Create UMe role to Maintain JCOu00B4s in SAP Netweaver
Hi to all,
We are running GRC AC 5.3 and we want to create a role just to maintain JCO´s
Can someone direct me to any documentation related to what Object (UME Actions) are necesary to create a Role just to enter the JCO section (In Web Dynpro Tools - > Content Adminsitrator)
Thx for your help.
Denis
Hi Denis,
The content admin role will give access to only content administration:
pcd:portal_content/administrator/content_admin/content_admin_role
However, if you wish to restrict the access to only JCO connection maintenance, check the assigned actions and create a new role with only those actions:
1. Search for the role pcd:portal_content/administrator/content_admin/content_admin_role
2. Click Modify
3. Click Assigned Actions
4. Search for the actions
5. Create a new role with the required actions.
Hope this answers.
Rgds,
Raghu
Similar Messages
-
How to create a application service with EHP1 for SAP NetWeaver CE Preview
I ceated a new Composite Application with a Business Object "test" and an Application Service "search" in the Netweaver Development Studio
Business Object - test
In the Tab Structure I added the attributes id:LONG and name:STRING.
Under Operations I added findByName with the Input Parameter name:<anonymous>(String), the Output Parameter Output:test (test as a Complex Type) and the Fault "CAFFindException".
Application Service - search
I added the test BO as a Dependent Object and the Operation findByName with the Input Parameter name:String, thevOutput Parameter erg:test (Complex Type) and the Fault "CAFFindException".
As Business Logic I added the following code:
package com.sap.demo.carpool.modeled.appsrv.search;
import java.util.List;
import com.sap.caf.rt.bol.util.QueryFilterFactory;
@javax.ejb.Stateless(name="com.sap.demo.carpool.modeled.appsrv.search.search")
@javax.ejb.Local(com.sap.demo.carpool.modeled.appsrv.search.searchServiceLocal.class)
@javax.interceptor.Interceptors(com.sap.caf.rt.interceptors.LogInterceptor.class)
public class searchBeanImpl extends com.sap.demo.carpool.modeled.appsrv.search.searchBean{ //$JL-SER$ - static final long serialVersionUID is not declared
public searchBeanImpl() {
@com.sap.caf.dt.CAFOperation(name="findByName")
public com.sap.demo.carpool.modeled.Test findByName(java.lang.String name) throws com.sap.caf.rt.exception.CAFServiceException {
List<Test> out = this.gettestService().findByName(QueryFilterFactory.createFilter(name));
return out;
I alway got the error: "Test cannot be resolved to a type" or "Type mismatch: cannot convert from List to Test"
I would be very thankful if you could help me.Hi Marcos,
thank you so much!!!
After changing the cardinality the return type of the operation "findByName" switches to "java.util.List". Everything is working now!
The code now looks like this:
@com.sap.caf.dt.CAFOperation(name="findByName")
public java.util.List<com.sap.demo.carpool.modeled.Test> findByName(java.lang.String name) throws com.sap.caf.rt.exception.CAFServiceException {
java.util.List<com.sap.demo.carpool.modeled.Test> out = this.gettestService().findByName(QueryFilterFactory.createFilter(name));
return out;
Thank you so much! I'm so happy .... This problem frustrated me ....
Thank you .... -
Create Roles with acess control in SAP MDM
Hi Experts,
I am new to SAP MDM.I want to know how to create roles with access control for various users in SAP MDM.
Thanks,
Manojhi,
in the console; you can create roles with access control and you can assign these roles to users.
follow this path:
Console --> repository --> Admin node --> roles,
here you can create new role. for role here you can maintain
1. role detail
2. Functions --here you can restrict the particular role , none / Execute the functions.
3. Tables/fields -- here you can give access to the role Read only / Read and write, and you can apply constraints also.
and follow the links:
http://help.sap.com/saphelp_mdm550/helpdata/en/8e/9f9c427055c66ae10000000a155106/frameset.htm
http://help.sap.com/saphelp_mdm550/helpdata/en/8e/9f9c427055c66ae10000000a155106/frameset.htm
http://help.sap.com/saphelp_mdm550/helpdata/en/8e/9f9c427055c66ae10000000a155106/frameset.htm
http://help.sap.com/saphelp_mdm550/helpdata/en/8e/9f9c427055c66ae10000000a155106/frameset.htm
http://help.sap.com/saphelp_mdm550/helpdata/en/8e/9f9c427055c66ae10000000a155106/frameset.htm
hope this may help you,
Regards,
Srinivas -
What BAPI's use the ERM of the SAP GRC AC 5.3 to create the roles in the R/
Hello,
Does somebody knows what BAPI's use the ERM of the SAP GRC AC 5.3 to create the roles in the R/3?
Thank you in advance.
Pablo Mortera.Pablo,
I don't have access to the system right now. Go to SE38 and search for 'Virsa' BAPIs...it will list all the ERM BAPIs under RE. The naming convention is pretty straightforward so you will be able to find a create role BAPI. If you open this BAPI, you will be able to find the SAP delivered BAPI which is being used in PFCG.
Alpesh -
Different role types. Was: "Hi sap gurus"
define and differentiate the following types of roles
1.single role
2.composite role
3.derived role
4.child role
5.parent role
Message was edited by: Moderator
Please use meaningfull thread subject titles.Hi
There are 5 types of Roles:
1) Single Role.
2) Composite Role. (Max 164 Single Roles can be attached to one Composite Role)
3) Derived Roles.
4) Orphans Role.
5) Reference Roles.
<b>Composite roles </b>
A composite role is a container with several different roles. For reasons of clarity, it does not make sense and is therefore not allowed to add composite roles to composite roles. Composite roles are also called roles.
Composite roles do not contain authorization data. If you want to change the authorizations (that are represented by a composite role), you must maintain the data for each role of the composite role. Creating composite roles makes sense if some of your employees need authorizations from several roles. Instead of adding each user separately to each role required, you can set up a composite role and assign the users to that group. The users assigned to a composite role are automatically assigned to the corresponding (elementary) roles during comparison.
The menu tree of a composite role is, in the simplest case, a combination of the menus of the roles contained. When you create a new composite role, the initial menu tree is empty at first. You can set up the menu tree by choosing Read menu to add the menus of all roles included. This merging may lead to certain menu items being listed more than once. For example, a transaction or path contained in role 1 and role 2 would appear twice. If the set of roles contained in a composite role changes, the menu tree is also affected. In such a case, you can completely rebuild the menu tree or process only the changes. If you choose the latter option, the Profile Generator removes all items from the menu, which are not contained in any of the roles referenced. It is possible (and often necessary) to change the menu of a composite role at any time. You adjust these menus in the same way as the menus for roles.
