Delete Session in Services (Security Optimization Services)

Hi,
I've been trying to delete a session from the SAP Engagement and Services Delivery > Services. Service in question is the Security Optimization Services with the status completed. The session underneath it has the status Session is closed. After selecting the first service and pressing delete  I get the message Session not deleted. If I select the session underneath it the delete button is greyed out.
Is there any way to delete this sessions?
Also while trying to create a new session no new line(session) is created. The service does run and the Security Optimization Services rapport gets created only there is no new line on the session list.
Solution Manager 7.1 sp08
Thank you.
Greetz,
R.

Hello,
Firstly you need to figure out how these services were created in the first place.
To delete sessions you can use the report RDSMOPREDUCEDATA.
Important:
For step 3 in the deletion report select: "ALL SESSION TYPES"
For step 6: make sure that the checkbox is NOT select, so that you can
get an overview of the sessions before the deletion is processed.
Incase the Services were created but the corresponding sessions were not created corectly you would not be able to delete the services. The safest way in this case would be to open an Message with SAP for the cleanup.
If you are an expert in Solution Manager then you can clean up by deleting the entries directly in the tabl DSMOPSERSESSION. However this is NOT an recommended way of doing it.
If the report does not help then open an message with SAP. Safe and Sure way of getting rid of the sessions.
Regards
Amit

Similar Messages

  • Problem when trying to actualize excel spreadsheet - Excel Service - Secure Store Service

    Hello
    I encoutner  a strange problem in SharePoint 2013
    when trying  to actualize Datas into a spreadsheet Excel Web Service <- RMQ:  Both Service & Application are started
    The goal is to connect the Excel  Web  spreadsheet  to a  SSAS Cube.
    I use an account "proxy" SharePoint Secure Store Service because people who
    connect to sharepoint don't have acces to the olap Cube.
    However, when updating data in SharePoint, I encounter the following problem:
    An error has occurred while attempting to access the application ID AccesExcel
    from the Secure Store Service. Failed to update the following connections: XXXXXXX
    Information: For testing the SharePoint access account doesn't  have access to OLAP
    and Excel connection uses SSS account (which of course it access to olap cube free).
    Where do you think  the problem could coming  from ?  
    It seems to me that the SECURE STORE SERVICE service is "unstable".
    Sensitive to the memory RAM of the server ?
    Thank you very much for your help

    We export it from java servlet. But we used ReportExportFormat._MSExcel (which is constant value 2 defined in crystal report SDK) for excel export. As I looked at your code sample in JSP page, I changed the "Excel" value from 2  to 6 which is ReportExportFormat._recordToMSExcel as in the sample code
    We have this code snippet to set the export options.     (No change)
                 ExportOptions exportOptions = new ExportOptions();
                 exportOptions.setExportFormatType(ReportExportFormat.from_int(exportType.getId()));
                 exportOptions.setFormatOptions(formatOptions);
    And now CRExportType enum is defined as below with value changed from 2 to 6 for Excel.
        WORD("Word",1),
        EXCEL("Excel",6),   //_recordToMSExcel; _MSExcel=2 didn't work with error UnsupportedFormatException
        RTF("RTF", 3), //_RTF
        PDF("PDF", 5); //_PDF
    After the change, it did work. So I'm still not clear why _MSExcel didn't work and what's the difference between _MSExcel(2) and _recordToMSExcel (6). But I'm good for now and thanks for your help.

  • Self service security

    Our client has the following setup:
    * ADF application deployed on weblogic server
    * ADF application secured using ADF security with users and roles expected to be present on weblogic server.
    * Users and roles stored on Microsoft Active Directory and connected to weblogic server through security provider configuration
    The client has the following requirement:
    * Extend the ADF app to provide self service and admin screens to the users to be able to do security related operations like change password, reset password etc
    Since all this data is mastered in Microsoft AD, I am wondering how do we go about it. What should I start looking into ?
    Should I be ..
    * looking at weblogic security APIs ?
    * looking at independent java APIs that can talk to Microsoft AD ?
    Before I invest time in any of these, I want to make sure I am heading in the right direction. Could you point me in the right direction please ?
    thanks,
    Jaseer

    Hi,
    Have you already reviewed this document?
    [How To Guide: SOS Self-Services|http://service.sap.com/~form/sapnet?_SHORTKEY=01100035870000707814&_SCENARIO=01100035870000000112&_OBJECT=011000358700003597252006E]
    [SAP Support Portal: SAP Security Optimization Service: www.service.sap.com/sos |www.service.sap.com/sos]
    Best regards,
    Ruediger

  • Oracle Service Bus 11gR1 - missing Web Services Security Configuration?

