Creating Historical based Security Access Type

I am trying to create a Security Access Type for PPLJOB that will look at the Reg_Region of an employee and if the historical rows of JOB contain the reg_region, use the employee in a Data Permission for Security. I want to know if anyone has tried this before and how the SQLID for Where needed to be coded. I created a SQLID with the following statement which didn't pull any employees:
PA.EMPLID = JOB.EMPLID AND PA.EMPL_RCD = JOB.EMPL_RCD AND JOB.EFFDT = (SELECT MAX(EFFDT) FROM PS_JOB JOB2 WHERE JOB.EMPLID = JOB2.EMPLID AND JOB.EMPL_RCD = JOB2.EMPL_RCD AND JOB2.EFFDT <= %CurrentDateIn) AND JOB.EFFSEQ = (SELECT MAX(EFFSEQ) FROM PS_JOB JOB3 WHERE JOB.EMPLID = JOB3.EMPLID AND JOB.EMPL_RCD = JOB3.EMPL_RCD AND JOB.EFFDT = JOB3.EFFDT) AND JR.EMPLID = JOB.EMPLID AND JR.EMPL_RCD = JOB.EMPL_RCD AND JR.EFFDT = JOB.EFFDT AND JR.EFFSEQ = JOB.EFFSEQ AND JOB.REG_REGION <> %Bind(SCRTY_KEY1) AND EXISTS (SELECT 'X' FROM PS_JOB JOB4 WHERE JOB.EMPLID = JOB4.EMPLID AND JOB.EMPL_RCD = JOB4.EMPL_RCD AND JOB4.EFFDT < JOB.EFFDT AND JOB4.REG_REGION = %Bind(SCRTY_KEY1))

Thank you for the feedback Carl. Again, I am new to this, so please be patient with me. I am not sure what you mean about adding the parameter to the record selection formula. I have drug the parameter field into the report so that it will prompt for parameters before running, but I do not think that is what you are talking about. Please advise.
To your question about the Submit Date field in the report, when I open up the report and I point at the field for Submit Date the popup shows HPD_Help_Desk.Submit_Date (DateTime). That being the case, I think the answer to your question is that the data type of the data being returned is DateTime. Thanks again for the assistance.

Similar Messages

FRM-41816 ERORR when creating territories based on territory type

Hi, guys!
So the problem is: I have a territory type for usage in Oracle Service, there are 3 transaction types defined - Service Request, Service Request and Task, Task - in this territory type.
So when I try to create territory based on this territory type, I get an Error FRM-41816: Attempt to create existing timer: POST_BLOCK_TRANX.
If I'm not using territory type to create a territory, this error doesn't show up.
Any solutions, would be greatly appreciated.
JAN

You have to generate the view inside the database. When Designer compiles the Form, it does it against a database, so the items used inside the Form should be inside the database.
Regards,
Mark

7.0 Create forms based on Access data -David O'Hanlon are you there?

Hi - Using a pdf created using LiveCycle 7.0<br /><br />I'm trying to create xFDFs using data from an Access database. The xFDF should then be e-mailed to users who fill out the forms and return xml files by e-mail. I then parse out the xml in to SQL Server using VBScript.<br /><br />The problem is that setting the value isn't working. The real form is based on an XML schema & is more complicated, so Here's the xfdf I'm trying to create for a simple test:<br /><br />================================================================<br /><?xml version="1.0" encoding="UTF-8"?><br /><xfdf xmlns="http://ns.adobe.com/xfdf/" xml:space="preserve"><br /> <fields><br /> <field name="Identifier"><br /> <value>CRAP</value><br /> </field><br /> </fields><br /> <f href="C:\Documents and Settings\kirkenda\My Documents\ReviewerForm\form.pdf"/><br /></xfdf><br />===============================================================<br />The pdf form only has one field, Identifier. The xfdf will open in reader, but the value isn't set to CRAP. This type of thing works in forms created using Acrobat 6.0, but I can't get it to work with the forms I've created using LiveCycle Designer 7.0 that comes with Acrobat 7.0. I'm thinking of uninstalling 7.0 and reinstalling 6.0, as I've hit a wall at every turn to try to pre-populate a form.<br /><br />Has anyone been able to do this in 7.0?<br /><br />Any comments at all - ANYTHING! would be welcome.<br /><br />Thanks -- Ginger<br />(posted to the Acrobat forum by mistake)

