Check current report user security inside CLR code
Hi,
I am writing a CLR stored procedure which will be invoked via a SSRS report.This SP will call a web service to fetch secure data. As this data is critical, we are implementing many security measures, one of the measure is to check inside CLR assembly,whether
current report user is a part of an AD group (only this group will have access to read secure data) or not before I call web service .
I am not sure if there is a way to check individual users inside CLR code . Any suggestion /input is appreciated.
Thanks!
Gaur
Hi Gaur,
Since this issue is related to Common Language Runtime (CLR), I will move this thread to .NET Framework forum. Sometime delay might be expected from the job transferring. Your patience is greatly appreciated.
Thank you for your understanding and support.
Regards,
Katherine Xiong
Katherine Xiong
TechNet Community Support
Similar Messages
-
Returning User Password in Java code for custom reports
Hi I'm doing a custom report and for the life of me I can't seem to find the password field in the database. :(
Anyways I'm thinking maybe I can use java code to return the password and then using the decrypt password function. Could someone please shed some light on this!!!
Note: I need to return the User password using java code and not XPRESS code. It would be best if someone either shows me how you can get the password using a java method or tell me where the User password is stored as I'm going crazy trying to find it in the DB!!!
Thanks in advance!!!well... not sure what your Java code does. But if you can get the WSUser object for each user, you could call getPassword on the object to get the user's password
-
Business rules for check current date and session user
MDS 2012
Hi All! How to make validation business rules:
1. date < GETDATE()
2. current session user is UserName(), where UserName() - system function like in MS Analysis Services
from Moscow with LoveThere is no way to create this with a Business Rule, you have to write a custom workflow or SQL nightly job or something to update your fields.
Ok people start screaming.
"solution" if you want to call it that. USE AT YOUR OWN RISK, try in dev first :)
1. Create an Attribute / Column in your Entity and call it Today or something.
2. Go to Business Rules and create a dummy rule where you are setting this attribute (unconditionally with no Condition)
Today equals 1/1/2000 or something.
3. Go to tblBRItem find this BR and etin ItemSQL from N'1/1/2000' to GETDATE()
now you have Todays Date field...
OK NEVER MIND, I've tried it and it works, the problem is that tblBRItems gets updated via a stored proc and will overwrite your entry.
One can modify the code there as well but I don't have time to play with it unfortunately, as at that time you have to pass some token in to identify some values as your own special commands ... Either way this becomes messy and not a way to go. -
How to retrieve the current User using PL_/SQL code?
Hi,
How can find the current logged user within a Dynamic Page using PL/SQL code?
Thanks.Hi,
There is a function wwctx_api.get_user which returns the logged in user. You can use this in your plsql code.
Thanks,
Sharmila -
Using the SDK to check if user security role membership
Is there any way to check if a user is in a particular security role using the SDK?
I ask because I am considering adding a web based ticket search by ID/key word look-up web service since this function is not part of the Self-Service Portal. I am looking into what it takes to maintain the system's security model or at least limit
the information given to the users. I am thinking that affected users might get some ability to modify their tickets.
I've already built a web portal hosting complex forms for several of our teams where the Self-Service Portal was too limited to collect necessary information. The forms portal already uses the SDK to submit work items directly into Service Manager.
This would be a welcome extension of the web site's capabilities.Hi,
You may try powershell, here are two PowerShell scripts that use
SMLets to reveal interesting information about user roles in SCSM, please refer to it:
https://gallery.technet.microsoft.com/Service-Manager-SCSM-User-ebcdfcd6
Regards,
Yan Li
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected] -
Check current user exist people or group column
How to check current logged in user name already exist in people or group column of share-point custom list 2013 using c#?
Note: People or group column contains multiple items.