    I am trying to configure a web service which uses username token policy.
    The below option is missing in Proxy Service --> Security
    Web Services Security Configuration
    Process WS-Security Header     Yes     NoIs there anything that needs to be enabled for the above to show up in Proxy Service-->Security.

    This option was enabled by removing the username token policy from the wsdl file.
    Thanks for looking.

  • Security Optimization - Self Service

    Hi There ,
    I am trying to reproduce a "howto" document regarding SECURITY OPTIMIZATION WITH SOLMAN.
    I was able to run ST14 in the analyzed system and sent it to SolMan. But I do not find the way to find the "Security Optimation - Self/Service" option in SolMan in order to see or load the ST14 results.
    (The version of ST-ICO is 150_700)
    I will appreciate any idea
    FedeX

    Thanks Paul,
    I was trying this part :
    On Solution Manager you can see this data in the Service Session.
    DSWP > Service Plan >Self Delivered Services > System Security Optimization > SDCCN Data
    Then you can view in Session Workbench, create your questionniare, etc.
    But I do not get shown the option "System Security Optimization"
    The option list that I get under Service Plan is
    SAP Delivered Services | Self Delivered Services | Service Channel | Certificates | SDCCN Data | Graphics
    when I select Self Delivered Services  I get like the column of a report with the following colums
    Service  I Status I  Planned on  I Project  I Milestone
    btw I also try SDCCN Data option but there is like a kind of criteria for report there (Selection criteria)
    Some idea how to get the option System Security Optimization displayed ?
    Thanks in advance
    FedeX

  • Security Optimization Self-Service. Checking profiles

    Dear All,
    I am using Security Optimization Self-Service and would like to know if there is a way to implement a "customer specific authorization check" to evaluated if somebody is granted with profiles SAP_NEW or SAP_ALL_DISPLAY.
    I will appreciate ideas and suggestions.
    Regards,
    FedeX.

    No idea, but if there is nothing in the trace or SU53, then typically the check is either performed against a different user (possibly in a different system) or it is dependent on a config setting first, and not authorizations.
    Normally I look around in the menus of the transaction to see whether there is a config option there, failing which use System -> Status -> Navigate and expand the object hierarchy. Keep your eye out for a view.
    Otherwise, take a look in the PBO (Process Before Output) module to see what is setting this in the dynpro.
    A shot in the dark, but might help in the right direction.
    Cheers,
    Julius

  • Web Service Security Question

    I have created a web service in the NetWeaver portal using a Portal Service.  I have marked the service as requiring basic http authentication.  However, when I call the web service from the Enterprise Portal Web Services Checker in NWDS it just let's me supply the params of the web service and no authentication.  Any ideas?
    I also noticed that my web service does not appear under the Web Services Container or Web Services Security section in Visual Administrator.  Anybody have any idea why this is?
    Thanks in advance.
    Curtis

    Hi Curtis,
    My guess is that since you are logged into the Portal while calling this web service, it will use the current session cookie to authenticate automatically. I'm not sure on the second question, tried a restart?
    Regards,
    Raj

  • Errors with SharePoint Security Token Service: "The revocation function was unable to check revocation for the certificate"