I have a vital form that clients fill out, which is passed to many people in the company along the workflow. The form is a Planner and we have in the following PDF, Word Doc..
Well before, the Planner.pdf was originally created in Word, since most people have access to Word.. but evolved to a PDF form created from the Word Doc via Adobe LiveCycle Designer 8.0 w/ User Rights enabled so that the form could be filled out and saved using Adobe Reader.. which was a step better than Word.. being that it is free. But this needed to be easier and more to the point b/c some clients don't particularly like installing the latest version of Reader, even if you provide them the link. Nor do they like saving the form, filling the form, and attaching the form to send back.
My goal is to have the client fill an HTML version of the form, submit and be done with it, but everyone in the workflow be able to easily receive the filled Planner as a PDF form.
So some months ago I ran into this post Chris Trip, "Populate Livecycle PDF from mySQL database using PHP" #8, 22 Sep 2007 4:37 pm
which uses the command line Win32 pdftk.exe to merge an FDF file into an existing PDF on the remote server, and serve this to whoever.
My problem was with shared hosting and having the ability to use the Win32 pdftk.exe along with PHP which is predominantly used on Linux boxes. And we used a Linux box.
so i created the following unorthodox method, which a client fills the HTML version of the Planner, all field values are INSERTED into a table in MySQL DB, I and all filled planners that have been filled by clients to date can be viewed from a repository page where an XML file is served up of the corresponding client, but someone would have to have Acrobat Professional, to import the form data from the XML file into a blank form.. altoughh this is simple for me.. I have the PHP file already created so that when a Planner is filled and client submits. >> the an email is sent to me with a table row from the repository of the client name, #, email, and a link to d-load the XML file,
But I also have the PHP files created so that the Planner can be sent to by email to various people in the workflow with certain fileds ommitted they they do not need to see, but instead of the XML file beiong served up i need the filled PDF Planner to be served.
I can do this locally with ease on a testing server, but I am currently trying to use another host that uses cross-platform compatibility so i can use PHP and the pdftk.exe to achieve this, as that is why I am having to serve up an XML file b/c we use a Linux server for our website, and cant execute the exe.
Now that I am testing the other server (cross-platform host), just to use them to do the PDF handling (and it's only $5 per month) I am having problems with getting READ, WRITE, EXECUTE permissions..
Si guess a good question to ask is can PHP do the same procedure as the pdftk.exe, and i can eleminate it.
or how in the heck can i get this data from the DB into a blank PDF form, like i have described??
here are some link to reference
Populating a LiveCycle PDF with PHP and MySQL
http://www.andrewheiss.com/Tutorials?page=LiveCycle_PDFs_and_MySQL
HTML form that passed data into a PDF
http://www.mactech.com/articles/mactech/Vol.20/20.11/FillOnlinePDFFormsUsingHTML/index.htm l
and an example
http://accesspdf.com/html_pdf_form/

BI Data Access Set-based security

Hi,
My client is using EBS security feature “Data Access Set” for segment security. I'm looking for a tech note to implement this type of security from the OBIEE/OBIA side.
Any pointers on this topic would be very much appreciated,
Tarik Bouaziz.
Environment: OBIEE 11.1.1.5.0 on Solaris Sparc64, OBIA 7.9.6.3, EBS 12.1.3

Tarik,
If I don't mistake, the "Data Access Set" security on EBS 12 is based on the Ledger-Based Security in OBIA (2.6.4 Ledger-Based Security for Oracle EBS).
Gurus, thanks to confirm.
Hope it helps,
Benoît

Voucher based guest access for vWLC (time restricted pre created user auth codes)

Hi all,
Is it possible to create voucher based user auth tickets for guest wireless on the Cisco WLC?
We are running the vWLC latest version
Cheers, Simon

No you can not create voucher using vWLC But you can create guest access using vWLC.
For the Guest access deployment ,plesae refer to the document below.
http://www.cisco.com/c/en/us/td/docs/wireless/technology/guest_access/technical/reference/4-1/GAccess_41.html#wp1000477

Control Authorisation Access based on Planning type in Flexible SOP

hi,
How can we control MC93 and MC94 access based on Planning type for different users?i.e only certain Planning types allowed for one user.

