Dynamic Security username () problems

Similar Messages

• Problem Dynamic Security : No filter applied without Refresh

  Hi,  I am surprise because when I open my PowerPivot report on my Bi portal on Sharepoint 2013, no filter are applied, Dynamic Security not work, unless I do a refresh of my report. When I refresh my report, with an other windows account, all
  the filter determined in the tabular data model, at the level of Role.
  I use the User Authentification option at the level of my report PowerPivot.
  Can you help to understand this bug and help me to resolve it.
  Thanks for advance.

  Hi,
  I am not quite sure about your scenario. Are you using Power Pivot or SSAS Tabular?
  Power Pivot itself does not have any security features so I guess you are talking about SSAS Tabular right?
  Or are you moving data from SSAS Tabular into Power Pivot?
  In this case if you you refresh the workbook a Service Account will be used and of course the securtiy settings will be derived from the credentials of this service which may be allowed to see all data
  hth,
  gerhard
  Gerhard Brueckl
  blogging @ http://blog.gbrueckl.at
  working @ http://www.pmOne.com

• Dynamic security using Security table in SSAS Tabular model

  Hi, 
  Platform : SSAS Tabular model (VS 2010)
  I need to apply Dynamic security using Security table(manually created) in Tabular model, Need to apply filter for 2 tables. I am able to
  create roles in Tabular model using USERNAME() and LOOKUP() function it worked fine. But the problem is when i am trying to give full access for a particular column and limit the access in other column, it is not working properly.
  Please find below table and guide me where i am falling short. In the Security table wherever you find ALL it means full access.
  Security table
  Login Name
  Dim_Country
  Dim_Customer
  DOMAIN\User1
  ALL
  2
  User1 should see all countries but Only 2,4 Customers
  DOMAIN\User1
  ALL
  4
  DOMAIN\User2
  2
  ALL
  User2 should see all customers but Only 2,3 countries
  DOMAIN\User2
  3
  ALL
  DOMAIN\User3
  ALL
  ALL
  User3 should see all Customers and Countries
  DOMAIN\User4
  1
  3
  User4 should see 1 Country and 3 Customer
  ALL - means NO restriction
  Numeric values indicate the Dimension IDs
  Do let me know if further explanations required.
  Thanks,
  Sundar

  Hi Sundar,
  According to your description, you want to implement dynamic security using Security table in SQL Server Analysis Services Tabular model, right?
  It is very common to have data security implementation in BI projects either at databases or Cubes and sometimes this security implementation and maintenance goes out of control due to the dynamic flow of business information. Here are some links which describe
  dynamic security implementation at SSAS tabular model using an external security table, please see:
  http://bipassion.wordpress.com/2012/10/01/ssas-tabular-dynamic-security/
  http://www.bidn.com/blogs/ChrisSchmidt/ssas/4332/dynamic-security-in-tabular
  Regards,
  Charlie Liao
  TechNet Community Support

• Web Center app with ADF Security - login problem

  I have a custome Oracle Web Center app.
  I have a page.html with an embedded login form posting to j_security_check. I've configured the ADF security policies to redirect to a JSPX on successful login.
  When I try the correct username/password, I get redirected not to the page I defined in ADF, but to the root page http://127.0.0.1:7101/MyApp-ViewController-context-root/
  and i get
  Error 403--Forbidden
  I've checked the weblogic.xml as per http://andrejusb.blogspot.com/2009/12/solving-error-403-forbidden-in-adf.html, all the required entries are there.
  This works fine if i use a Login link with
  destination="#{'/adfAuthentication?login=true&end_url=/faces/postLogin.jspx'} "
  which redirects to the default login.html and then to the right page. I've copied the form from the default login.html into my master HTML page.
  Hope my question is clear. Any suggestions why it is going to the wrong URL after login.
  Is there anything specific I should see in the jazn-data.xml or web.xml regarding the post-login URL since i cant see that in either.
  P.S. Have been advised to try here when I originally asked this in the WebCenter forum. Web Center app ADF Security - login problem
  Edited by: new_to_webcenter on 18-Jan-2011 05:25