    I'm getting these errors in the eventlog and ULS, "An operation failed because the following certificate has validation errors:\n\nSubject Name: CN=SharePoint Security Token Service, OU=SharePoint, O=Microsoft, C=US\nIssuer Name: CN=SharePoint Root
    Authority, OU=SharePoint, O=Microsoft, C=US\nThumbprint: <STS CERTIFICATE THUMBPRINT>\n\nErrors:\n\n RevocationStatusUnknown: The revocation function was unable to check revocation for the certificate."
    The errors point to the SharePoint Security Token Service as the issue ("The revocation function was unable to check revocation for the certificate") reported back by the Topology service.  This is apparent when executing a search, accessing
    the managed metadata service, issuing SPSite commands in Powershell, or anything that needs to run through the "SharePoint Web Services" site.  I've looked at the certificate assigned to that site and everything appears to be in order. 
    It would seem to me to be either an incorrect endpoint configuration (internally cached perhaps?) or related to security access for the configuration database (in order to validate the certificate root).
    What I’ve tried so far:
    I’ve been all over the certificate settings, both in the server store, and within SharePoint Token Service config.  Both appear to be configured correctly such that the root CAs can be validated.
    Re-entered the passwords for the application pool domain accounts to eliminate these as a potential cause.  I’ve also verified the service accounts reporting the error, do have access to the configuration database.
    Re-provisioned the STS service to see if that might clear out any cached issues and validated everything else according to this
    MS Tech note.
    So far nothing has worked.  Is there anything else I could be looking at that I've missed? (Full eventlog detail below)
    Log Name:      Application
    Source:        Microsoft-SharePoint Products-SharePoint Foundation
    Date:          2/20/2015 11:19:41 AM
    Event ID:      8311
    Task Category: Topology
    Level:         Error
    Keywords:      
    User:          <SP SERVICE ACCOUNT>
    Computer:      <SHAREPOINTSERVER>
    Description:
    An operation failed because the following certificate has validation errors:\n\nSubject Name: CN=SharePoint Security Token Service, OU=SharePoint, O=Microsoft, C=US\nIssuer Name: CN=SharePoint Root Authority, OU=SharePoint, O=Microsoft, C=US\nThumbprint: <STS
    CERT THUMBPRINT>\n\nErrors:\n\n RevocationStatusUnknown: The revocation function was unable to check revocation for the certificate.
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Microsoft-SharePoint Products-SharePoint Foundation" Guid="{6FB7E0CD-52E7-47DD-997A-241563931FC2}" />
        <EventID>8311</EventID>
        <Version>14</Version>
        <Level>2</Level>
        <Task>13</Task>
        <Opcode>0</Opcode>
        <Keywords>0x4000000000000000</Keywords>
        <TimeCreated SystemTime="2015-02-20T17:19:41.213852500Z" />
        <EventRecordID>1611121</EventRecordID>
        <Correlation />
        <Execution ProcessID="10212" ThreadID="10328" />
        <Channel>Application</Channel>
        <Computer><SHAREPOINTSERVER></Computer>
        <Security UserID="<SP SERVICE ACCOUNT>" />
      </System>
      <EventData>
        <Data Name="string0">CN=SharePoint Security Token Service, OU=SharePoint, O=Microsoft, C=US</Data>
        <Data Name="string1">CN=SharePoint Root Authority, OU=SharePoint, O=Microsoft, C=US</Data>
        <Data Name="string2"><STS CERT THUMBPRINT></Data>
        <Data Name="string3">RevocationStatusUnknown: The revocation function was unable to check revocation for the certificate.
    </Data>
      </EventData>
    </Event>

    Hi Darren,
    This problem seems to occur when an administrator deletes the local trust relationship of the farm from the Security section of the Central Administration website
    In order to resolve this problem, the local trust relationship has to be created. This can be done by running the following PowerShell commands
    $rootCert = (Get-SPCertificateAuthority).RootCertificate
    New-SPTrustedRootAuthority -Name "localNew" -Certificate $rootCert
    After running the above commands, perform an IISReset on all servers in the farm.
    More information:
    http://support.microsoft.com/kb/2545744
    Best Regards,
    Wendy
    Forum Support
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
    [email protected]
    Wendy Li
    TechNet Community Support

  • Secure Store Service Application takes a lot of time and does not create the database