Thanks in advanceYou can use javascript to get current user and then perform vlookup on the field
Current use
function CallClientOM()
var context = new SP.ClientContext.get_current();
this.website = context.get_web();
this.currentUser = website.get_currentUser();
context.load(currentUser);
context.executeQueryAsync(Function.createDelegate(this, this.onQuerySucceeded), Function.createDelegate(this, this.onQueryFailed));
function onQuerySucceeded(sender, args)
alert(currentUser.get_loginName());
function onQueryFailed(sender, args)
alert('request failed ' + args.get_message() + '\n'+ args.get_stackTrace());
http://spjsblog.com/2010/03/18/vlookup-type-rollup-for-sharepoint/
If this helped you resolve your issue, please mark it Answered -
Project Server User Security + Custom SSRS Reports Project List Parameter
Hello, below is the issue / challenge scenario:
I'mnt. We have to remove the smaller chunk of queries that are hitting the published database to get the user security permissions. I'm using custom SSRS reports that are pulling data from Reporting database and other custom financial SQL DB's. I need to
figure out a solution to get the list of accessible projects for a particluar user using PSI. I did find this technet article that addresses my issue in a way
http : // technet . microsoft . com/en-us/office/ee862408(v=office.14).aspx#pj2007_ta_SecurityInReports_DevelopingThePsiProxiesClassLibrary
the above solution means that I need to change many of my existing report queries (going to published DB)
Is there a simpler way to maintain a table that I can populate with the Project GUID's, name , user id, name using PSI? I can then refer the existing SQL's procs, TVF's to point to this table instaed of going to the published DB (unsupported method)
Any help/ direction is greatly appreciated
thanks,
SGHello,
The ReadProjectStatus PSI method defaults to Project for the Project Type, the value is 0. If you want other project types is gets slightly more complicated as you have to have multiple data sets for the ReadProjectStatus call, one for each project type
- each time specifying the default projType. For example for Projects (0) the query is:
<Query>
<Method Namespace="http://schemas.microsoft.com/office/project/server/webservices/Project/" Name="ReadProjectStatus">
<Parameters>
<Parameter Name="projType"><DefaultValue>0</DefaultValue></Parameter>
</Parameters>
</Method>
<SoapAction>http://schemas.microsoft.com/office/project/server/webservices/Project/ReadProjectStatus</SoapAction>
<ElementPath IgnoreNamespaces="true">ReadProjectStatusResponse/ReadProjectStatusResult/diffgram/ProjectDataSet/Project{PROJ_NAME,PROJ_UID,PROJ_TYPE}</ElementPath>
</Query>
For sub projects (5) it is:
<Query>
<Method Namespace="http://schemas.microsoft.com/office/project/server/webservices/Project/" Name="ReadProjectStatus">
<Parameters>
<Parameter Name="projType"><DefaultValue>5</DefaultValue></Parameter>
</Parameters>
</Method>
<SoapAction>http://schemas.microsoft.com/office/project/server/webservices/Project/ReadProjectStatus</SoapAction>
<ElementPath IgnoreNamespaces="true">ReadProjectStatusResponse/ReadProjectStatusResult/diffgram/ProjectDataSet/Project{PROJ_NAME,PROJ_UID,PROJ_TYPE}</ElementPath>
</Query>
You have to repeat this for all project types you want to include, create a hidden parameter for each project type then create a parameter to join them up and use the combined parameter to filter the data sets that get the data from the Reporting
database.
For other parameters in the ReadProjectStatus method see:
http://msdn.microsoft.com/en-us/library/gg210536(v=office.15).aspx
Paul
Paul Mather | Twitter |
http://pwmather.wordpress.com | CPS -
Infopath - Get information about direct reports users without code
Hi, Is it possible to do this?
Thanks in advance!Hi Hemendra,
he needs to get direct reports users field to figure out if current user have anyone reporting to him, which as a field if NOT null then current user is a manager to someone.
unfortunately direct reports users OOTB can't be retrived by UserProfileService, where only the following user data are retrivable:
UserProfile_GUID
FirstName
LastName
PreferredName
WorkPhone
AccountName
Department
Title
Manager
AboutMe
Office
PersonalSpace
PictureURL
UserName
QuickLinks
WebSite
PublicSiteRedirect
SPS-Dotted-line
SPS-Peers
SPS-Responsibility
SPS-Skills
SPS-PastProjects
SPS-Interests
SPS-School
SPS-SipAddress
SPS-Birthday
SPS-MySiteUpgrade
SPS-DontSuggestList
SPS-ProxyAddresses
SPS-HireDate
SPS-LastColleagueAdded
SPS-OWAUrl
SPS-ResourceAccountName
SPS-MasterAccountName
Assistant
WorkEmail
CellPhone
Fax
HomePhone
hope this helps
If a reply helps you Vote As Helpful, if a reply solves your problem don't forget to Mark As Answer. Aabed Yassine. -
Check java on users PC and give message
The following code has been written with Java 1.4 and works great, but if a user has Java 1.3 they get an error message and if a user has Java 1.2 nothing happens at all. Is there a way to check if the user is using a version older than 1.4 and if so pop up a message telling them they need to download a newer version of Java?
import java.awt.*;
import javax.swing.*;
import java.awt.event.*;
import java.util.List;
import java.io.*;
import java.util.*;
import javax.xml.parsers.*;
import javax.xml.transform.*;
import javax.xml.transform.dom.*;
import javax.xml.transform.stream.*;
import org.w3c.dom.*;
public class Sametime extends JFrame implements ActionListener {
private int indentation = -1;
JPanel panel = new JPanel();
JTextArea jta = new JTextArea(
//Instructions for user
"For a successful buddy list migration do the following:\n"
+ "1. Save your current Sametime Buddy List to your PC.\n "
+ "The default location should be: C:/Program Files/Lotus/Sametime Client.\n"
+ " A. Open the Sametime Client.\n"
+ " B. Click on People\n"
+ " C. Click on Save List.\n"
+ " D. Save as your first.last.dat\n"
+ " Ex. john.doe.dat\n"
+ "NOTE: If you have AOL contacts in your Sametime buddy list they will not be migrated.\n");
JButton browse = new JButton("Continue");
JButton exit = new JButton("Exit");
public Sametime() {
super("Sametime Buddy List Migration");
setSize(610, 245);
Container c = this.getContentPane();
c.add(panel);
browse.addActionListener(this);
exit.addActionListener(this);
panel.add(jta);
panel.add(browse);
panel.add(exit);
jta.setEditable(false);
setLookAndFeel();
setVisible(true);
setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
} //end Sametime
public class DATFilter extends javax.swing.filechooser.FileFilter {
public boolean accept(File f) {
//if it is a directory -- we want to show it so return true.