<b>Derived roles </b>
Derived roles refer to roles that already exist. The derived roles inherit the menu structure and the functions included (transactions, reports, Web links, and so on) from the role referenced. A role can only inherit menus and functions if no transaction codes have been assigned to it before.
The higher-level role passes on its authorizations to the derived role as default values, which can be changed afterwards. Organizational level definitions are not passed on. They must be created anew in the inheriting role. User assignments are not passed on either. Derived roles are an elegant way of maintaining roles that do not differ in their functionality (identical menus and identical transactions) but have different characteristics with regard to the organizational level.
The menus passed on cannot be changed in the derived roles. Menu maintenance takes place exclusively in the role that passes on its values. Any changes immediately affect all inheriting roles. You can remove the inheritance relationship, but afterwards the inheriting role is treated like any other normal role. Once a relationship is removed, it cannot be established again.
In real time scenario Roles and Authorizations are primarily based on Company codes in many cases and in some scenarios are also based on Cost centers or divisions etc. IN such scenario, a Master role is created and many child roles are created with relevant Organizational levels added to the same. So any change to the master role would be drilled down to Child roles and hence it would avoid a lot of Maintenance overhead.
E.g.: Master Role -- Z_SAP_FI_BUYER_000
Child Role1 -- Z_SAP_FI_BUYER_CC1
Child Role 2 -- Z_SAP_FI_BUYER_CC2
Child Role 3 -- Z_SAP_FI_BUYER_CC3
<b>Orphans Role</b>
Orphans Roles are Stand-alone roles and are many a times required for IS uses/. So a System Admin role, a Security Auditor role and many other special roles mainly not used in Business side are created as ORPHANS. This role limits the user to a particular organization.
<b>Reference Role</b>
They are SAP standard Roles.
Reward points if helpful -
UME Roles/Groups problem
I have installed an ABAP +J2EE instance with the view of using it for Adobe Document Services.
While following the Adobe Document Services configuration guide, Step 3.2.1.1:
I'm creating a role in the ABAP engine, creating a user (ADSUser); creating and assigning the role (ADSCallers) to it.
When I start visual admin, i expect the user to be shown under the 'group': ADSCallers.
While I can see the user in visual admin, I'm unable to see the group (role in ABAP instance)
I'm on SP19 NW2004. Any views???There is a delay before roles show up as groups on the Java side. The delay runs about 30 minutes. See http://help.sap.com/saphelp_nw04s/helpdata/en/45/af3ac012d32e78e10000000a155369/frameset.htm
-Michael -
Authorization maintenance - Create Collective Roles
Hello.
Two questions:
1- I would like to know if it's possible to create a collective role based on four other normal roles. Then create a normal role using the option copy role through transaction PFCG, based on the collective role?
2- Is the creation of the collective role trustworthy and a recommended procedure by SAP when the four normal roles are considered complex (having many objects and transactions)?
When creating the collective role will there be object or transaction loss?
Thanks!Hello Bruno,
Here are the answers:
1- I would like to know if it's possible to create a collective role based on four other normal roles. Then create a normal role using the option copy role through transaction PFCG, based on the collective role?
Yes it is possible to create collective role based on four other normal roles. However you can not create a normal role as a copy of collective role. A collective role can be copied into a collective role. However if I understand correctly then what want is that the authorizations present in 4 normal roles should get merged into one single role. If that is case then do the following.
Create a normal role, Go to change mode and then to menu. If you want to copy role menus of 4 normal roles then please use the option copy role menu from other roles. Even if you don't copy role menu the next step remains the same. Go to authorizations tab. Here goto menu bar: EditInsert AuthorizationsFrom profile. Now supply the profiles of the 4 normal roles one by one. You might find a lot of entires in red since organization level has to be maintained. You need to do that manually. Once done generate the role.
2 Is the creation of the collective role trustworthy and a recommended procedure by SAP when the four normal roles are considered complex (having many objects and transactions)?
When creating the collective role will there be object or transaction loss?
Yes it is trustworthy. No data loss occurs.
Regards.
Ruchit. -
Hi,
i'm having a problem with portal user management. We have a LDAP user called charlie81 in an Active Directory Server, which has a set of LDAP groups. We have also a UME Role (a role created in the portal) called "Manutenzione". Our target is to assign "Manutenzione" to charlie81 through the portal. I made it but when charlie81 is logged in, he can see only LDAP Roles; "Manutenzione" is not visible!!!! How can i resolve this problems? Do you help me, please? Thank you in advance, Carlo PagliaHi,
What kind of role did you assign to the user? A portal role (source = portal role) or a "UME role" (source = UME database)?
If it's a portal role, is it a standard or a custom role? If it is a custom portal role, make sure an entry point is defined or your role won't be visible. Here's a link to the documentation : [Defining Entry Points|http://help.sap.com/saphelp_nw70ehp1/helpdata/en/4e/3e703e632c7937e10000000a114084/frameset.htm].
Regards,
Pierre -
Persistence exception when creating UME users
Hello,
I'm encountering a persistence exception while attempting to create users in the Portal using ABAP as my UME store. The exception indicates that a user name is too long to be valid (e.g. 1Z8uN8K0JUdBbS~Z1WN8). This name is apparently generated since it is different in each error message in the log.
I've read the Help files throughly and have configured the SAPJSF user to be in the proper role for writing (SAP_BC_JSF_COMMUNICATION) and made sure that the authorizations for that role are properly generated and assigned. The values for the ume settings in configtool are configured to connect properly and everything tests fine in the portal (except creating users, of course). I'm running everything on SPS09.
The detailed error message is below. TIA for your thoughts.
Rob
Date : 12/11/2006
Time : 17:07:09:486
Message : An exception was thrown in the UME/ABAP user management connector. Message: Not a valid SAP user ID:
"1Z8uN8K0JUdBbS~Z1WN8". Reason: SAP user ID must contain at least 1 and at most 12 characters.
[EXCEPTION]
com.sap.security.core.persistence.datasource.PersistenceException: Not a valid SAP user ID: "1Z8uN8K0JUdBbS~Z1WN8".