  Thanks for your response Frank.
  The web.xml has
  <security-constraint>
  <web-resource-collection>
  <web-resource-name>adfAuthentication</web-resource-name>
  <url-pattern>/adfAuthentication</url-pattern>
  </web-resource-collection>
  <auth-constraint>
  <role-name>valid-users</role-name>
  </auth-constraint>
  </security-constraint>
  <login-config>
  <auth-method>FORM</auth-method>
  <form-login-config>
  <form-login-page>/login.html</form-login-page>
  <form-error-page>/error.html</form-error-page>
  </form-login-config>
  </login-config>
  When configuring ADF Security via JDev , I chose "Redirect upon successful authentication" to the Welcome Page
  "/faces/postLogin.jspx"
  this then adds into web.xml
  <servlet>
  <servlet-name>adfAuthentication</servlet-name>
  <servlet-class>oracle.adf.share.security.authentication.AuthenticationServlet</servlet-class>
  <init-param>
  <param-name>success_url</param-name>
  <param-value>/faces/postLogin.jspx</param-value>
  </init-param>
  <load-on-startup>1</load-on-startup>
  </servlet>
  So the sequence which works is:
  Login via the '/adfAuthentication?login=true&end_url=/faces/postLogin.jspx' and this redirects to login.html (OOTB form which posts to j_security_check) and then to the postLogin.jspx
  I'm trying to do away with a Login link, and trying the simple login form embedded in my page alongwith other content.
  So should the form be posting to j_security_check directly or to the adfAuthentication ?

• Dynamic security in Cube having many to many relationship

  I have multiple dimensions (around 20) and 4 fact tables in my cube.  I am implementing dynamic security in my cube, so only logged in user will see his information.
   I have a person dimension, which stores user information.
  I have a shipper dimension , which stores shipper information.
  Person dimension is connected to Fact table  A and Shipper is also connected to Fact table A.
  Shipper Dimension is also connected to Fact Table B.
  Now in dimension usage tab i connected Person dimension to FACT table B measure group using many to many relation via Fact Table A measure group.
  I wrote below code block in Shipper dimension to implement security , under Dimension data tab -
  exists ({[Shipper].[SHR Number].members},  strtoset("[Person].[Person number].[" + username() +"]"), "Fact Table A")
  Its is working fine when  run it as mdx query, using select command. I can see all measures (both from fact A and fact B) based on my ID permisisons.
  But the issue is when I browse cube, I can see only Fact Table A measures and NOT FACT B measure.
  FACT B measures comes as NULL.
  I referred below link -
  http://bifuture.blogspot.com.au/2011/09/ssas-setup-dynamic-security-in-analysis.html
  PLEASE HELP

  I got the issue, it is related to dimension security. Its working fine

• SSAS Dynamic security not working after upgrade

  Hi,
  I am able to apply the dynamic security on a 2008 R2 instance of SSAS, using the Users Dimension and a bridge table, and specifying the EXISTS(...) MDX expression in the Dimension data on the Role.  
  But when I copy the cube solution to a 2014 SSAS instance, the cube report ignores the security, and brings back all the data.  I also tried clearing the cache, but that didn't change anything.
  As far as I can tell, there are no differences in the data, and I did not change anything in the working cube solution either.  
  I'm out of ideas, and I have not found any clues on the internet yet.
  Any help would be appreciated.
  Edit: I forgot to clarify that I am using CustomData() and not Username().

  I think this setting can be used in conjunction with  Charlie
  Liao's suggestion. Thanks!

• Dynamic Security in a denormalized Parent-Child dimension Table

  Hi guys, I need your priceless help again:
  I have a parent child relationship in a table with a fixed depth, let´s say Region-->Area-->Country
  I denormalized the table to have something like this
  Then, to implement dynamic security, I think in a bridge table with the userId
  and the CountryId, then with a measure group and a measure which count the combination of user/country I can proof the security using the non empty function.
  My question is how can I also set security for the levels above the leaf members, let´s say, I want to assign an user to the Area level or Region Level. I don't know exactly which key could I include in the bridge table.
  I may want to keep the id´s of the original table in the different levels.
  Any comment will be appreciated.
  Kind Regards,