if (f.isDirectory())
return true;
String extension = getExtension(f);//get the extension of the file
//check to see if the extension is equal to "dat"
if ((extension.equals("dat")))
return true;
//default -- fall through. False is return on all
//occasions except:
//a) the file is a directory
//b) the file's extension is what we are looking for.
return false;
}//end accept
public String getDescription() {
return "dat files";
}//end getDescription
* Method to get the extension of the file, in lowercase
private String getExtension(File f) {
String s = f.getName();
int i = s.lastIndexOf('.');
if (i > 0 && i < s.length() - 1)
return s.substring(i+1).toLowerCase();
return "";
}//end getExtension
}//end class DATFilter
public void actionPerformed(ActionEvent e) {
//Default Location for JFileChooser search
String error = "The file selected is not a .dat file!\n"
+ "Please select your recently saved .dat file and try again.";
JFileChooser fc = new JFileChooser("/Program Files/Lotus/Sametime Client");
fc.setFileFilter(new DATFilter());
fc.setFileSelectionMode( JFileChooser.FILES_ONLY);
String user = System.getProperty("user.name");// finds who the current user is
if (e.getSource() == browse) {
int returnVal = fc.showSaveDialog(Sametime.this);
if (returnVal == JFileChooser.APPROVE_OPTION) {
//if (fc.getSelectedFile().getName().equals(".dat")){
if (fc.getSelectedFile().getName().endsWith(".dat")){ // checks to see if selected file is .dat
}else{
JOptionPane.showMessageDialog(null, error, "Wrong File", JOptionPane.ERROR_MESSAGE);
return;
}//end else
try {
String[] contactArray = parseDatFile(fc.getSelectedFile());
Document document = createXMLDocument(contactArray);
saveToXMLFile(
document,
new File(
"C:/Documents and Settings/" + user +"/My Documents/OLCS/",// looks for directory for list
"contacts-list_migration.ctt"));
} catch (Exception exc) {
File f = new File("C:/Documents and Settings/" + user +"/My Documents/OLCS/");// setting directory for list if not there
boolean yes = true;
yes = f.mkdir();// creating directory
try {
String[] contactArray = parseDatFile(fc.getSelectedFile());
Document document = createXMLDocument(contactArray);
saveToXMLFile(
document,
new File(
"C:/Documents and Settings/" + user +"/My Documents/OLCS/",// used only if the directory didn't exist
"contacts-list_migration.ctt"));
//exc.printStackTrace();// not sure if this is needed?
} catch (Exception exc1) {
exc1.printStackTrace();
}//end inner catch
}// end catch
}// end if
if(returnVal==JFileChooser.CANCEL_OPTION){
String Warning = "You did not migrate your Sametime buddy list at this time.";
JOptionPane.showMessageDialog(null, Warning, "Migration Canceled", JOptionPane.WARNING_MESSAGE);
return;
}else{
String thankyou = "Thank You for Migrating your Sametime buddy list to OLCS"
+ "\nYour new OLCS buddy list has been saved to:"
+ "\nC:/Documents and Settings/" + user +"/My Documents/OLCS"
+ "\n as: Contact-List_migration.ctt"
+ "\n\n To be able to use Contact-List_migration.ctt for Windows Messenger:"
+ "\n1. Log into Windows Messenger."
+ "\n2. Click on File"
+ "\n3. Click on 'Import Contacts from a Saved File...'"
+ "\n4. Open OLCS in My Documents"
+ "\n5. Click on 'Contact-list_migration.ctt'"
+ "\n6. Click Open to import the list."
+ "\n A window will pop up confirming that you want to add all of the contacts"
+ "\n Click 'yes'"
+ "\n Your buddy list is ready to be used.";
JOptionPane.showMessageDialog(null, thankyou, "Migration Completed", JOptionPane.INFORMATION_MESSAGE);//Change this when defualt directory is known.