Reason: SAP user ID must contain at least 1 and at most 12 characters at
com.sap.security.core.persistence.datasource.imp.R3PersistenceBase.newPersistenceException(R3PersistenceBase.java:178
) at com.sap.security.core.persistence.datasource.imp.R3Persistence.getPrivateIDPart(R3Persistence.java:2532)
at
com.sap.security.core.persistence.datasource.imp.DataSourceBaseImplementation.bindNewPrincipalDatabag(DataSourceBaseI
mplementation.java:340) at
com.sap.security.core.persistence.datasource.imp.R3Persistence$Transaction.bindNewPrincipalDatabag(R3Persistence.java
:8727) at
com.sap.security.core.persistence.imp.PrincipalDatabagFactoryInstance.bindNewPrincipalDatabag(PrincipalDatabagFactory
Instance.java:4640) at
com.sap.security.core.persistence.imp.PrincipalDatabag.getIDParts(PrincipalDatabag.java:1034) at
com.sap.security.core.persistence.imp.PrincipalDatabagFactoryInstance.isPrincipalDatabagAttributeModifiable(Principal
DatabagFactoryInstance.java:2331) at
com.sap.security.core.imp.PrincipalFactory.isPrincipalAttributeModifiable(PrincipalFactory.java:255) at
com.sap.security.core.imp.PrincipalFactory.isPrincipalAttributeModifiable(PrincipalFactory.java:215) at
com.sap.security.core.jmx.impl.CompanyPrincipalFactory.isPrincipalAttributeCreateable(CompanyPrincipalFactory.java:24
71) at com.sap.security.core.jmx.impl.JmxLayoutHelper.getAttributeLayoutInformation(JmxLayoutHelper.java:67)
at com.sap.security.core.jmx.impl.JmxServer.getAttributeLayoutInformation(JmxServer.java:304) at
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at
java.lang.reflect.Method.invoke(Method.java:324) at
com.sap.pj.jmx.introspect.DefaultMBeanInvoker.invoke(DefaultMBeanInvoker.java:58) at
javax.management.StandardMBean.invoke(StandardMBean.java:286) at
com.sap.pj.jmx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:944) at
com.sap.pj.jmx.server.interceptor.MBeanServerWrapperInterceptor.invoke(MBeanServerWrapperInterceptor.java:288) at
com.sap.engine.services.jmx.CompletionInterceptor.invoke(CompletionInterceptor.java:409) at
com.sap.pj.jmx.server.interceptor.BasicMBeanServerInterceptor.invoke(BasicMBeanServerInterceptor.java:277) at
com.sap.jmx.provider.ProviderInterceptor.invoke(ProviderInterceptor.java:258) at
com.sap.engine.services.jmx.RedirectInterceptor.invoke(RedirectInterceptor.java:340) at
com.sap.pj.jmx.server.interceptor.MBeanServerInterceptorChain.invoke(MBeanServerInterceptorChain.java:330) at
com.sap.engine.services.jmx.MBeanServerSecurityWrapper.invoke(MBeanServerSecurityWrapper.java:287) at
com.sap.engine.services.jmx.ClusterInterceptor.invoke(ClusterInterceptor.java:776) at
com.sap.pj.jmx.server.interceptor.MBeanServerInterceptorChain.invoke(MBeanServerInterceptorChain.java:330) at
com.sap.security.core.jmx._gen.IJmxServer$Impl.getAttributeLayoutInformation(IJmxServer.java:1695) at
com.sap.security.core.wd.jmxmodel.JmxModelCompInterface.getAttributeLayoutInformation(JmxModelCompInterface.java:485)
at
com.sap.security.core.wd.jmxmodel.wdp.InternalJmxModelCompInterface.getAttributeLayoutInformation(InternalJmxModelCom
pInterface.java:441) at
com.sap.security.core.wd.jmxmodel.wdp.InternalJmxModelCompInterface$External.getAttributeLayoutInformation(InternalJm
xModelCompInterface.java:712) at
com.sap.security.core.wd.umeuifactory.UmeUiFactoryCompInterface.getAttributeLayoutInformation(UmeUiFactoryCompInterfa
ce.java:675) at
com.sap.security.core.wd.umeuifactory.wdp.InternalUmeUiFactoryCompInterface.getAttributeLayoutInformation(InternalUme
UiFactoryCompInterface.java:519) at
com.sap.security.core.wd.umeuifactory.wdp.InternalUmeUiFactoryCompInterface$External.getAttributeLayoutInformation(In
ternalUmeUiFactoryCompInterface.java:856) at
com.sap.security.core.wd.maintainuser.WriteableDetailInterfaceView.onPlugCopyIn(WriteableDetailInterfaceView.java:179
) at
com.sap.security.core.wd.maintainuser.WriteableDetailInterfaceView.onPlugCreateIn(WriteableDetailInterfaceView.java:1
11) at
com.sap.security.core.wd.maintainuser.wdp.InternalWriteableDetailInterfaceView.wdInvokeEventHandler(InternalWriteable
DetailInterfaceView.java:110) at
com.sap.tc.webdynpro.progmodel.generation.DelegatingInterfaceView.invokeEventHandler(DelegatingInterfaceView.java:85)
at com.sap.tc.webdynpro.clientserver.cal.ClientApplication.navigate(ClientApplication.java:826) at
com.sap.tc.webdynpro.clientserver.cal.ClientComponent.navigate(ClientComponent.java:873) at
com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.doNavigation(WindowPhaseModel.java:498) at
com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequest(WindowPhaseModel.java:144) at
com.sap.tc.webdynpro.clientserver.window.WebDynproWindow.processRequest(WebDynproWindow.java:335) at
com.sap.tc.webdynpro.clientserver.cal.AbstractClient.executeTasks(AbstractClient.java:143) at
com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:299) at
com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessingPortal(ClientSession.java:731) at
com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:667) at
com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:232) at
com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:152) at
com.sap.tc.webdynpro.clientserver.session.core.ApplicationHandle.doProcessing(ApplicationHandle.java:73) at
com.sap.tc.webdynpro.portal.pb.impl.AbstractApplicationProxy.sendDataAndProcessActionInternal(AbstractApplicationProx
y.java:879) at
com.sap.tc.webdynpro.portal.pb.impl.localwd.LocalApplicationProxy.sendDataAndProcessAction(LocalApplicationProxy.java
:77) at com.sap.portal.pb.PageBuilder.updateApplications(PageBuilder.java:1291) at
com.sap.portal.pb.PageBuilder.SendDataAndProcessAction(PageBuilder.java:325) at
com.sap.portal.pb.PageBuilder$1.doPhase(PageBuilder.java:831) at
com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processPhaseListener(WindowPhaseModel.java:755) at
com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.doPortalDispatch(WindowPhaseModel.java:717) at
com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequest(WindowPhaseModel.java:136) at
com.sap.tc.webdynpro.clientserver.window.WebDynproWindow.processRequest(WebDynproWindow.java:335) at
com.sap.tc.webdynpro.clientserver.cal.AbstractClient.executeTasks(AbstractClient.java:143) at
com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:299) at
com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessingStandalone(ClientSession.java:711)
at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:665) at
com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:232) at
com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:152) at
com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doContent(DispatcherServlet.java:62) at
com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doPost(DispatcherServlet.java:53) at
javax.servlet.http.HttpServlet.service(HttpServlet.java:760) at
javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at
com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:390) at
com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:264) at
com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:347) at
com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:325) at
com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:887) at
com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:241) at
com.sap.engine.services.httpserver.server.Client.handle(Client.java:92) at
com.sap.engine.services.httpserver.server.Processor.request(Processor.java:148) at
com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMe
ssageListener.java:33) at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41) at
com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37) at
java.security.AccessController.doPrivileged(Native Method) at
com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100) at
com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)----
caused by
com.sap.security.core.persistence.datasource.imp.r3persistence.SapUidFormatException: Not a valid SAP user
ID: "1Z8uN8K0JUdBbS~Z1WN8". Reason: SAP user ID must contain at least 1 and at most 12 characters at
com.sap.security.core.persistence.datasource.imp.r3persistence.Util.assertSapUidLength(Util.java:73) at
com.sap.security.core.persistence.datasource.imp.R3Persistence.getPrivateIDPart(R3Persistence.java:2512) at
com.sap.security.core.persistence.datasource.imp.DataSourceBaseImplementation.bindNewPrincipalDatabag(DataSourceBaseI
mplementation.java:340) at
com.sap.security.core.persistence.datasource.imp.R3Persistence$Transaction.bindNewPrincipalDatabag(R3Persistence.java
:8727) at
com.sap.security.core.persistence.imp.PrincipalDatabagFactoryInstance.bindNewPrincipalDatabag(PrincipalDatabagFactory
Instance.java:4640) at
com.sap.security.core.persistence.imp.PrincipalDatabag.getIDParts(PrincipalDatabag.java:1034) at
com.sap.security.core.persistence.imp.PrincipalDatabagFactoryInstance.isPrincipalDatabagAttributeModifiable(Principal
DatabagFactoryInstance.java:2331) at
com.sap.security.core.imp.PrincipalFactory.isPrincipalAttributeModifiable(PrincipalFactory.java:255) at
com.sap.security.core.imp.PrincipalFactory.isPrincipalAttributeModifiable(PrincipalFactory.java:215) at
com.sap.security.core.jmx.impl.CompanyPrincipalFactory.isPrincipalAttributeCreateable(CompanyPrincipalFactory.java:24
71) at com.sap.security.core.jmx.impl.JmxLayoutHelper.getAttributeLayoutInformation(JmxLayoutHelper.java:67)
at com.sap.security.core.jmx.impl.JmxServer.getAttributeLayoutInformation(JmxServer.java:304) at
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at
java.lang.reflect.Method.invoke(Method.java:324) at
com.sap.pj.jmx.introspect.DefaultMBeanInvoker.invoke(DefaultMBeanInvoker.java:58) at
javax.management.StandardMBean.invoke(StandardMBean.java:286) at
com.sap.pj.jmx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:944) at
com.sap.pj.jmx.server.interceptor.MBeanServerWrapperInterceptor.invoke(MBeanServerWrapperInterceptor.java:288) at
com.sap.engine.services.jmx.CompletionInterceptor.invoke(CompletionInterceptor.java:409) at
com.sap.pj.jmx.server.interceptor.BasicMBeanServerInterceptor.invoke(BasicMBeanServerInterceptor.java:277) at
com.sap.jmx.provider.ProviderInterceptor.invoke(ProviderInterceptor.java:258) at
com.sap.engine.services.jmx.RedirectInterceptor.invoke(RedirectInterceptor.java:340) at
com.sap.pj.jmx.server.interceptor.MBeanServerInterceptorChain.invoke(MBeanServerInterceptorChain.java:330) at
com.sap.engine.services.jmx.MBeanServerSecurityWrapper.invoke(MBeanServerSecurityWrapper.java:287) at
com.sap.engine.services.jmx.ClusterInterceptor.invoke(ClusterInterceptor.java:776) at
com.sap.pj.jmx.server.interceptor.MBeanServerInterceptorChain.invoke(MBeanServerInterceptorChain.java:330) at
com.sap.security.core.jmx._gen.IJmxServer$Impl.getAttributeLayoutInformation(IJmxServer.java:1695) at
com.sap.security.core.wd.jmxmodel.JmxModelCompInterface.getAttributeLayoutInformation(JmxModelCompInterface.java:485)
at
com.sap.security.core.wd.jmxmodel.wdp.InternalJmxModelCompInterface.getAttributeLayoutInformation(InternalJmxModelCom
pInterface.java:441) at
com.sap.security.core.wd.jmxmodel.wdp.InternalJmxModelCompInterface$External.getAttributeLayoutInformation(InternalJm
xModelCompInterface.java:712) at
com.sap.security.core.wd.umeuifactory.UmeUiFactoryCompInterface.getAttributeLayoutInformation(UmeUiFactoryCompInterfa
ce.java:675) at
com.sap.security.core.wd.umeuifactory.wdp.InternalUmeUiFactoryCompInterface.getAttributeLayoutInformation(InternalUme
UiFactoryCompInterface.java:519) at
com.sap.security.core.wd.umeuifactory.wdp.InternalUmeUiFactoryCompInterface$External.getAttributeLayoutInformation(In
ternalUmeUiFactoryCompInterface.java:856) at
com.sap.security.core.wd.maintainuser.WriteableDetailInterfaceView.onPlugCopyIn(WriteableDetailInterfaceView.java:179
) at
com.sap.security.core.wd.maintainuser.WriteableDetailInterfaceView.onPlugCreateIn(WriteableDetailInterfaceView.java:1
11) at
com.sap.security.core.wd.maintainuser.wdp.InternalWriteableDetailInterfaceView.wdInvokeEventHandler(InternalWriteable
DetailInterfaceView.java:110) at
com.sap.tc.webdynpro.progmodel.generation.DelegatingInterfaceView.invokeEventHandler(DelegatingInterfaceView.java:85)
at com.sap.tc.webdynpro.clientserver.cal.ClientApplication.navigate(ClientApplication.java:826) at
com.sap.tc.webdynpro.clientserver.cal.ClientComponent.navigate(ClientComponent.java:873) at
com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.doNavigation(WindowPhaseModel.java:498) at
com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequest(WindowPhaseModel.java:144) at
com.sap.tc.webdynpro.clientserver.window.WebDynproWindow.processRequest(WebDynproWindow.java:335) at
com.sap.tc.webdynpro.clientserver.cal.AbstractClient.executeTasks(AbstractClient.java:143) at
com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:299) at
com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessingPortal(ClientSession.java:731) at
com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:667) at
com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:232) at
com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:152) at
com.sap.tc.webdynpro.clientserver.session.core.ApplicationHandle.doProcessing(ApplicationHandle.java:73) at
com.sap.tc.webdynpro.portal.pb.impl.AbstractApplicationProxy.sendDataAndProcessActionInternal(AbstractApplicationProx
y.java:879) at
com.sap.tc.webdynpro.portal.pb.impl.localwd.LocalApplicationProxy.sendDataAndProcessAction(LocalApplicationProxy.java
:77) at com.sap.portal.pb.PageBuilder.updateApplications(PageBuilder.java:1291) at
com.sap.portal.pb.PageBuilder.SendDataAndProcessAction(PageBuilder.java:325) at
com.sap.portal.pb.PageBuilder$1.doPhase(PageBuilder.java:831) at