    Hi everybody,
    I was trying to configure sharepoint performance point and I was following the instruction. After I created the performance point services application I tried to creat the secure store service application. When I do this, the progress window stays open forever
    even after 2 hours. If I close the window, I will see that the secure store service and proxy app is created and the application pool also is created in IIS but the database is not and the application service is stopped. even when I want to delete it, it's
    the same story and the progress window stays until I close it manually. Nothing has been logged in the event viewer because it doesn't throw any exceptions.
    I don't think that I have permission issues on the database server side because I have created the performance point service app and the database is there. I have used the same credentials to crete the secure store.
    I have restarted the secure store service and IIS for many times and even the server itself.
    I'm wondering if anybody has had this issue because I couldn't find anything on the web.
    Thanks,
    Edwin 

    Alex, please ignore my previous answer. I found more information in the ULS. At the time that I started creating the service application by power shell these things are logged and they are repeated several times:
       it starts with:
    11/13/2013 15:19:55.52 PowerShell.exe (0x1698)                
    0x170C
    Secure Store Service          
    Secure Store                  
    esj6 High    
    Creating Secure Store Service Application 'Secure Store Service Application'.
    c402af0c-5ff6-4995-83b8-3f95210a8b3d
    11/13/2013 15:19:55.54 PowerShell.exe (0x1698)                
    0x170C
    Secure Store Service          
    Secure Store                  
    esj9 Medium  
    Creating "database object" 'SP_SecureStore' for application. At this time database is not created.
    c402af0c-5ff6-4995-83b8-3f95210a8b3d
    11/13/2013 15:19:55.54 PowerShell.exe (0x1698)                
    0x170C
    Secure Store Service          
    Secure Store                  
    esk0 Medium  
    Saving "database object" 'SP_SecureStore' in the config db.
    c402af0c-5ff6-4995-83b8-3f95210a8b3d
    11/13/2013 15:19:55.83 w3wp.exe (0x0944)                      
    0x0DB4
    Secure Store Service          
    Secure Store                  
    d4gx Verbose
    BackgroundTasks instance accesed.
    11/13/2013 15:19:55.83 SPUCWorkerProcessProxy.exe (0x13A0)    
    0x02B0
    Secure Store Service          
    Secure Store                  
    d4gx Verbose
    BackgroundTasks instance accesed.
    11/13/2013 15:19:55.83 PowerShell.exe (0x1698)                
    0x1740
    Secure Store Service          
    Secure Store                  
    f7wk Verbose
    StartTracker called for secure store ''
    11/13/2013 15:19:55.83 PowerShell.exe (0x1698)                
    0x1740
    Secure Store Service          
    Secure Store                  
    f7wl Verbose
    Tracker not started because call not made from Service Host.
    11/13/2013 15:19:55.83 WebAnalyticsService.exe (0x0A6C)        
    0x1B88 Secure Store Service          
    Secure Store                  
    f7wk Verbose
    StartTracker called for secure store ''
    Finally it says:
    11/13/2013 15:19:55.90 PowerShell.exe (0x1698)                
    0x170C
    Secure Store Service          
    Secure Store                  
    esk9 High    
    Secure Store Service Application 'Secure Store Service Application' created.
    c402af0c-5ff6-4995-83b8-3f95210a8b3d

  • Error trying to secure Web Service through OWSM and OAM

    Hi all.
    We are trying to secure a web service using Oracle Web Service Manager and Oracle Access Manager. We have deployed it into two HTTP Servers. The intended business flow should be:
    1. The WSC make a SOAP request signed with a X.509 v1 client certificate.
    2. The OWSM Gateway intercepts this request and apply the defined policy:
    a. Verify Signature.
    b. Extract of credentials
    c. OAM Authenticate Authorize.
    3. Then OAM apply the defined rule:
    a. Credential validation and extraction of security tokens
    b. Authentication against OID security attributes
    We have protected with OAM the end-point web service URL for authentication and authorization. But we are getting an error when we invoke this web service:
    /The Web Service call failed. The service returned a SOAP fault with the
    message: Authentication Fault: Invalid User Session Token/
    It seems that OWSM Gateway are processing policies defined well, but th error became accesing to OAM authentication and authorize. We have tried to enable OAM debug system, but if we configure it, OAM are unable to start. So we are not able to obtain a more detailed error.
    T.I.A.