}//end if else statement
} //end if
System.exit( 0 );
if (e.getSource() == exit) {
System.exit( 0 );
} //end if
} //end actionPerformed
String[] parseDatFile(File datFile)
throws Exception {
List list = new ArrayList();
BufferedReader br = new BufferedReader(new FileReader(datFile));
String line;
while ((line = br.readLine()) != null) {
line = line.trim();
if (line.indexOf("U") != 0)
continue;
int p = line.indexOf("::");
if (p == -1)
continue;
line = line.substring(p + 2).trim();
if (line.indexOf("AOL") == 0)
continue;
p = line.indexOf(",");
if (p != -1)
line = line.substring(0, p);
line = line.trim() + "@mci.com";
if (list.indexOf(line) == -1)
list.add(line);
}//end while
br.close();
String[] contactArray = new String[list.size()];
list.toArray(contactArray);
return contactArray;
}// end String
// setting up the XML file
Document createXMLDocument(String[] contactArray) throws Exception {
DocumentBuilderFactory dBF = DocumentBuilderFactory.newInstance();
DocumentBuilder builder = dBF.newDocumentBuilder();
DOMImplementation domImpl = builder.getDOMImplementation();
Document document = domImpl.createDocument(null, "messenger", null);
Element root = document.getDocumentElement();
Element svcElm = document.createElement("service");
Element clElm = document.createElement("contactlist");
svcElm.setAttribute("name", "Microsoft RTC Instant Messaging");
svcElm.appendChild(clElm);
root.appendChild(svcElm);
for (int i = 0; i < contactArray.length; i++) {
Element conElm = document.createElement("contact");
Text conTxt = document.createTextNode(contactArray);
conElm.appendChild(conTxt);
clElm.appendChild(conElm);
}//end for
return document;
}// end Document
void saveToXMLFile(Document document, File xmlFile) throws Exception {
OutputStream os =
new BufferedOutputStream(new FileOutputStream(xmlFile));
TransformerFactory tFactory = TransformerFactory.newInstance();
Transformer transformer = tFactory.newTransformer();
transformer.setOutputProperty(OutputKeys.INDENT, "yes");//puts information on seperate lines
transformer.setOutputProperty(OutputKeys.METHOD, "xml");
transformer.setOutputProperty("{http://xml.apache.org/xslt}indent-amount", "2");//gives the XML file indentation
transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "no");
DOMSource source = new DOMSource(document);
StreamResult result = new StreamResult(os);
transformer.transform(source, result);
os.close();
}//end saveToXMLFile
public static void main(String[] args) {
Sametime st = new Sametime();
ImageIcon picIcon = new ImageIcon(st.getClass().getResource("/ST_Migration/images/mci.gif"));//Change when default is known!
st.setIconImage(picIcon.getImage());
} //end main
private void setLookAndFeel() {
try {
UIManager.setLookAndFeel(
UIManager.getSystemLookAndFeelClassName());
SwingUtilities.updateComponentTreeUI(this);
} catch (Exception e) {
System.err.println("Could not use Look and Feel: " + e);
} //end catch
} //end void setLookAndFeel
} //end public class SametimeWell, if you don't want to use Package.isCompatibleWith and the version numbers will always be of the form x.y where y is at most one digit, you can use Double.parseDouble() and then compare the numbers. Otherwise you need to write a method of your own.
-
Problem in Crystal Report 11 Logon failed Vendor Code 4060- Please help
We are using VB 6.0 as front end, SQL 2005 Express edition as a data base server back end and crystal report 11 as reporting tool on Windows XP with SP2. The problem is, In the local system where DB exits the report generates fine. But if DB in network system the report will not work and it will ask for connection information (Provide necessary information to Logon to the chosen data source). We are using ODBC to connect the report. And if we give the correct password the report will generate
I have checked all your help file and sample code but solution not found. please help as soon as possible
Regards
KarthikHi Karthik,
Ensure the report is using the correct connection information. For example, the data source name, server name, database name, and user name are correct.
In a database-client test tool, ensure that the fields, tables, and procedures used by the report exist and that SQL queries can be executed against them.
In the Crystal Reports designer, verify that the SQL query, as shown under the Database menu Show SQL Query option, does not contain syntax errors.
If the SQL query shown in Crystal Reports is valid, execute the same SQL query through a database-client test tool.
Is report working fine in designer?
Which database connection are you using?
Regards,
Shweta -
How to check if a user exists in the system ?
Dear Gurus,
I want to check whether a user ID exists in the system after logon by using VBA. If the user ID exists, then I will update the user's information with external data by using the method user.change.
When running below codes, error occurs and error msg is: "The persistent key for an business object instance of type USER has not been set. Cannot invoke method EXISTENCECHECK"
How can I do to check the user ID existence ?
Set oUser = oBAPICtrl.GetSapObject("user")
oUser.ExistenceCheck "MyUserID", return:=oReturn
Thanks and Regards,
Bao YanMickey,
I'm afraid I never did get this to work properly. However, in the way of all bad/good (delete as appropriate) programmers eveywhere I worked around this problem. I was using this code in Banner.asp to change the view based on the user group so if a given session variable was set a user would see a different view. It works fine with no slow down on the page and you should be able to adapt it to what you need.
Hope this helps.
Neville
Note: Application variables are ones I have defined in config.xml.