com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processPhaseListener(WindowPhaseModel.java:755) at
com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.doPortalDispatch(WindowPhaseModel.java:717) at
com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequest(WindowPhaseModel.java:136) at
com.sap.tc.webdynpro.clientserver.window.WebDynproWindow.processRequest(WebDynproWindow.java:335) at
com.sap.tc.webdynpro.clientserver.cal.AbstractClient.executeTasks(AbstractClient.java:143) at
com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:299) at
com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessingStandalone(ClientSession.java:711)
at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:665) at
com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:232) at
com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:152) at
com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doContent(DispatcherServlet.java:62) at
com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doPost(DispatcherServlet.java:53) at
javax.servlet.http.HttpServlet.service(HttpServlet.java:760) at
javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at
com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:390) at
com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:264) at
com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:347) at
com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:325) at
com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:887) at
com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:241) at
com.sap.engine.services.httpserver.server.Client.handle(Client.java:92) at
com.sap.engine.services.httpserver.server.Processor.request(Processor.java:148) at
com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMe
ssageListener.java:33) at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41) at
com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37) at
java.security.AccessController.doPrivileged(Native Method) at
com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100) at
com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)
Severity : Error
Category : /System/Security/Usermanagement
Location : com.sap.security.core.persistence.datasource.imp.R3PersistenceBase.getPrivateIDPart()
Application : sap.com/tcwddispwda
Thread : SAPEngine_Application_Thread[impl:3]_49
Datasource : 19184150:D:\usr\sap\PTD\JC01\j2ee\cluster\server0\log\defaultTrace.trc
Message ID : 000C29F20933005300000AB9000006580004245B630B0BAC
Source Name : com.sap.security.core.persistence.datasource.imp.R3PersistenceBase
Argument Objs : Not a valid SAP user ID: "1Z8uN8K0JUdBbS~Z1WN8". Reason: SAP user ID must contain at least 1 and at
most 12 characters,com.sap.security.core.persistence.datasource.PersistenceException: Not a valid SAP user ID:
"1Z8uN8K0JUdBbS~Z1WN8". Reason: SAP user ID must contain at least 1 and at most 12 characters at
com.sap.security.core.persistence.datasource.imp.R3PersistenceBase.newPersistenceException(R3PersistenceBase.java:178
) at com.sap.security.core.persistence.datasource.imp.R3Persistence.getPrivateIDPart(R3Persistence.java:2532)
at
com.sap.security.core.persistence.datasource.imp.DataSourceBaseImplementation.bindNewPrincipalDatabag(DataSourceBaseI
mplementation.java:340) at
com.sap.security.core.persistence.datasource.imp.R3Persistence$Transaction.bindNewPrincipalDatabag(R3Persistence.java
:8727) at
com.sap.security.core.persistence.imp.PrincipalDatabagFactoryInstance.bindNewPrincipalDatabag(PrincipalDatabagFactory
Instance.java:4640) at
com.sap.security.core.persistence.imp.PrincipalDatabag.getIDParts(PrincipalDatabag.java:1034) at
com.sap.security.core.persistence.imp.PrincipalDatabagFactoryInstance.isPrincipalDatabagAttributeModifiable(Principal
DatabagFactoryInstance.java:2331) at
com.sap.security.core.imp.PrincipalFactory.isPrincipalAttributeModifiable(PrincipalFactory.java:255) at
com.sap.security.core.imp.PrincipalFactory.isPrincipalAttributeModifiable(PrincipalFactory.java:215) at
com.sap.security.core.jmx.impl.CompanyPrincipalFactory.isPrincipalAttributeCreateable(CompanyPrincipalFactory.java:24
71) at com.sap.security.core.jmx.impl.JmxLayoutHelper.getAttributeLayoutInformation(JmxLayoutHelper.java:67)
at com.sap.security.core.jmx.impl.JmxServer.getAttributeLayoutInformation(JmxServer.java:304) at
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at
java.lang.reflect.Method.invoke(Method.java:324) at
com.sap.pj.jmx.introspect.DefaultMBeanInvoker.invoke(DefaultMBeanInvoker.java:58) at
javax.management.StandardMBean.invoke(StandardMBean.java:286) at
com.sap.pj.jmx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:944) at
com.sap.pj.jmx.server.interceptor.MBeanServerWrapperInterceptor.invoke(MBeanServerWrapperInterceptor.java:288) at
com.sap.engine.services.jmx.CompletionInterceptor.invoke(CompletionInterceptor.java:409) at
com.sap.pj.jmx.server.interceptor.BasicMBeanServerInterceptor.invoke(BasicMBeanServerInterceptor.java:277) at
com.sap.jmx.provider.ProviderInterceptor.invoke(ProviderInterceptor.java:258) at
com.sap.engine.services.jmx.RedirectInterceptor.invoke(RedirectInterceptor.java:340) at
com.sap.pj.jmx.server.interceptor.MBeanServerInterceptorChain.invoke(MBeanServerInterceptorChain.java:330) at
com.sap.engine.services.jmx.MBeanServerSecurityWrapper.invoke(MBeanServerSecurityWrapper.java:287) at
com.sap.engine.services.jmx.ClusterInterceptor.invoke(ClusterInterceptor.java:776) at
com.sap.pj.jmx.server.interceptor.MBeanServerInterceptorChain.invoke(MBeanServerInterceptorChain.java:330) at
com.sap.security.core.jmx._gen.IJmxServer$Impl.getAttributeLayoutInformation(IJmxServer.java:1695) at
com.sap.security.core.wd.jmxmodel.JmxModelCompInterface.getAttributeLayoutInformation(JmxModelCompInterface.java:485)
at
com.sap.security.core.wd.jmxmodel.wdp.InternalJmxModelCompInterface.getAttributeLayoutInformation(InternalJmxModelCom
pInterface.java:441) at
com.sap.security.core.wd.jmxmodel.wdp.InternalJmxModelCompInterface$External.getAttributeLayoutInformation(InternalJm
xModelCompInterface.java:712) at
com.sap.security.core.wd.umeuifactory.UmeUiFactoryCompInterface.getAttributeLayoutInformation(UmeUiFactoryCompInterfa
ce.java:675) at
com.sap.security.core.wd.umeuifactory.wdp.InternalUmeUiFactoryCompInterface.getAttributeLayoutInformation(InternalUme
UiFactoryCompInterface.java:519) at
com.sap.security.core.wd.umeuifactory.wdp.InternalUmeUiFactoryCompInterface$External.getAttributeLayoutInformation(In
ternalUmeUiFactoryCompInterface.java:856) at
com.sap.security.core.wd.maintainuser.WriteableDetailInterfaceView.onPlugCopyIn(WriteableDetailInterfaceView.java:179
) at
com.sap.security.core.wd.maintainuser.WriteableDetailInterfaceView.onPlugCreateIn(WriteableDetailInterfaceView.java:1
11) at
com.sap.security.core.wd.maintainuser.wdp.InternalWriteableDetailInterfaceView.wdInvokeEventHandler(InternalWriteable
DetailInterfaceView.java:110) at