Hello
I would like to do the same...
So far the only thing I can find is enhancement MCP20005 which allows you to extend authorization check for planning. The planning type is available in this function module and if you return subrc ne 0 authorization is denied.
Hope you find this helpful.
Thanks,
Heidi

Error FRM-41816: When creating a territory based on territory type

Hi, guys!
So the problem is: I have a territory type for usage in Oracle Service, there are 3 transaction types defined - Service Request, Service Request and Task, Task - in this territory type.
So when I try to create territory based on this territory type, I get an Error FRM-41816: Attempt to create existing timer: POST_BLOCK_TRANX.
If I'm not using territory type to create a territory, this error doesn't show up.
Any solutions, would be greatly appreciated.
JAN

Shira,
Sorry, just re-read your post. Am I correct in thinking that you want to use the Controllers assigned within SPM to act as the approvers in CUP?
If so, what support pack version are you on as I believe that this only works in SP08 due to a technical bug. This also impacts the SPM Owners acting as approvers.
You may also wish to check the connectors and authorisations of the connector IDs as without being able to read the tables, the approvers may not be found.
Simon
Edited by: Simon P Persin on Nov 16, 2009 4:37 PM

Authorisation to create material master based on material type

Hello MM Gurus,
How to create user authorisation to create material master on the basis
of material type i.e. some are authorised to create material master with
material type ROH only and some are authorised to create material master with
material type HALB.
Regards
Yoga

Hi,
Please proceed as follows.
- Insert the Authorisation Object M_MATE_MAR in your master role.
- Maintain multiple derived roles with specific values of material type against the inserted authorisation object.
Hope this clarifies your doubt.
Please award points if you find this info useful.
Regards,
Priyadarshi.