  Hi Paul,
  According to your description, you want to apply dynamic security on parent-child hierarchy. Right?
  In Analysis Services, when a dimension contains a parent-child hierarchy, we can't set up security directly on the key attribute. Because it will not appear on the dropdown list of Dimension Data Security in Role editor.
  In this scenario, we need to filter on key attribute and not the parent-child hierarchy. Then use Linkmember() to find the equivalent members on the parent-child hierarchy. Please refer to the expression below based on a employee dimension with parent-child
  hierarchy.
  Generate(
   NonEmpty(
    [Employee].[Employee].[Employee].Members,
     [Measures].[Employee Count],
     StrToMember('[User].[User].[' + UserName() + ']')
               LinkMember(
                   [Employee].[Employee].CurrentMember,
                   [Employee].[Employees]
  Also I suggest an excellent book:
  Expert Cube Development with Microsoft SQL Server 2008 Analysis Services. It talks about this scenario in chap 9.
  Reference:
  SSAS
  Dynamic security - Bridge table (factless) between User dimension and Parent-Child (PC) dimension
  If you have any question, please feel free to ask.
  Best Regards,
  Simon Hou
  TechNet Community Support

• Web Service Security Username Token Issue

  Hi,
  I am trying to implement WS-Security (Username Token) on web services deployed on Weblogic Server 8.1 (sp4). The deployment works fine but whenever I try to invoke the service using auto generated client stub (created using clientgen) or weblogic server console (service test page) , I get the following error:
  <Nov 8, 2006 12:01:46 PM GMT+05:30> <Info> <WebService> <BEA-220024> <Handler weblogic.webservice.core.handler.WSSEClientHandler threw an exception from its handleRequest method. The exception was:
  java.lang.AssertionError: Bad password type: wsse:PasswordText.>
  Failed to create web service client:java.rmi.RemoteException: SOAP Fault:javax.xml.rpc.soap.SOAPFaultException: Exception during processing: java.lang.AssertionError: Bad password type: wsse:PasswordText (see Fault Detail for stacktrace)
  Detail:
  <detail>
  <bea_fault:stacktrace xmlns:bea_fault="http://www.bea.com/servers/wls70/webservice/fault/1.0.0">java.lang.AssertionError: Bad password type: wsse:PasswordText
  at weblogic.xml.security.wsse.v200207.UsernameTokenImpl.<init>(UsernameTokenImpl.java:64)
  at weblogic.xml.security.wsse.v200207.SecurityElementFactoryImpl.createToken(SecurityElementFactoryImpl.java:59)
  at weblogic.webservice.core.handler.WSSEClientHandler.processSpecs(WSSEClientHandler.java:300)
  at weblogic.webservice.core.handler.WSSEClientHandler.handleRequest(WSSEClientHandler.java:100)
  at weblogic.webservice.core.HandlerChainImpl.handleRequest(HandlerChainImpl.java:143)
  at weblogic.webservice.core.ClientDispatcher.send(ClientDispatcher.java:231)
  at weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:143)
  at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:457)
  at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:443)
  at weblogic.webservice.core.rpc.StubImpl._invoke(StubImpl.java:303)
  at com.cts.sipservices.implementation.client.MrmPartyServiceImplementationPort_Stub.getParty(MrmPartyServiceImplementationPort_Stub.java:46)
  at com.cts.sipservicesclient.client.SecureClient.<init>(SecureClient.java:76)
  at com.cts.sipservicesclient.client.SecureClient.main(SecureClient.java:38)
  </bea_fault:stacktrace>
  </detail>; nested exception is:
  javax.xml.rpc.soap.SOAPFaultException: Exception during processing: java.lang.AssertionError: Bad password type: wsse:PasswordText (see Fault Detail for stacktrace)
  This is the ‘security’ tag of my ‘web-services.xml’:
  <security>
  <spec:SecuritySpec xmlns:spec="http://www.openuri.org/2002/11/wsse/spec"
  Namespace="http://schemas.xmlsoap.org/ws/2002/07/secext"
  Id="default-spec">
  <spec:UsernameTokenSpec xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/07/secext"
  PasswordType="wsse:PasswordText">
  </spec:UsernameTokenSpec>
  </spec:SecuritySpec>
  </security>
  Thanks

  Apply these debug flags, to get some more debug information from WSSE server side processing following debug flags are helpful:
  -Dweblogic.webservice.security.debug=true
  -Dweblogic.webservice.security.verbose=true

• Dynamic Security

  How to add dynamic security in ADF 11g.
  User names will come from database table not from jazn-data.xml.
  Or,
  How can i create UI based on ADF security policy?
  Can anyone help me?