com.sap.tc.webdynpro.progmodel.generation.DelegatingInterfaceView.invokeEventHandler(DelegatingInterfaceView.java:85)
at com.sap.tc.webdynpro.clientserver.cal.ClientApplication.navigate(ClientApplication.java:826) at
com.sap.tc.webdynpro.clientserver.cal.ClientComponent.navigate(ClientComponent.java:873) at
com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.doNavigation(WindowPhaseModel.java:498) at
com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequest(WindowPhaseModel.java:144) at
com.sap.tc.webdynpro.clientserver.window.WebDynproWindow.processRequest(WebDynproWindow.java:335) at
com.sap.tc.webdynpro.clientserver.cal.AbstractClient.executeTasks(AbstractClient.java:143) at
com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:299) at
com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessingPortal(ClientSession.java:731) at
com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:667) at
com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:232) at
com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:152) at
com.sap.tc.webdynpro.clientserver.session.core.ApplicationHandle.doProcessing(ApplicationHandle.java:73) at
com.sap.tc.webdynpro.portal.pb.impl.AbstractApplicationProxy.sendDataAndProcessActionInternal(AbstractApplicationProx
y.java:879) at
com.sap.tc.webdynpro.portal.pb.impl.localwd.LocalApplicationProxy.sendDataAndProcessAction(LocalApplicationProxy.java
:77) at com.sap.portal.pb.PageBuilder.updateApplications(PageBuilder.java:1291) at
com.sap.portal.pb.PageBuilder.SendDataAndProcessAction(PageBuilder.java:325) at
com.sap.portal.pb.PageBuilder$1.doPhase(PageBuilder.java:831) at
com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processPhaseListener(WindowPhaseModel.java:755) at
com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.doPortalDispatch(WindowPhaseModel.java:717) at
com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequest(WindowPhaseModel.java:136) at
com.sap.tc.webdynpro.clientserver.window.WebDynproWindow.processRequest(WebDynproWindow.java:335) at
com.sap.tc.webdynpro.clientserver.cal.AbstractClient.executeTasks(AbstractClient.java:143) at
com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:299) at
com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessingStandalone(ClientSession.java:711)
at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:665) at
com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:232) at
com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:152) at
com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doContent(DispatcherServlet.java:62) at
com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doPost(DispatcherServlet.java:53) at
javax.servlet.http.HttpServlet.service(HttpServlet.java:760) at
javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at
com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:390) at
com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:264) at
com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:347) at
com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:325) at
com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:887) at
com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:241) at
com.sap.engine.services.httpserver.server.Client.handle(Client.java:92) at
com.sap.engine.services.httpserver.server.Processor.request(Processor.java:148) at
com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMe
ssageListener.java:33) at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41) at
com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37) at
java.security.AccessController.doPrivileged(Native Method) at
com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100) at
com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)----
caused by
com.sap.security.core.persistence.datasource.imp.r3persistence.SapUidFormatException: Not a valid SAP user
ID: "1Z8uN8K0JUdBbS~Z1WN8". Reason: SAP user ID must contain at least 1 and at most 12 characters at
com.sap.security.core.persistence.datasource.imp.r3persistence.Util.assertSapUidLength(Util.java:73) at
com.sap.security.core.persistence.datasource.imp.R3Persistence.getPrivateIDPart(R3Persistence.java:2512) at
com.sap.security.core.persistence.datasource.imp.DataSourceBaseImplementation.bindNewPrincipalDatabag(DataSourceBaseI
mplementation.java:340) at
com.sap.security.core.persistence.datasource.imp.R3Persistence$Transaction.bindNewPrincipalDatabag(R3Persistence.java
:8727) at
com.sap.security.core.persistence.imp.PrincipalDatabagFactoryInstance.bindNewPrincipalDatabag(PrincipalDatabagFactory
Instance.java:4640) at
com.sap.security.core.persistence.imp.PrincipalDatabag.getIDParts(PrincipalDatabag.java:1034) at
com.sap.security.core.persistence.imp.PrincipalDatabagFactoryInstance.isPrincipalDatabagAttributeModifiable(Principal
DatabagFactoryInstance.java:2331) at
com.sap.security.core.imp.PrincipalFactory.isPrincipalAttributeModifiable(PrincipalFactory.java:255) at
com.sap.security.core.imp.PrincipalFactory.isPrincipalAttributeModifiable(PrincipalFactory.java:215) at
com.sap.security.core.jmx.impl.CompanyPrincipalFactory.isPrincipalAttributeCreateable(CompanyPrincipalFactory.java:24
71) at com.sap.security.core.jmx.impl.JmxLayoutHelper.getAttributeLayoutInformation(JmxLayoutHelper.java:67)
at com.sap.security.core.jmx.impl.JmxServer.getAttributeLayoutInformation(JmxServer.java:304) at
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at
java.lang.reflect.Method.invoke(Method.java:324) at
com.sap.pj.jmx.introspect.DefaultMBeanInvoker.invoke(DefaultMBeanInvoker.java:58) at
javax.management.StandardMBean.invoke(StandardMBean.java:286) at
com.sap.pj.jmx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:944) at
com.sap.pj.jmx.server.interceptor.MBeanServerWrapperInterceptor.invoke(MBeanServerWrapperInterceptor.java:288) at
com.sap.engine.services.jmx.CompletionInterceptor.invoke(CompletionInterceptor.java:409) at
com.sap.pj.jmx.server.interceptor.BasicMBeanServerInterceptor.invoke(BasicMBeanServerInterceptor.java:277) at
com.sap.jmx.provider.ProviderInterceptor.invoke(ProviderInterceptor.java:258) at
com.sap.engine.services.jmx.RedirectInterceptor.invoke(RedirectInterceptor.java:340) at
com.sap.pj.jmx.server.interceptor.MBeanServerInterceptorChain.invoke(MBeanServerInterceptorChain.java:330) at
com.sap.engine.services.jmx.MBeanServerSecurityWrapper.invoke(MBeanServerSecurityWrapper.java:287) at
com.sap.engine.services.jmx.ClusterInterceptor.invoke(ClusterInterceptor.java:776) at
com.sap.pj.jmx.server.interceptor.MBeanServerInterceptorChain.invoke(MBeanServerInterceptorChain.java:330) at
com.sap.security.core.jmx._gen.IJmxServer$Impl.getAttributeLayoutInformation(IJmxServer.java:1695) at
com.sap.security.core.wd.jmxmodel.JmxModelCompInterface.getAttributeLayoutInformation(JmxModelCompInterface.java:485)
at