Code follows:
<!--START:INC\common\getgroup.asp-->
<% 'NAH 29/03/2004 ' 'This check the to see if the current user has the group in their membership that has been defined as the group to provide an alternative view of the portal.' 'The group variable is defined in the config.xml as "ALTVIEWGROUP"'
'Do not do this is we have already matched the group'If Session("groupMatch") <> "1" and Session("groupMatch") <> "2" then
Dim pGroup
pGroup = Application("ALTVIEWGROUP") Set Session("groupMatch") = nothing
Dim Plumtree
Set Plumtree = Server.CreateObject("ADODB.Recordset") Plumtree.ActiveConnection = "Driver={SQL Server};Server=" & Application("DBSERVER") & ";Database=" & Application("PLUMTREEDB") & ";" Plumtree.Source = "SELECT GROUPID FROM " & Application("PLUMTREEDBUSER") & ".PTGROUPMEMBERSHIP WHERE (USERID = " & strUserID & ") AND (GROUPID = " & pGroup & ")" Plumtree.CursorType = 3 Plumtree.CursorLocation = 2 Plumtree.LockType = 1 Plumtree.Open()
'If there are records we should have a match otherwise set the session varible to no match.' If Plumtree.EOF then Session("groupMatch") = "2" Else 'By getting here the user should have the matching group but complete one final check to make sure' If cInt(Plumtree.Fields.Item("GROUPID").Value) = cInt(pGroup) then Session("groupMatch") = "1" Else Session("groupMatch") = "2" End If
End If
Plumtree.Close() Set Plumtree = Nothing
End if%><!--END:INC\common\getgroup.asp--> -
How to Check the report is Finished while calling a report from Forms 6i
Dear All,
I am Calling a report from oracle forms 6i, after runing report in " Run_Product(REPORTS,:fn_cntl.nb_report_name,ASYNCHRONOUS, RUNTIME, FILESYSTEM,pl_id, NULL);"
I need to copy the pdf to store it in another place once the report is generated.
My Problem is : that i want ot Check first the report has generated after " Run_Product(REPORTS,:fn_cntl.nb_report_name,ASYNCHRONOUS, RUNTIME, FILESYSTEM,pl_id, NULL);" is executed ? How to check the report is generated ot not?
As i tried to use the below procedure after "Run_Product(REPORTS,:fn_cntl.nb_report_name,ASYNCHRONOUS, RUNTIME, FILESYSTEM,pl_id, NULL);"" but his does not work... nothing happens
{code}
PROCEDURE FPC_COPY_REPORT (p_report_name varchar2) IS
repid REPORT_OBJECT;
v_rep VARCHAR2(100);
rep_status varchar2(20);
lv_id varchar2(1000);
BEGIN
repid := find_report_object('AMTP_995.RDF');
v_rep := RUN_REPORT_OBJECT(repid);
rep_status := REPORT_OBJECT_STATUS(v_rep);
if rep_status = 'FINISHED' then
message('Report Completed'); message('Report Completed');
else
message('Error when running report.'); message('Error when running report.');
end if;
END;
{code}
Any Helpactually My code is this:
declare
ln_alert number;
pl_id ParamList;
lv_report_name varchar2(10000);
lv_path varchar2 (100) := 'C:\';
lv_shared_path varchar2(1000);
lv_copy_file varchar2(10000);
cursor cr_dir_path IS
select v_dir_path
from md_directory
where v_dir_code ='SHR';
lv_file_name varchar2(1000);
BEGIN
open cr_dir_path;
fetch cr_dir_path into lv_shared_path;
close cr_dir_path;
lv_report_name := lv_path||:fn_cntl.nb_ref_no||'_M08600000_'||to_char(sysdate,'YYYYMMDD-HHmmss')||'.pdf';
if ffn_check_fields THEN
pl_id := Get_Parameter_List('LAI');
IF NOT Id_Null(pl_id) THEN
Destroy_Parameter_List( pl_id );
END IF;
pl_id := Create_Parameter_List('LAI');
if :fn_cntl.nb_report_name ='MMAT_REPORT'
then
if :fn_cntl.nb_report_desc ='EXPORT'
then
Add_Parameter(pl_id, 'PARAMFORM',TEXT_PARAMETER, 'NO');
Add_Parameter(pl_id, 'DESTYPE', TEXT_PARAMETER,'File');
Add_Parameter(pl_id, 'DESNAME', TEXT_PARAMETER, lv_report_name);
Add_Parameter(pl_id, 'DESFORMAT',TEXT_PARAMETER,'PDF');
Add_Parameter(pl_id, 'p_mat_no',TEXT_PARAMETER, :fn_cntl.nb_mat_no);
Add_Parameter(pl_id, 'p_ref_no', TEXT_PARAMETER, :fn_cntl.nb_ref_no);
Add_Parameter(pl_id, 'p_verified_by',TEXT_PARAMETER, user);
Run_Product(REPORTS,:fn_cntl.nb_report_name,ASYNCHRONOUS, RUNTIME, FILESYSTEM,pl_id, NULL);
DECLARE
repid REPORT_OBJECT; v_rep VARCHAR2(100); rep_status varchar2(20);BEGIN
/* REP_OBJ= REPORT OBJECT CREATED UNDER REPORT NODE AT FORM */
repid := find_report_object('MMAT_REPORT'); v_rep := RUN_REPORT_OBJECT(repid);
rep_status := REPORT_OBJECT_STATUS(v_rep);
if rep_status = 'FINISHED' then
message('Report Completed'); message('Report Completed');
--copy_report_object_output(v_rep,'c:\local.pdf');
-- host('netscape c:\tlocal.pdf');
else message('Error when running report.');
message('Error when running report.');
end if;
END;
end if;
end if;
if :fn_cntl.nb_report_desc ='EXPORT'
then
error_handler('This report will be Storde in ' ||lv_report_name||' and '||lv_shared_path|| ' Location',3);
lv_copy_file :='copy '||' "'||lv_report_name||'" "'||lv_shared_path||'"';
host(lv_copy_file,no_screen);
error_handler('Report Has been Generated Sucessfully.',3);
end if;
end if;
END;I will try first the another solution you have replied perviously... and will let you no the results... thanks a lot... -
How do I report a security problem to Firefox?