    Try re-configuring the AccessServerSDK AccessGate using the configureAccessGate command in the tools directory. It may be possible that the key pairing is corrupted.

  • Self Service Security Tool

    Hello All,
    Can anybody let me know the step by step procedure on how to use the self service security checks tool used in solution manager for Audits..

    Hi,
    Apart from the note, have you checked that the user starting the ST14 data collection has
    all the authorizations acocording the note above?
    Are you able to display the information collected in transaction ST14
    under the Utilities ->Analysis browser menu option?
    Please check also the following note that can be helpful:
    967938 - Security Optimization Self-Service: SDCC download
    Please also review and follow the steps described in the documentation
    "HOWTO: Using the Security Optimization Self Service" ?
    The documentation as well as SAP Tutor file are available in the
    path below in service marketplace.
    http://service.sap.com/sos
    -> Media Library
    Please firstly review the documentation and ensure that the steps
    are followed correctly.
    Hope this helps.
    Cheers
    SH

  • Error while invoking a WS-Security secured web service from Oracle BPEL..

    Hi ,
    We are facing some error while invoking a WS-Security secured web service from our BPEL Process on the windows platform(SOA 10.1.3.3.0).
    For the BPEL process we are following the same steps as given in an AMIS blog : - [http://technology.amis.nl/blog/1607/how-to-call-a-ws-security-secured-web-service-from-oracle-bpel]
    but sttill,after deploying it and passing values in it,we are getting the following error on the console :-
    &ldquo;Header [http://schemas.xmlsoap.org/ws/2004/08/addressing:Action] for ultimate recipient is required but not present in the message&rdquo;
    Any pointers in this regard will be highly appreciated.
    Thanks,
    Saurabh

    Hi James,
    Thanks for the quick reply.
    We've tried to call that web service from an HTML designed in Visual Studios with the same username and password and its working fine.
    But on the BPEL console, we are getting the error as mentioned.
    Also if you can tell me how to set the user name and password in the header of the parter link.I could not find how to do it.
    Thanks,
    Saurabh

  • Calling secured web service from Pl SQL

    Hi
    I am trying to call a secured web service from pl/sql using utl_http.
    Is there a sample pl/sql program that i can refer to call a secured web service.
    sample soap header that am trying to acheive.
    <soap:Header>
    <wsa:Action>http://myactaction</wsa:Action>
    <wsa:MessageID>uuid:asdfadrewrwqr</wsa:MessageID>
    <wsa:ReplyTo>
    <wsa:Address>http://schemas.xmlsoap.org/ws/2004/03/addressing/role/anonymous</wsa:Address>
    </wsa:ReplyTo>
    <wsa:To>http://myact</wsa:To>
    <wsse:Security soap:mustUnderstand="1">
    <wsse:UsernameToken wsu:Id="SecurityToken-321321">
    <wsse:Username>mordfsafsdae</wsse:Username>
    <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">werwqrewrwe</wsse:Password>
    </wsse:UsernameToken>
    </wsse:Security>
    </soap:Header>
    Thanks a ton in advance

    Hi,
    On way we can call a web service is to pass the Web Service URL to UTL_HTTP package:
    Sample Web Service URL
    ===================
    lv_url :=
    'http://67.97.189.151:8888/plsqlsample/dbfunc?invoke=placeOrder'
    || '&'
    || 'param0=1'
    || '&'
    || 'param1=1'
    || '&'
    || 'param2=1';
    Sample Call using UTL_HTTP
    =====================
    SELECT UTL_HTTP.request (lv_url)
    INTO lv_result
    FROM DUAL;
    Thank you.
    Regards,
    Balu