Using container managed form-based security in JSF

h1. Using container managed, form-based security in a JSF web app.
A Practical Solution
h2. {color:#993300}*But first, some background on the problem*{color}
The Form components available in JSF will not let you specify the target action, everything is a post-back. When using container security, however, you have to specifically submit to the magic action j_security_check to trigger authentication. This means that the only way to do this in a JSF page is to use an HTML form tag enclosed in verbatim tags. This has the side effect that the post is not handled by JSF at all meaning you can't take advantage of normal JSF functionality such as validators, plus you have a horrible chimera of a page containing both markup and components. This screws up things like skinning. ([credit to Duncan Mills in this 2 years old article|http://groundside.com/blog/DuncanMills.php?title=j2ee_security_a_jsf_based_login_form&more=1&c=1&tb=1&pb=1]).
In this solution, I will use a pure JSF page as the login page that the end user interacts with. This page will simply gather the input for the username and password and pass that on to a plain old jsp proxy to do the actual submit. This will avoid the whole problem of having to use verbatim tags or a mixture of JSF and JSP in the user view.
h2. {color:#993300}*Step 1: Configure the Security Realm in the Web App Container*{color}
What is a container? A container is basically a security framework that is implemented directly by whatever app server you are running, in my case Glassfish v2ur2 that comes with Netbeans 6.1. Your container can have multiple security realms. Each realm manages a definition of the security "*principles*" that are defined to interact with your application. A security principle is basically just a user of the system that is defined by three fields:
- Username
- Group
- Password
The security realm can be set up to authenticate using a simple file, or through JDBC, or LDAP, and more. In my case, I am using a "file" based realm. The users are statically defined directly through the app server interface. Here's how to do it (on Glassfish):
1. Start up your app server and log into the admin interface (http://localhost:4848)
2. Drill down into Configuration > Security > Realms.
3. Here you will see the default realms defined on the server. Drill down into the file realm.
4. There is no need to change any of the default settings. Click the Manage Users button.
5. Create a new user by entering username/password.
Note: If you enter a group name then you will be able to define permissions based on group in your app, which is much more usefull in a real app.
I entered a group named "Users" since my app will only have one set of permissions and all users should be authenticated and treated the same.
That way I will be able to set permissions to resources for the "Users" group that will apply to all users that have this group assigned.
TIP: After you get everything working, you can hook it all up to JDBC instead of "file" so that you can manage your users in a database.
h2. {color:#993300}*Step 2: Create the project*{color}
Since I'm a newbie to JSF, I am using Netbeans 6.1 so that I can play around with all of the fancy Visual Web JavaServer Faces components and the visual designer.
1. Start by creating a new Visual Web JSF project.
2. Next, create a new subfolder under your web root called "secure". This is the folder that we will define a Security Constraint for in a later step, so that any user trying to access any page in this folder will be redirected to a login page to sign in, if they haven't already.
h2. {color:#993300}*Step 3: Create the JSF and JSP files*{color}
In my very simple project I have 3 pages set up. Create the following files using the default templates in Netbeans 6.1:
1. login.jsp (A Visual Web JSF file)
2. loginproxy.jspx (A plain JSPX file)
3. secure/securepage.jsp (A Visual Web JSF file... Note that it is in the sub-folder named secure)
Code follows for each of the files:
h3. {color:#ff6600}*First we need to add a navigation rule to faces-config.xml:*{color}
    <navigation-rule>
<from-view-id>/login.jsp</from-view-id>
        <navigation-case>
<from-outcome>loginproxy</from-outcome>
<to-view-id>/loginproxy.jspx</to-view-id>
        </navigation-case>
    </navigation-rule>
NOTE: This navigation rule simply forwards the request to loginproxy.jspx whenever the user clicks the submit button. The button1_action() method below returns the "loginproxy" case to make this happen.
h3. {color:#ff6600}*login.jsp -- A very simple Visual Web JSF file with two input fields and a button:*{color}
<?xml version="1.0" encoding="UTF-8"?>
<jsp:root version="2.1"
xmlns:f="http://java.sun.com/jsf/core"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:jsp="http://java.sun.com/JSP/Page"
xmlns:webuijsf="http://www.sun.com/webui/webuijsf">
    <jsp:directive.page
contentType="text/html;charset=UTF-8"
pageEncoding="UTF-8"/>
    <f:view>
        <webuijsf:page
id="page1">
<webuijsf:html id="html1">
<webuijsf:head id="head1">
<webuijsf:link id="link1"
url="/resources/stylesheet.css"/>
</webuijsf:head>
<webuijsf:body id="body1" style="-rave-layout: grid">
<webuijsf:form id="form1">
<webuijsf:textField binding="#{login.username}"
id="username" style="position: absolute; left: 216px; top:
96px"/>
<webuijsf:passwordField binding="#{login.password}" id="password"
style="left: 216px; top: 144px; position: absolute"/>
<webuijsf:button actionExpression="#{login.button1_action}"
id="button1" style="position: absolute; left: 216px; top:
216px" text="GO"/>
</webuijsf:form>
</webuijsf:body>
</webuijsf:html>
        </webuijsf:page>
    </f:view>
</jsp:root>h3. *login.java -- implent the
button1_action() method in the login.java backing bean*
    public String button1_action() {
        setValue("#{requestScope.username}",
(String)username.getValue());
setValue("#{requestScope.password}", (String)password.getValue());
        return "loginproxy";
    }h3. {color:#ff6600}*loginproxy.jspx -- a login proxy that the user never sees. The onload="document.forms[0].submit()" automatically submits the form as soon as it is rendered in the browser.*{color}
{code}