  Security is more general mater than an ADF application.
  Its a mater of Fusion midleware since the same users may have roles to use many applications deployed in the same weblogic server (or even in diferent servers).
  Its Usualy the responsibility of administrators to manage users and roles and weblogic or any LDAP security provider has UI to support that.
  [http://download.oracle.com/docs/cd/E12839_01/security.htm]
  You can also configure a weblogic domain to use RDBMS provider
  [http://download.oracle.com/docs/cd/E12839_01/web.1111/e13707/rdbms.htm]
  and there are java api's for programing security
  [http://download.oracle.com/docs/cd/E12839_01/web.1111/e13711/toc.htm]
  But i also miss an example (or How to) of how to register and edit users with specific roles from inside a custom made ADF application
  Edited by: mkonio on Aug 2, 2009 2:05 PM

• There is a problem with this connection's security certificate The remote computer cannot be authenticated due to problems with its security certificate. Security certificate problems might indicate an attempt to fool you or intercept any data you send

  Hi,
  I have this Windows 2008 R2 on which I installed remoteapp some years ago.
  Now the certificate expired and I get the message
  "There is a problem with this connection's security certificate
  The remote computer cannot be authenticated due to problems with its security certificate.
  Security certificate problems might indicate an attempt to fool you or intercept any data you send to the remote computer."
  How should I renew the certificate? I already went to certification store and tried to renew certificate with same key but then it says "the request contains nor certificate template information".
  Please advise.
  J.
  J.
  Jan Hoedt

  Does the computer account have Enroll permission to the certificate template?
  From the Server running your CA, run mmc, click File then Add/Remove Snap-in...
  Add Certificate Templates and click OK.
  Find the certificate template, then right click and select properties.  On my CA its call ed RemoteDesktopComputers but might be called something different depending on what what template your certificate is based on.
  On the security tab, click Oblect types, check Computers then OK. Enter the Computername and click OK.  Then give your computer account Enroll permisssion.
  HTH,
  JB

• Dynamic Security Tabular Model : No filters are applied

  Hi,  I am surprise because when I open my PowerPivot report on my Bi portal on Sharepoint 2013, no filter are applied, Dynamic Security not work,
  unless I do a refresh of my report. When I refresh my report, with an other windows account, all the filter determined in the tabular data model, at the level of Role.
  I use the User Authentification option at the level of my report PowerPivot.
  Can you help to understand this bug and help me to resolve it.
  Thanks for advance.

  Hi,
  I am not quite sure about your scenario. Are you using Power Pivot or SSAS Tabular?
  Power Pivot itself does not have any security features so I guess you are talking about SSAS Tabular right?
  Or are you moving data from SSAS Tabular into Power Pivot?
  In this case if you you refresh the workbook a Service Account will be used and of course the securtiy settings will be derived from the credentials of this service which may be allowed to see all data
  hth,
  gerhard
  Gerhard Brueckl
  blogging @ http://blog.gbrueckl.at
  working @ http://www.pmOne.com

• Dynamic Security - Power View Cabable of ?

  Hi there,
  i am currently trying to create some Dashboard Reports using Power View for all Employees.
  But i can't allow for any Users being able to see the Data of the other.
  Is Power View capable of Determining which user is logged on and give that to my Tabular Project, so it can filter the data through the Dynamic Security implemented in the Tabular Model?

  Yes, Power View will work with the tabular model dynamic security.  Power View does not do anything special, security is applied by the model.
  http://msdn.microsoft.com/en-us/library/jj127437.aspx
  Brad Syputa, Microsoft Reporting Services This posting is provided "AS IS" with no warranties.

• On Vista Firefox 6 incorrectly deals with security certificate problems

  After I installed Firefox 6, I tried to go to one of my web sites. I know that there is an https security certificate problem with this site when I go to https://staging.photoquestadventures.com rather than https://www.photoquestadventures.com. On XP, FF6 opens the site. on Win7, FF6 warns about a security certificate problem then allows me to create an exception and open the site. On Vista, it says that it can't find the server at www.staging.photoquestadventures.com and I cannot get past this point - only on VISTA!

  I downgraded to Firefox V4 (I didn't have a copy of V5 stored and couldn't find it on the net) and it asked the correct question: to allow connection even though there was a security certificate problem. Then I upgraded to V6, and it continued to connect just fine. So something in the V5 to V6 upgrade created the problem for me.
  I wonder if there is insufficient testing of Firefox on Vista, as I have had several problems with new versions while I have not had the problems on XP or Win7.