  • Error when trying to access a secured web service from Forms 10g 10.1.2.3

    Hello,
    I'm trying to access a secured web service from Forms10g 10.1.2.3 but i'm getting the next error when pressing the button the first time:
    java.rmi.RemoteException: ; nested exception is: HTTP transport error: javax.xml.soap.SOAPException:
    java.security.PrivilegedActionException: javax.xml.soap.SOAPException: Bad response: 401 UnauthorizeWhen i press the button a second time i got this error:
    javax.xml.rpc.soap.SOAPFaultException: The SOAP request is invalid. The required node 'Envelope' is missingThis is the code i have in my button:
    DECLARE
    jo ora_java.jobject;
    pdfObject ora_java.jobject;
    pdf     varchar2(900);
    rv varchar2(100);
    ex ora_java.jobject;
    BEGIN
    JO := SEARCHSOAPCLIENT.new;
    SEARCHSOAPCLIENT.setUsername(JO,'weblogic');
    SEARCHSOAPCLIENT.setPassword(JO,'welcome1');
    pdfObject := SEARCHSOAPCLIENT.quicksearch(JO,'1234',NULL);
    pdf := SEARCHSOAPCLIENT.tostring(pdfObject);
    message(pdf);
    message(' ');
    EXCEPTION
    WHEN ORA_JAVA.JAVA_ERROR then
    message('Unable to call out to Java, ' ||ORA_JAVA.LAST_ERROR);
    WHEN ORA_JAVA.EXCEPTION_THROWN then
    ex := ORA_JAVA.LAST_EXCEPTION;
    :error := Exception_.toString(ex);
    END;When i run it from JDeveloper it works, this is a portion of java code the proxy web service has:
    import oracle.webservices.transport.ClientTransport;
    import oracle.webservices.OracleStub;
    import javax.xml.rpc.ServiceFactory;
    import javax.xml.rpc.Stub;
    public class SearchSoapClient {
        private webservicesproxywebcontent.proxy.SearchSoap _port;
        public SearchSoapClient() throws Exception {
            ServiceFactory factory = ServiceFactory.newInstance();
            _port = ((webservicesproxywebcontent.proxy.Search)factory.loadService(webservicesproxywebcontent.proxy.Search.class)).getSearchSoap();
            this.setUsername("weblogic");
            this.setPassword("welcome1");
            System.out.println("callling from _port "+ _port.quickSearch("1234234", null));
         * @param args
        public static void main(String[] args) {
            try {
                webservicesproxywebcontent.proxy.SearchSoapClient myPort = new webservicesproxywebcontent.proxy.SearchSoapClient();
                System.out.println("calling " + myPort.getEndpoint());
            } catch (Exception ex) {
                ex.printStackTrace();
         * delegate all operations to the underlying implementation class.
        public QuickSearchResult quickSearch(String queryText, IdcPropertyList extraProps) throws java.rmi.RemoteException {
            return _port.quickSearch(queryText, extraProps);
        }Also the secured web service was generated from Webcenter Content 11.1.1.6 that is why it's a secured web service.
    Kind Regards
    Carlos

    Without going into any technical discussion about the code, my first question is what JDK version was used to create this which was imported into the form? Understand that Forms 10 runs on JDK 1.4.2, so if you used any newer JDK version, likely there will be problems.

  • Best Practice for Securing Web Services in the BPEL Workflow

    What is the best practice for securing web services which are part of a larger service (a business process) and are defined through BPEL?
    They are all deployed on the same oracle application server.
    Defining agent for each?
    Gateway for all?
    BPEL security extension?
    The top level service that is defined as business process is secure itself through OWSM and username and passwords, but what is the best practice for security establishment for each low level services?
    Regards
    Farbod

    It doesnt matter whether the service is invoked as part of your larger process or not, if it is performing any business critical operation then it should be secured.
    The idea of SOA / designing services is to have the services available so that it can be orchestrated as part of any other business process.
    Today you may have secured your parent services and tomorrow you could come up with a new service which may use one of the existing lower level services.
    If all the services are in one Application server you can make the configuration/development environment lot easier by securing them using the Gateway.
    Typical probelm with any gateway architecture is that the service is available without any security enforcement when accessed directly.
    You can enforce rules at your network layer to allow access to the App server only from Gateway.
    When you have the liberty to use OWSM or any other WS-Security products, i would stay away from any extensions. Two things to consider
    The next BPEL developer in your project may not be aware of Security extensions
    Centralizing Security enforcement will make your development and security operations as loosely coupled and addresses scalability.
    Thanks
    Ram

Maybe you are looking for