com.sap.security.core.wd.jmxmodel.wdp.InternalJmxModelCompInterface.getAttributeLayoutInformation(InternalJmxModelCom
pInterface.java:441) at
com.sap.security.core.wd.jmxmodel.wdp.InternalJmxModelCompInterface$External.getAttributeLayoutInformation(InternalJm
xModelCompInterface.java:712) at
com.sap.security.core.wd.umeuifactory.UmeUiFactoryCompInterface.getAttributeLayoutInformation(UmeUiFactoryCompInterfa
ce.java:675) at
com.sap.security.core.wd.umeuifactory.wdp.InternalUmeUiFactoryCompInterface.getAttributeLayoutInformation(InternalUme
UiFactoryCompInterface.java:519) at
com.sap.security.core.wd.umeuifactory.wdp.InternalUmeUiFactoryCompInterface$External.getAttributeLayoutInformation(In
ternalUmeUiFactoryCompInterface.java:856) at
com.sap.security.core.wd.maintainuser.WriteableDetailInterfaceView.onPlugCopyIn(WriteableDetailInterfaceView.java:179
) at
com.sap.security.core.wd.maintainuser.WriteableDetailInterfaceView.onPlugCreateIn(WriteableDetailInterfaceView.java:1
11) at
com.sap.security.core.wd.maintainuser.wdp.InternalWriteableDetailInterfaceView.wdInvokeEventHandler(InternalWriteable
DetailInterfaceView.java:110) at
com.sap.tc.webdynpro.progmodel.generation.DelegatingInterfaceView.invokeEventHandler(DelegatingInterfaceView.java:85)
at com.sap.tc.webdynpro.clientserver.cal.ClientApplication.navigate(ClientApplication.java:826) at
com.sap.tc.webdynpro.clientserver.cal.ClientComponent.navigate(ClientComponent.java:873) at
com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.doNavigation(WindowPhaseModel.java:498) at
com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequest(WindowPhaseModel.java:144) at
com.sap.tc.webdynpro.clientserver.window.WebDynproWindow.processRequest(WebDynproWindow.java:335) at
com.sap.tc.webdynpro.clientserver.cal.AbstractClient.executeTasks(AbstractClient.java:143) at
com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:299) at
com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessingPortal(ClientSession.java:731) at
com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:667) at
com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:232) at
com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:152) at
com.sap.tc.webdynpro.clientserver.session.core.ApplicationHandle.doProcessing(ApplicationHandle.java:73) at
com.sap.tc.webdynpro.portal.pb.impl.AbstractApplicationProxy.sendDataAndProcessActionInternal(AbstractApplicationProx
y.java:879) at
com.sap.tc.webdynpro.portal.pb.impl.localwd.LocalApplicationProxy.sendDataAndProcessAction(LocalApplicationProxy.java
:77) at com.sap.portal.pb.PageBuilder.updateApplications(PageBuilder.java:1291) at
com.sap.portal.pb.PageBuilder.SendDataAndProcessAction(PageBuilder.java:325) at
com.sap.portal.pb.PageBuilder$1.doPhase(PageBuilder.java:831) at
com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processPhaseListener(WindowPhaseModel.java:755) at
com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.doPortalDispatch(WindowPhaseModel.java:717) at
com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequest(WindowPhaseModel.java:136) at
com.sap.tc.webdynpro.clientserver.window.WebDynproWindow.processRequest(WebDynproWindow.java:335) at
com.sap.tc.webdynpro.clientserver.cal.AbstractClient.executeTasks(AbstractClient.java:143) at
com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:299) at
com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessingStandalone(ClientSession.java:711)
at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:665) at
com.sap.tc.webdynpro.clientserver.session.ClientSessioI found the solution to my own problem. My guess that the generated ID was causing problems was correct. The fix was to change the ume.logon.security_policy.
useridmaxlength to 12 instead of the default of 20.
After I did that and restarted, UME users were working properly. SAP help does describe this issue at the bottom of http://help.sap.com/saphelp_nw04/helpdata/en/b5/16c43bdd3da244a1d3372a77b5f83f/content.htm which I found after the issue had been fixed.
<rant>This is another case of a sub-optimal default value in NW2004s. Why not make it 12 to match the limitation in ABAP by default? There are way too many little things like this in the current stack.</rant>
Rob -
CRM 7.0 How to create Business role & generate
Hi Team,
Can you please let me know some breif idea about CRM 7.0 security guide.
How to created Business role is this part of functional activity?
Whats the role of Technical colleagues BASIS guys in CRM 7.0 security .
Please help me to get some document regarding business role creation , generation , assignment & authorization checks in CRM 7.0.
Thanks & Regards,
Vyash MishraHello Viyash
I will add the most important information for generation of business roles and assignment of authorizations to users.
You must first create the PFCG roles. PFCG role is built based on the Business Role.
Please see documentation in : SPRO
SAP Implementation Guide => Customer Relationship Management
UI Framework > Business roles > Define Authorization Role
Then the PFCG role can be assigned to the business role in
SAP Implementation Guide => Customer Relationship Management
UI Framework > Business roles > Define Business role
Finally you must assign business roles to Organizations or positions in organizations in
SAP Implementation Guide => Customer Relationship Management
UI Framework > Business roles > Define Organizational Assignment
The users that are assigned to such organizations / positions will be therefore linked to the business role.
With the previous steps the users will have the authorizations that are assigned to the PFCG profile that is linked to their business role.
Business roles are the main way to configure authorizations for users in CRM but you have more options that give you flexibility.Each business role has assigned one PFCG role, but the relationship between business role and PFCG role is not strict. You can even assign a dummy PFCG role to a certain business role in business role customizing and then go to transaction PFCG and assign other PFCG role(s) to the users that are assigned to that business role.
I would say that the previous tasks must be performed by the basis team but in cooperation with the functional team
Best Regards
Luis Rivera -
Roles and Authorization strategy for SAP BIBO
Hello All,
We are doing an implementation where Source is a Oracle, SAP BI warehouse and BO XI3.1 as reporting solution.
Our customer has asked for the authorization strategy that will be implemented in SAP BI. Currently the users belong to different companies or plants or countries
Current structure is like,
User 1 belongs to Plant1 of Country1
User 2 belongs to Plant2 of Country2
user 3 belongs to Plant3 of Country1 etc..
We have more than 500 users who will use the reports. The user belonging to a particular plant should only see the plant data/Country data he belongs to.