Here's the problem: <br />
Wednesday morning my Mac at home got infected by malware which I believe is usually called the "Google redirect virus". My Mac at home has been upgraded to OSX 10.6.7 and I believe I was using Firefox 3.6.13 (it automatically upgraded tonight). I haven't been able to find any useful information on line about this malware. <br />
The behavior after infection was that every time I tried to use Google my request would get redirected. If I entered www.google.com in the address bar, the URL would get changed to www.google.com/FuneralHomes/<something> and the browser would try to go there and a "Under Construction" error message or a no-such-page message would be returned. This started happening after I did a Google search and was checking various links in Firefox, but once it started in Firefox I got the same behavior in Safari even without using Safari to look at any links. And it continued to happen in Safari even after I did a "Reset Safari..." <br />
When I got infected I was using a non-adminstrator account and I was not asked to download anything nor was I prompted for a password. <br />
I searched on "Google redirect Mac virus" using my (so far) untouched work computer and found several suggestions but no solutions. Apparently this is a PC problem that's been around a few years, but there were some Mac reports from last year. So last night I checked the DNS addresses in my
Network preferences, looked at /etc/hosts, and removed the only plug-in from the Library:Internet Plug-ins of the infected account, even though it was a Picasa plug-in that predated this infection. None of those seemed to be the problem. I also scanned my disk with an up-to-date "Norton AntiVirus" which
I got from work some time ago, but it found no viruses. <br />
What really puzzles me is that the problem gradually went away while I was checking it last night. At first, when I entered www.google.com the browser would still show the redirected address in the prompt that comes up and it had the Legacy.com logo on the left instead of the Google one but it would actually go to the Google website (unless I'm being spoofed). Then at a later attempt, only the wrong logo persisted. Then at an even later attempt the logo got fixed and everything looked fine and appeared to behave correctly. <br />
Frankly, that's a little scary. It's as if a really smart trojan got
installed and was covering its tracks while it set up a man-in-the-middle attack (please advise if I'm misusing the jargon). If I'm being too paranoid, great, but I'd still like to know how such behavior could be induced on my machine just by linking to a website. Can anyone help?
''moderator- fixed the leading space formatting errors in this posting''Thanks, the-edmeister, but the only relevant post I found was from GB Colburn on bleepingcomputer.com, wherein he reported a similar problem about a year ago. I've found a few similar threads in the last year or so (by searching "Google redirect mac virus" in Google) but they are all about the same: someone reports the problem, responders have various random suggestions, the problem seems to go away by itself (at least sometimes), and there's nothing conclusive either good or bad.
Without myself being as knowledgeable as GB Colburn, it doesn't look to me like the problem is in the DNS system or the router. It acts more like some malware in the automatic completion in the address bar of the browser or maybe in the history system, but I can't figure out how an infection in one browser could affect another browser. And I *really* can't figure out how it could be self-healing.
It's really frustrating that none of the major parties involved in this—Firefox, Google, Safari (Apple), Verizon (my internet provider)—even have a process for reporting a security issue. At least not one that I, an ordinary semi-naive user, can find. -
USer exit for transaction Code APPCHANGE
I want to include a function module to trigger a workflow
in a user exit related to program
SAPLHRHAP_UI_DOCUMENT_REPORT (transaction Code APPCHANGE.)
The workflow will be triggered when SAVE button is pressed.
Thank your for your helpHere is a program that can be used to find user exits per transaction code.
report z_find_user_exit no standard page heading.
tables: tstc, tadir, modsapt, modact,
trdir, tfdir, enlfdir, tstct.
data : jtab like tadir occurs 0 with header line.
data : hotspot(30).
parameters : p_tcode like tstc-tcode obligatory.
at line-selection.
get cursor field hotspot.
check hotspot(4) eq 'JTAB'.
set parameter id 'MON' field sy-lisel+1(10).
call transaction 'SMOD' and skip first screen.
start-of-selection.
perform get_data.
perform write_list.