<?xml version="1.0" encoding="UTF-8"?>
<jsp:root xmlns:jsp="http://java.sun.com/JSP/Page"
version="2.0">
<jsp:output omit-xml-declaration="true" doctype-root-element="HTML"
doctype-system="http://www.w3.org/TR/html4/loose.dtd"
doctype-public="-W3CDTD HTML 4.01 Transitional//EN"/>
<jsp:directive.page contentType="text/html"
pageEncoding="UTF-8"/>
<html>
<head> <meta
http-equiv="Content-Type" content="text/html;
charset=UTF-8"/>
<title>Logging in...</title>
</head>
<body
onload="document.forms[0].submit()">
<form
action="j_security_check" method="POST">
<input type="hidden" name="j_username"
value="${requestScope.username}" />
<input type="hidden" name="j_password"
value="${requestScope.password}" />
</form>
</body>
</html>
</jsp:root>
{code}
h3. {color:#ff6600}*secure/securepage.jsp -- A simple JSF{color}
target page, placed in the secure folder to test access*
{code}
<?xml version="1.0" encoding="UTF-8"?>
<jsp:root version="2.1"
xmlns:f="http://java.sun.com/jsf/core"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:jsp="http://java.sun.com/JSP/Page" xmlns:webuijsf="http://www.sun.com/webui/webuijsf">
<jsp:directive.page
contentType="text/html;charset=UTF-8"
pageEncoding="UTF-8"/>
<f:view>
<webuijsf:page
id="page1">
<webuijsf:html id="html1">
<webuijsf:head id="head1">
<webuijsf:link id="link1"
url="/resources/stylesheet.css"/>
</webuijsf:head>
<webuijsf:body id="body1" style="-rave-layout: grid">
<webuijsf:form id="form1">
<webuijsf:staticText id="staticText1" style="position:
absolute; left: 168px; top: 144px" text="A Secure Page"/>
</webuijsf:form>
</webuijsf:body>
</webuijsf:html>
</webuijsf:page>
</f:view>
</jsp:root>
{code}
h2. {color:#993300}*_Step 4: Configure Declarative Security_*{color}
This type of security is called +declarative+ because it is not configured programatically. It is configured by declaring all of the relevant parameters in the configuration files: *web.xml* and *sun-web.xml*. Once you have it configured, the container (application server and java framework) already have the implementation to make everything work for you.
*web.xml will be used to define:*
- Type of security - We will be using "form based". The loginpage.jsp we created will be set as both the login and error page.
- Security Roles - The security role defined here will be mapped (in sun-web.xml) to users or groups.
- Security Constraints - A security constraint defines the resource(s) that is being secured, and which Roles are able to authenticate to them.
*sun-web.xml will be used to define:*
- This is where you map a Role to the Users or Groups that are allowed to use it.
+I know this is confusing the first time, but basically it works like this:+
*Security Constraint for a URL* -> mapped to -> *Role* -> mapped to -> *Users & Groups*
h3. {color:#ff6600}*web.xml -- here's the relevant section:*{color}
{code}
<security-constraint>
<display-name>SecurityConstraint</display-name>
<web-resource-collection>
<web-resource-name>SecurePages</web-resource-name>
<description/>
<url-pattern>/faces/secure/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>HEAD</http-method>
<http-method>PUT</http-method>
<http-method>OPTIONS</http-method>
<http-method>TRACE</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
<auth-constraint>
<description/>
<role-name>User</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name/>
<form-login-config>
<form-login-page>/faces/login.jsp</form-login-page>
<form-error-page>/faces/login.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<description/>
<role-name>User</role-name>
</security-role>
{code}
h3. {color:#ff6600}*sun-web.xml -- here's the relevant section:*{color}
{code}
<security-role-mapping>
<role-name>User</role-name>
<group-name>Users</group-name>
</security-role-mapping>
{code}
h3. {color:#ff6600}*Almost done!!!*{color}
h2. {color:#993300}*_Step 5: A couple of minor "Gotcha's"_ *{color}
h3. {color:#ff6600}*_Gotcha #1_*{color}
You need to configure the "welcome page" in web.xml to point to faces/secure/securepage.jsp ... Note that there is *_no_* leading / ... If you put a / in there it will barf all over itself .
h3. {color:#ff6600}*_Gotcha #2_*{color}
Note that we set the <form-login-page> in web.xml to /faces/login.jsp ... Note the leading / ... This time, you NEED the leading slash, or the server will gag.
*DONE!!!*
h2. {color:#993300}*_Here's how it works:_*{color}
1. The user requests the a page from your context (http://localhost/MyLogin/)
2. The servlet forwards the request to the welcome page: faces/secure/securepage.jsp
3. faces/secure/securepage.jsp has a security constraint defined, so the servlet checks to see if the user is authenticated for the session.
4. Of course the user is not authenticated since this is the first request, so the servlet forwards the request to the login page we configured in web.xml (/faces/login.jsp).
5. The user enters username and password and clicks a button to submit.
6. The button's action method stores away the username and password in the request scope.
7. The button returns "loginproxy" navigation case which tells the navigation handler to forward the request to loginproxy.jspx
8. loginproxy.jspx renders a blank page to the user which has hidden username and password fields.
9. The hidden username and password fields grab the username and password variables from the request scope.
10. The loginproxy page is automatically submitted with the magic action "j_security_check"
11. j_security_check notifies the container that authentication needs to be intercepted and handled.
12. The container authenticates the user credentials.
13. If the credentials fail, the container forwards the request to the login.jsp page.
14. If the credentials pass, the container forwards the request to *+the last protected resource that was attempted.+*
+Note the last point! I don't know how, but no matter how many times you fail authentication, the container remembers the last page that triggered authentication and once you finally succeed the container forwards your request there!!!!+
+The user is now at the secure welcome page.+
If you have read this far, I thank you for your time, and I seriously question your ability to ration your time pragmatically.
Kerry Randolph

