jake

  The SCOM Management Server is in Domain A.  I've tried it already and it has failed.  
  So just to clarify the method I used was to go to Administration>Security>User Roles.  Then New User Role>Read-Only Operator.  In the Create User Role Wizard I then gave the User Role a name, Clicked "Add" under User Role Members.
   Then the Select Users or Groups window pops up and I changed the Locations from Domain A to Domain B and searched for the user, which it's able to find, then clicked "OK" to add it to the User Role members which it does just fine.  On
  the next page which is Group Scope I checked the one group I want this account to have access to and then click next.  This brings me to Dashboards and Views where I click the radio button for "Only the dashboards and views selected in each tab are
  approved" and chose the folder of dashboards I want this account to access and then click next.  This brings me to the Summary and I click "Create".  At this point it thinks for a moment then closes out the wizard but the new Read-Only
  Operator does not appear.  I then look in Event Viewer and see the Event I pasted above.
  Am I doing something wrong here?  Any guidance on how to get around this issue would be much appreciated.
  Thanks,
  Jake

• How can I check if an user has access to an url within my web app?

  Hi,
  I have a web application where I allow the users to set their startup page by presenting them a list of startup pages. However, some startup pages can accessed only by certain users, so I want to present the user only those pages the user has access to.
  How can I do this with weblogic?
  One way is to read the web.xml file and determine the roles that have access to the page, then check whether the user has any of those roles.
  Is there a better way eventually using some weblogic api?
  Thanks

  Just for the record, I decided to parse the web.xml file and to simulate whatever the container does.