• Consuming Web Service using WS-Security: USERNAME Token

  Hi ABAP Experts,
  we like to consume a self defined web service between to SAP systems (ECC6 701/006). Without any security settings the connection is successfully.  But we like to setup a message security like USERNAME Token.
  The wss profiles are already created by using TX: WSSPROFILE. Therefore we used the templates "SET_USERNAME" and "CHECK_USERNAME". The service user "DELAY_L<sid>" has been generated as well. The problem is in SOAMANAGER we can't find the related configuration (For Provider and Consumer) to set the parameters "PROFILE In" and "Profile Out" like it was in the obsolete TX "LPCONFIG".
  Can anybody help me to find out how to configure USERNAME Token using SOAMANAGER.
  Thank you very much in advance.
  Kind regards
  Axel

  Hi,
  The following articles would be helpful:
  .net call WS-Security enabled web service (created in java)
  http://stackoverflow.com/questions/2138129/net-call-ws-security-enabled-web-service-created-in-java
  WS-Security Protocol with .NET – A Overview
  http://www.c-sharpcorner.com/UploadFile/mahesha/WSSecurityProtocol11232005052243AM/WSSecurityProtocol.aspx
  An introduction to Web Service Security using WSE - Part I
  http://www.codeproject.com/Articles/7062/An-introduction-to-Web-Service-Security-using-WSE
  As this question is not relate to SharePoint, I suggest you post it to a suitable Forum, you will get more help and confirmed answers from there.
  Best Regards
  Dennis Guo
  TechNet Community Support

• SendAndLoad fails in mac .app version - possible security setting problem?