If you want login security on your web app, this is one way to do it. (the easiest way i have seen).
This method allows you to create a custom login form and error page using JSF.
The container handles the actual authentication and protection of the resources based on what you declare in web.xml and sun-web.xml.
This example uses a statically defined user/password, stored in a file, but you can also configure JDBC realm in Glassfish, so that that users can register for access and your program can store the username/passwrod in a database.
I'm new to programming, so none of this may be a good practice, or may not be secure at all.
I really don't know what I'm doing, but I'm learning, and this has been the easiest way that I have found to add authentication to a web app, without having to write the login modules yourself.
Another benefit, and I think this is key ***You don't have to include any extra code in the pages that you want to protect*** The container manages this for you, based on the constraints you declare in web.xml.
So basically you set it up to protect certain folders, then when any user tries to access pages in that folder, they are required to authenticate.
--Kerry

JHeadStart Security problem-error page cannot be found- role based security

JHeadStart Security problem-error page cannot be found- role based security
Good morning! How are you? I would need some help in a jheadstart 10.1.3.2 security case and I was wondering if you could give me a hand to go on. I create the Model project with tables of oe schema. Then in JHeadStart to perform security I follow the following steps: In ViewController/WEB-INF/web.xml – properties I do the following: login configuration: http basic authentication rfc 7617: realm:jazn.com
Security roles : I define two roles: customer and administrator , Security Constraints: web_resources: All_pages, Url Patterns: faces/*. Then in Tools/Embedded OC4J Preferences/Global/Authentication JAZN/Realms/jazn.com/users: I define two users c1, password c1 and a1,password a1, roles/member users/ I attribute the roles to the relevant users c1—customer and a1—administrator. Then in application definition editor on service level I define security/use role based authorization=true , authorization type: JAAS and when access denied go to next group=true. On group level e.g.: ProductInformation: Authorization/Authorized Roles Permissions: administrator.On item level : Orders/Items/OrderTotal/Operations/Update Allowed: #{jhsUserRoles['administrator']},Then I generate the pages (run the jag) . The generation is completed successfully but when I run the View Controller project a “the website declined to show this webpage…(page cannot be found)’ is displayed. What should I do? I would appreciate it if you would help me on this issue! Thank you very much.