As I understand, we need to create the roles in BW and these roles to be imported into BO to use for the row and column level security.
The options we considered are,
1. Use Bex queries in BW to with ABAP code in CMOD to identify the user belongs to Plant 1, 2 or 3 and provide necessary authorizations.
2. Create user groups based on the country or company they belong to and create as many roles as required. This will however impact the maintenance of so many roles in the BI system.
We are also forced to avoid Bex queries in BW and hence, trying to connect Multiproviders directly in BO universe.
How should we go forward in designing the authorization concept? Any better ideas?
Thanks and Regards,
SrinivasThere are two ways which we can implement this kind of authorization based on my knowledge.
1. Data Security purely at BW
If the data is secured based on roles and users, there is no need of additional authorization from BO side except at report and folder level if you go for SAP Authentication.
Once you use SAP authenication and enable single sign on option in universe connection, the SAP users can access data based on their profile set at BW.
2. Data Security from BO
Let's assume that, if nothing is set at BW and every thing to be take care from BO.
Then you could create one multiple provider for each plant / country. Create one connection for each multiprovider
Create restrictions (Tools--> Manage Access Restrictions) for each plant/country. There you can change connection names.
So you would need to create many restrictions for different permutations and combinations.
I never tries this option with Multiprovider. But It worked well with NON-SAP data.
Hope this helps!
Regards
Gowtham -
Is it possible to create dimension roles in AWM?
Hi,
Is it possible to create dimension roles in AWM like the way we have in OWB ?
If yes, please direct on the way to do this.
Many thanks in advance for your kind inputs.
PiyushI think what you need is to use the ALIAS option that is part of the DEFINE DIMENSION statement
DEFINE DIMENSION ALIASOF
The DEFINE DIMENSION ALIASOF command defines a dimension alias for a simple dimension. An alias dimension has the same type and values as its base dimension. Typically, you define an alias dimension when you want to dimension a variable by the same dimension twice.
Additionally, You can use a LIMIT statement to limit alias dimensions and define variables and relations using an alias dimension. However, you cannot maintain an alias dimension directly; instead you maintain its base dimension using MAINTAIN.
Syntax
DEFINE name DIMENSION ALIASOF dimension [TEMP] [AW workspace] [SESSION]
Arguments
name
The name of the object you are defining. For general information about this argument, see the main entry for the DEFINE command.
DIMENSION ALIASOF
If you look at this example if provides a great example of how to use this feature:
http://download.oracle.com/docs/cd/B19306_01/olap.102/b14346/dml_x_decimal006.htm#ABC1485326
But of course the main issue here is how to generate the standard form metadata required to support this feature and make the dimension alias avaliable and visible within AWM. That is the difficult (and I would say impossible) part of the process since this feature is not supported by the AW XML API (at least I don't think it is, you could check the API docs to see if this is supported). if it is not supported then the management of this feature would all have to be controlled via OLAP DML commands (load dimension members etc) but you would still not be able to include it within a cube definition and then maintain that cube using AW XML API.
Does that help?
Keith -
What are the roles & responsibilites of consultant in SAP upgradation or mi
Hello ,
Would you please any dody help me to provide the role & responsibilities of consultant in SAP upgradation or migration project.Thanks.
Regards,
SampallyHello,
If the project is of technical up gradation then with no functionality changed, Then the job of abap consultant is critical, right from creating spdd and spau, interfaces, debug the new programs and fix the bugs if exists in the new programs. The functional consultant has to test the new system from functions point of view; functional consultant is responsible for taking user acceptance test before going on live to the new system.
Regards,
Vivek -
I am developing a recursive tree in a Web Dynpro App. My tree has some nodes and subnodes. Under the subnodes i have documents. Depending to the permission of the users should be decided what can the user do with the documents, for example, create, upate, delete and so on. I need to check the authorization of users. I want to follow the conzept like the Web Dynpro tutorial RentCar APP with Actions und Permissions. If a user logs on, i can get his UME role and group. My question is: if it is possible to list the permissions behind of one specific role, which is assigned to the user or a group.
In short I want to list the permissions and not only check if the user has it or not.
Please help me.
Regards
Hairong ZhaoHi Sudhir,
thank you very much for your quick answer. But it can't resolve our problem really.If we only use hasPermission() method to check if the user has right, the efford to check user in our case is too great .
I try to describe our problem exactly. In our case, thers is possible that tausend documents can be attached to a node. we can't create a permission for every document. We create for every node a role, but for document we haven't role. If we don't use the conzept with Actions and Permissions, how can we check the permission of the users, have you another idea?
Regards,
Hairong Zhao -
How to create authorization role for just displaying query prefix Q and X.
Hi Expert,
I hope someone can help me on how to create authorization role for just displaying and executing BEX Queries prefix Q and X. I'm currently using SAP BI 7.1.
Actually, I already created one role called : Z_FORINDO_ONLYDISPLAY_QX
where I only put in the Authorization Component (in the Role Maintenance - Tcode 'pfcg'):
-->Manually Business Information Warehouse
--> Manually Business Explorer - Components
Activity : Display, Execute, Enter, Include, Assign
InfoArea : *
InfoCube : *
Name(ID) of a reporting component : *
Type of a reporting component : Calculated key figure, Restricted key figure, Template structure
--> Manually Business Explorer - Components
Activity : Display, Execute
InfoArea : *
InfoCube : *
Name(ID) of a reporting component : Q* , X*
Type of a reporting component : Query
But, the problem is I still can make changes on that queries (Q* and X*). Even, I still can run query with prefix Z. I use S_RS_RREPU Tamplete for Query Display and execution.
Please assist. Very much appreciate your help. Thanks.
Edited by: nadiyah salleh on Mar 18, 2008 11:22 AMQuestion close. This issue has been resolved.
Maybe you are looking for
-
Performance Problem in Report built on a DSO
Dear All, we had a report created on the top of the ODS(0sd_o06) with selection criterion as profit center,now when we click the profit center varible entry to see the selection, a window pop up and it is there for 30 mins after that only we can make
-
How to represent an association "many to many" with an association class?
I work with JPA (and TopLink essentials). Class Person Class Project Association M:N between these 2 classes. A person has a function in each project she participates in. My relational schema: table PERSON, primary key person_id, person_name,... tabl
-
3GS Switches Off in middle of call
Since upgrading to the I Phone 4 Software i have had nothing but problems, in the middle of a phone call it Re Boots, this is happening all the time I have all the updates and I have tried Restoring but this doesnt solve the problem. I had had the ph
-
HT4557 Does Home Share allow me to share apps? or only music, tv shows and movies?
Does Home Share allow me to share apps, or only music, tv shows and movies?
-
Digitize tape with timecode breaks??
Is there a way to do this in FCP. Like start the tape playing and digitize thru the time code breaks?? Thanks John