* FORM get_data *
form get_data.
select single * from tstc
where tcode eq p_tcode.
check sy-subrc eq 0.
select single * from tadir
where pgmid = 'R3TR'
and object = 'PROG'
and obj_name = tstc-pgmna.
if sy-subrc ne 0.
select single * from trdir
where name = tstc-pgmna.
if trdir-subc eq 'F'.
select single * from tfdir
where pname = tstc-pgmna.
select single * from enlfdir
where funcname = tfdir-funcname.
select single * from tadir
where pgmid = 'R3TR'
and object = 'FUGR'
and obj_name eq enlfdir-area.
endif.
endif.
select * from tadir into table jtab
where pgmid = 'R3TR'
and object = 'SMOD'
and devclass = tadir-devclass.
select single * from tstct
where sprsl eq sy-langu
and tcode eq p_tcode.
endform.
* FORM write_list *
form write_list.
format color col_positive intensified off.
write:/(19) 'Transaction Code - ',
20(20) p_tcode,
45(50) tstct-ttext.
skip.
if not jtab[] is initial.
write:/(95) sy-uline.
format color col_heading intensified on.
write:/1 sy-vline,
2 'Exit Name',
21 sy-vline ,
22 'Description',
95 sy-vline.
write:/(95) sy-uline.
loop at jtab.
select single * from modsapt
where sprsl = sy-langu and
name = jtab-obj_name.
format color col_normal intensified off.
write:/1 sy-vline,
2 jtab-obj_name hotspot on,
21 sy-vline ,
22 modsapt-modtext,
95 sy-vline.
endloop.
write:/(95) sy-uline.
describe table jtab.
skip.
format color col_total intensified on.
write:/ 'No of Exits:' , sy-tfill.
else.
format color col_negative intensified on.
write:/(95) 'No User Exit exists'.
endif.
endform.
Regards,
Rich Heilman -
How to check if the user has only the display authority of a message
hi,
How to check if the user has only the display authority of a message but does not have the change authority for a certain message?
Best regards,hi blake
though i am an application consultant and for authorisation u need to have help of BASIS person if u r not the one but still i can guide u regarding the same,
Basically Authorization Management
Use
You can use the following authorization objects to control the authorizations for maintaining business partner data:
Authorization objects for the Business Partner:
 B_BUPA_GRP
 B_BUPA_ATT
 B_BUPA_FDG
 B_BUPA_RLT
Authorization objects for relationships:
 B_BUPR_BZT
 B_BUPR_FDG
In addition, you can assign an authorization group to a business partner in the dialog. The authorization group controls which users may maintain data for this business partner.
You can also define authorizations for fields and field groups using the Business Data Toolset (BDT). Depending on the settings you have made, the system carries out the relevant authorization checks.
In the dialog in the SAP GUI, you can display an overview of the authorizations assigned to you by pressing the button Settings.
For more information on authorization management, see the Implementation Guide (IMG) of the Business Partner, as well as in the Developers Handbook for the BDT under Authorizations.
IntegrationAuthorization management for the Business Partner forms part of the SAP authorization concept.
Prerequisites
You have made the necessary settings in Customizing of the Business Partner under Basic Settings--> -Address Management.
Moving over
AS ABAP Authorization Concept
The ABAP authorization concept protects transactions, programs, and services in SAP systems from unauthorized access. On the basis of the authorization concept, the administrator assigns authorizations to the users that determine which actions a user can execute in the SAP system, after he or she has logged on to the system and authenticated himself or herself.
To access business objects or execute SAP transactions, a user requires corresponding authorizations, as business objects or transactions are protected by authorization objects. The authorizations represent instances of generic authorization objects and are defined depending on the activity and responsibilities of the employee. The authorizations are combined in an authorization profile that is associated with a role. The user administrators then assign the corresponding roles using the user master record, so that the user can use the appropriate transactions for his or her tasks.
Authorization Checks
To ensure that a user has the appropriate authorizations when he or she performs an action, users are subject to authorization checks.
The following actions are subject to authorization checks that are performed before the start of a program or table maintenance and which the SAP applications cannot avoid:
Starting SAP transactions (authorization object S_TCODE)
Starting reports (authorization object S_PROGRAM)
Calling RFC function modules (authorization object S_RFC)
Table maintenance with generic tools (S_TABU_DIS)
Checking at Program Level with AUTHORITY-CHECK
Applications use the ABAP statement AUTHORITY-CHECK, which is inserted in the source code of the program, to check whether users have the appropriate authorization and whether these authorizations are suitably defined; that is, whether the user administrator has assigned the values required for the fields by the programmer. In this way, you can also protect transactions that are called indirectly by other programs.
AUTHORITY-CHECK searches profiles specified in the user master record to see whether the user has authorization for the authorization object specified in the AUTHORITY-CHECK. If one of the authorizations found matches the required values, the check is successful.
Starting SAP Transactions
When a user starts a transaction, the system performs the following checks:
The system checks in table TSTC whether the transaction code is valid and whether the system administrator has locked the transaction.
The system then checks whether the user has authorization to start the transaction.
The SAP system performs the authorization checks every time a user starts a transaction from the menu or by entering a command. Indirectly called transactions are not included in this authorization check. For more complex transactions, which call other transactions, there are additional authorization checks.