Thand you very much for your reply! Unfortunately there is a specific restriction-convention in the project I work in. I am supposed to perform role based security with my own tables and no by the jheadstart’s ones. Could you find out what is my fault with the steps I follow trying to perform the process?
To remind you my steps I paste the following again:
JHeadStart Security problem-error page cannot be found- role based security
Good morning! How are you? I would need some help in a jheadstart 10.1.3.2 security case and I was wondering if you could give me a hand to go on. I create the Model project with tables of oe schema. Then in JHeadStart to perform security I follow the following steps: In ViewController/WEB-INF/web.xml – properties I do the following: login configuration: http basic authentication rfc 7617: realm:jazn.com
Security roles : I define two roles: customer and administrator , Security Constraints: web_resources: All_pages, Url Patterns: faces/*. Then in Tools/Embedded OC4J Preferences/Global/Authentication JAZN/Realms/jazn.com/users: I define two users c1, password c1 and a1,password a1, roles/member users/ I attribute the roles to the relevant users c1—customer and a1—administrator. Then in application definition editor on service level I define security/use role based authorization=true , authorization type: JAAS and when access denied go to next group=true. On group level e.g.: ProductInformation: Authorization/Authorized Roles Permissions: administrator.On item level : Orders/Items/OrderTotal/Operations/Update Allowed: #{jhsUserRoles['administrator']},Then I generate the pages (run the jag) . The generation is completed successfully but when I run the View Controller project a “the website declined to show this webpage…(page cannot be found)’ is displayed. What should I do? I would appreciate it if you would help me on this issue! Thank you very much.

Providing un-secured access to a web report.

Hello Experts,
We have been sending out 'Load Status' emails on a daily basis for various BW loads. Recently we discontinued this process and set up a report based on one of the statistics cube. We got out the link for this web-report to all the users in our daily load status distribution list.
The problem now is that when you click on the link, it pops out a window asking for the log-on information to our production system. But it looks like a few of the users do not have access to the production system and are hence unable to access this web-report.
Is there any way to allow un-secured access to this particular web-report to all users i.e.without a screen asking for log-on information?Is it possible to set up a generic user id for this report that allows all the users to access this report without actually giving them access to our production system?
Thanks
Arvind

Arvind,
What is your BI system version ?
if it is 3.x - then the URL will have a link to your server followed by a Question mark "?" and then some parameters.
The value till the ? mark is the Web service for the same - you can make this Anonymous in SICF but then this would mean that all queries can be accessed through this URL ...
else create an RFC enabled function module based on RRW3_Query_View_data and then use this for your query and expose the same as a web service and make it anonymous ... or have a BSP page to do the same....

Problem Creating VirtualProviders Based on the DTP

Problem Creating VirtualProviders Based on the Data Transfer Process .
(1) I have created an Data Source(extract structure and extractor) on SYS1. Tested the extractor. It returns data as desired.
(2) Then I replicated this Data Source to SYS2.
(3) In SYS1 I created InfoCube(VirtualProvider based on data transfer process for direct access) .
Till this point I have no issues .
(4) But after that I am not able to "Create Data Transfer Process" for this Virtual Infoprovider . When I try to create DTP the DTP type available for selection is "Scheduled" where as per the documentation I need to create DTP of DTP type "DTP for Direct Access".This DTP type I donot see.
Is it a problem with the BW configuration or some user error.Any suggestions which may help would be realy appreciated.
Thanks & Regards,
priyadarshi