  Hi all,
  I'm having trouble with sendAndLoad working on the .app version of a flash application I made. So far it's only happening on one computer, so it appears to be some sort of security setting.  Here's what's going on:
  I've built a flash application (Flash 9, AS2) that has three versions: an online version, a standalone  .exe version for PC, and a standalone .app version for mac. The user must log in to use the application. Online, this is handled by the portal hosting the flash. In the standalone versions, the user must login through the flash application. Through sendAndLoad, it accesses the same database of user info as the online version. The user just enters username/password, clicks "Submit," and if it finds the combination in the database, it lets the user in. If not, it gives them a message saying they entered the wrong username/password.
  This has tested fine across macs and pcs, but sadly one macbook can't use the .app version. It launches, they put in valid username/password, hit submit and it freezes. All I can tell is that it gets the httpStatus number 0. As you can see below, I've got it set up to spit out an error message if it fails to load (login_lv.onLoad = function(success)), but it doesn't even do that.
  I've put a crossdomain.xml file at the root level of the domain that's set to allow access from any domain.
  This computer can log in successfully to the online version of the course, but the .app version seems to be hampered by some sort of security setting. The problem computer's settings match the settings of a mac I've tested successfully. It has up-to-date Flash 10 and is running Leopard. Here are security settings:
  System Preferences>Security
       General
            Everything is unchecked
       FileVault
            Turned off
       Firewall
            "Allow all incoming connections" is selected
  I'd appreciate any ideas anyone has. I'm far from wise about the ins-and-outs of mac security, so I may be missing something. I'm happy to clarify anything.
  Code is below. It loads login_lv first, then bookmark_lv. It never gets far enough to load bookmark_lv. The severAppUrl is set to a placeholder for confidentiality's sake. The path is defintely right. It works on other computers.
  Thanks!
  Mike
  // create a LoadVars instance
  var login_lv:LoadVars = new LoadVars();
  // add the login variables to pass to the server
  login_lv.userid = "";
  login_lv.pwd = "";
  login_lv.modname = "a";
  // setup login urls
  var serverAppUrl = "http://myurlhere"; //this is just a placeholder. good ol' confidentiality agreements...
  var loginUrl = serverAppUrl+"login.asp";
  // setup bookmark urls
  var bookmarkUrl = serverAppUrl+"menu.asp";
  var bookmark_lv:LoadVars = new LoadVars();
  // add the bookmark variables to pass to the server
  bookmark_lv.studentid = "";
  bookmark_lv.isAdmin = "";
  bookmark_lv.modname = "A";
  _global.modnameTemp = bookmark_lv.modname;
  // setup login function
  function doLogin() {
  login_lv.userid = login_mc.user_txt.value;
  login_lv.pwd = login_mc.pwd_txt.value;
  login_lv.sendAndLoad(loginUrl,login_lv,"GET");
  // send the login info
  login_mc.continueBtn_mc.onRelease = function() {
  this.enabled = false;
  doLogin();
  // variables will appear in the login_lv object
  login_lv.onLoad = function(success) {
  if (success) {
  if (this.studentid == undefined) {
  login_mc._x = 0;
  trace("not logged in");
  debug_mc.body_txt.text+="\nnot logged in";
  if(this.reas == "Please Complete Overview and first 3 Module(s) with at least 70 score."){
  login_mc.loginBad_mc.gotoAndStop("r2");
  login_mc.loginBad_mc._visible = true;
  } else if(this.reas == "Please Complete Overview Module first."){
  login_mc.loginBad_mc.gotoAndStop("r3");
  login_mc.loginBad_mc._visible = true;
  } else {
  login_mc.loginBad_mc._visible = true;
  } else {
  login_mc._x = 800;
  trace("now logged in");
  debug_mc.body_txt.text+="\nnow logged in";
  trace("studentid: "+this.studentid);
  trace("isAdmin: "+this.isAdmin);
  //track variables for later use
  _global.studentidTemp = this.studentid;
  _global.isAdminTemp = this.isAdmin;
  bookmark_lv.studentid = ""+this.studentid+"";
  bookmark_lv.isAdmin = ""+this.isAdmin+"";
  bookmark_lv.sendAndLoad(bookmarkUrl,bookmark_lv,"GET");
  }else{
  debug_mc.body_txt+="\nlogin load error"
  login_lv.onHTTPStatus = function(httpStatus:Number) {
      this.httpStatus = httpStatus;
      if(httpStatus < 100) {
          this.httpStatusType = "flashError";
      else if(httpStatus < 200) {
          this.httpStatusType = "informational";
      else if(httpStatus < 300) {
          this.httpStatusType = "successful";
      else if(httpStatus < 400) {
          this.httpStatusType = "redirection";
      else if(httpStatus < 500) {
          this.httpStatusType = "clientError";
      else if(httpStatus < 600) {
          this.httpStatusType = "serverError";
  debug_mc.body_txt.text+="\n login_lv HTTPStatus number="+httpStatus+" HTTPStatus type="+this.httpStatusType;
  //prepare bookmarkXML to receive returned info from bookmark_lv function
  var bookmarkXML = new XML();
  bookmarkXML.ignoreWhite = true;
  bookmarkXML.onLoad = bookmark_lv;
  // variables will appear in the bookmark_lv object
  bookmark_lv.onLoad = function(success) {
  if (success) {
  trace("bookmarked");
  debug_mc.body_txt.text+="\nbookmarked";
  trace("bookmarkXML: "+bookmarkXML);
  var bookmarkNode = mx.xpath.XPathAPI.selectNodeList(this.firstChild, "/bookmark");
  trace("bookmarkNode: "+bookmarkNode);
  var bookmarker:String = unescape(eval("bookmark_lv"));
  trace("bookmarker: "+bookmarker);
  bookmarker = bookmarker.split("<xml>").join("");
  bookmarker = bookmarker.split("<bookmark").join("");
  bookmarker = bookmarker.split("/bookmark>").join("");
  bookmarker = bookmarker.split("</xml>").join("");
  var startIndex:Number;
  var endIndex:Number;
  startIndex = bookmarker.indexOf(">");
  trace(startIndex);
  endIndex = bookmarker.indexOf("<");
  trace(endIndex);
  var bookFinally:String;
  bookFinally = bookmarker.substr(startIndex+1, endIndex-2);
  bookFinally = bookFinally.split("<").join("");
  setBookmarkStr = ""+bookFinally+"";
  trace("string: "+setBookmarkStr);
  _global.newBookmark = bookFinally;
  play();
  }else{
  debug_mc.body_txt+="\nbookmark load error"
  bookmark_lv.onHTTPStatus = function(httpStatus:Number) {
      this.httpStatus = httpStatus;
      if(httpStatus < 100) {
          this.httpStatusType = "flashError";
      else if(httpStatus < 200) {
          this.httpStatusType = "informational";
      else if(httpStatus < 300) {
          this.httpStatusType = "successful";
      else if(httpStatus < 400) {
          this.httpStatusType = "redirection";
      else if(httpStatus < 500) {
          this.httpStatusType = "clientError";
      else if(httpStatus < 600) {
          this.httpStatusType = "serverError";
  debug_mc.body_txt.text+="\n bookmark_lv HTTPStatus number="+httpStatus+" HTTPStatus type="+this.httpStatusType;

  try using different loadvars instances for your send loadvars and for your receive loadvars.