 The authorization object S_TCODE (transaction start) contains the field TCD (transaction code). The user must have an authorization with a value for the selected transaction code.
 If an additional authorization is entered using transaction SE93 for the transaction to be started, the user also requires the suitable defined authorization object (TSTA, table TSTCA).
If you create a transaction in transaction SE93, you can assign an additional authorization to this transaction. This is useful, if you want to be able to protect a transaction with a separate authorization. If this is not the case, you should consider using other methods to protect the transaction (such as AUTHORITY-CHECK at program level).
The system checks whether the transaction code is assigned an authorization object. If so, a check is made that the user has authorization for this authorization object.
The check is not performed in the following cases:
You have deactivated the check of the authorization objects for the transaction (with transaction SU24) using check indicators, that is, you have removed an authorization object entered using transaction SE93. You cannot deactivate the check for objects from the SAP NetWeaver and HR areas.
This can be useful, as a large number of authorization objects are often checked when transactions are executed, since the transaction calls other work areas in the background. In order for these checks to be executed successfully, the user in question must have the appropriate authorizations. This results in some users having more authorization than they strictly need. It also leads to an increased maintenance workload. You can therefore deactivate authorization checks of this type in a targeted manner using transaction SU24.
 You have globally deactivated authorization objects for all transactions with transaction SU24 or transaction SU25.
 So that the entries that you have made with transactions SU24 and SU25 become effective, you must set the profile parameter AUTH/NO_CHECK_IN_SOME_CASES to Y (using transaction RZ10).
All of the above checks must be successful so that the user can start the transaction. Otherwise, the transaction is not called and the system displays an appropriate message.
Starting Report Classes
You can perform additional authorization checks by assigning reports to authorization classes (using report RSCSAUTH). You can, for example, assign all PA* reports to an authorization class for PA (such as PAxxx). If a user wants to start a PA report, he or she requires the appropriate authorization to execute reports in this class.
We do not deliver any predefined report classes. You must decide yourself which reports you want to protect in this way. You can also enter the authorization classes for reports with the maintenance functions for report trees. This method provides a hierarchical approach for assigning authorizations for reports. You can, for example, assign an authorization class to a report node, meaning that all reports at this node automatically belong to this class. This means that you have a more transparent overview of the authorization classes to which the various reports are transported.
You must consider the following:
After you have assigned reports to authorization classes or have changed assignments, you may have to adjust objects in your authorization concept (such as roles (activity groups), profiles, or user master records).
There are certain system reports that you cannot assign to any authorization class. These include:
RSRZLLG0
STARTMEN (as of SAP R/3 4.0)
Reports that are called using SUBMIT in a customer exit at logon (such as SUSR0001, ZXUSRU01).
Authorization assignments for reports are overwritten during an upgrade. After an upgrade, you must therefore restore your customer-specific report authorizations.
Calling RFC Function Modules
When RFC function modules are called by an RFC client program or another system, an authorization check is performed for the authorization object S_RFC in the called system. This check uses the name of the function group to which the function module belongs. You can deactivate this check with parameter auth/rfc_authority_check.
Checking Assignment of Authorization Groups to Tables
You can also assign authorization groups to tables to avoid users accessing tables using general access tools (such as transaction SE16). A user requires not only authorization to execute the tool, but must also have authorization to be permitted to access tables with the relevant group assignments. For this case, we deliver tables with predefined assignments to authorization groups. The assignments are defined in table TDDAT; the checked authorization object is S_TABU_DIS.
You can assign a table to authorization group Z000. (Use transaction SM30 for table TDDAT) A user that wants to access this table must have authorization object S_TABU_DIS in his or her profile with the value Z000 in the field DICBERCLS (authorization group for ABAP Dictionary objects).
please See also:
SAP Notes 7642, 20534, 23342, 33154, and 67766
guess this info will help you,there is one graphic which actually explain the hierarchy of authorisation,i will find some time out to let u know more info about the authorisation
but if u sit with ur BASIS guy then u can learn lot of things in PFCG
i guess u r a basis guy,then its not a problem
best regards
ashish
Maybe you are looking for
-
Previously I bought an ebook and I keep its address in my favorite link, and it worked. However, after a year, when I click that link, abobe home appears and it seems to ask me to buy monthly services. How can I read that e book again? Thank you very
-
Correlation in bpm - Difference between activating and using correlation
Hi I would like to know the difference between between activating a correaltion and using a correlation in a step.
-
How to read data fra adobe interactive pdf form into WDA context?
Hi, I have a pdf form which is pre filled with some data and then the user has the opportunity to add some data to the pdf form. I want to retrieve this data into my context without having to add a button into the pdf form which will send back data t
-
Don't sort search results?
Hm, I guess there is no easy way to tell RH8 to list WebHelp search results in a very simple list and to relinquish the sort function within the search results? Thanx y'all. Paul
-
Trying to download a movie on my iPad and constantly receive a download error tap to retry. iPad has enough capacity.