Corrected some typo in my earlier update...
Problem Creating VirtualProviders Based on the Data Transfer Process .
(1) I have created an Data Source(extract structure and extractor) on SYS1. Tested the extractor. It returns data as desired.
(2) Then I replicated this Data Source to SYS2.
(3) In SYS2 I created InfoCube(VirtualProvider based on data transfer process for direct access) .
Till this point I have no issues .
(4) But after that I am not able to "Create Data Transfer Process" for this Virtual Infoprovider . When I try to create DTP the DTP type available for selection is "Standard(Scheduled)" where as per the documentation I need to create DTP of DTP type "DTP for Direct Access".This DTP type I donot see.
Is it a problem with the BW configuration or some user error.Any suggestions which may help would be realy appreciated.
Thanks & Regards,
priyadarshi

I need to create ACL to control access to 17 vlans

Hi,
we have created vlans based on departments, each department has its own vlan. as a result we have close to 17 vlans and this is in one site. we have 5 sites where all these vlans exist but with different subnets. my question has two parts:
1> I need ideas on what to block and what to permit? for example block all vlans from accessing all vlans except the server vlan, block all vlans from accessing storage vlan, allow internet traffic. permit the management vlan to access all vlans in one direction.
2>now i have to write access lists for each vlan, is there a way to ease the burden of creating 17*5 ACLs? for example create a generic acl and another one specific, but can I apply two access lists to one vlan at the same time.

Firs of all, 17 vlans is too much.. I don't think ther's real need so such a segregation. Are those all 17 departments should have their traffic separated from each other? Yeah, there's is might be couple departments with some highly secure traffic, but others probably can go in one VLAN. If no, then having 17 vlans with ACL on each, it's gonna be a real pain managing them.. But if it's already done, i may suggest to use some ACLs to protect really valuable resources from those, who shouldn't have access to them. For example you defenitely should have ACL on your server's VLAN and Storage VLAN. You can apply ACLs on this VLANs in outbound direction and be really granular in what you permit there and what is prohibited. Second, you can apply the same for your management VLAN, cause it's the other one with great value. But do you really have to restrict access from department A to department B if they kinda "have no secrets from each other"?. So my point is that your decision should be based on what you're really going to protect but not based on the fact that you're trying separate everything from everything just for fun). Cause again, if you separate everything with highly granular rules (i.e. host 1 from dep A should be allowed to host 1 from dep B but not host 2 from dep B, etc for other departments) this all ruleset will be unmanagable. Things should be kept as simple as possible.

R12: Role based security : Hiding a button in OAF page for roles

Hi All,
We have a requirement where in which, we have to hide a "Create" button in AR customer search form for some roles ... we have implemented UMX - Roles based security in our project and we cant hide it based on user or resp ...
Any ideas ... Is it feasible with this new featue of RBAC?
Thanks and Regards,
Senthil

Hi Ajay,
metalink note 2778881.1 is discussing "Page access tracking report".
but here i want to implement access restrictions to a particular page.
Regards,
Naren.

Form-Based Security

I cannot seem to get container-managed security to work with Java Studio Creator.
I have a standard jsp page as the logon form, submitting to j_security_check. Authentication works correctly, but then, when the protected page is rendered, I keep getting the "Faces Context cannot be found" exception. Is this because I have a non-faces page between two faces pages?
Here are the steps:
1). Access the main page
2). Main faces page gets rendered correctly.
3). Access a link which sends the user to a protected page
4). Logon page gets rendered. (plain JSP or HTML file)
All is well so far
5). User credentials are submitted
6). Authentication works correctly
7). Forward user to the protected faces page
8). "Cannot find Faces Context" exception.
Obviously, I cannot create a "standard" jsp page in Creator, as Creator creates the faces context and the java backend automatically. I had to create the JSP page through a text editor, and save it to the Creator project directory.
The same thing happens if I create a regular HTML file in Creator with the same form submitting to j_security_check.
Anyone run into this? Has anyone gotten container-managed, forms-based security working with Creator?
Thanks.

Ummmm.... okay, I feel really foolish and stupid. I guess I was getting tunnel vision, staring at this project so much.
Sheesh! Thanks for the reply, j.f.brown! Had you not made the reply, who knows how long I would have stared at this problem.
I'm never going to live this down. heh heh.

Creating Historical based Security Access Type

Similar Messages

Maybe you are looking for