Enabling Component Level Security

Hi,
I wonder if this is a problem to me or everyone.
Im trying to implement Security for a EO, I select it in the structure and ssign 'Read,Update, Delete checkboxess to the respective roles. Once I do it and open it again, the checkboxes are getting clered.
If I choose Test-all role, the checkbox value is renedered fine.
Can anyone tell me why is this happening.
Thanks
Edited by: user617801 on Mar 3, 2009 1:10 PM

The reason why my checkboxes are cleared is the way I have enabled the security.
Proper way of enabling security will not cause any problem. I have created a new application and followed these steps and worked perfectly.
1) Configure ADF Security using the Wizard
2) Open properties of web.xml file and add constraint for as 'allPages' with URL Pattern '/'
3)Create Users, Application Roles and assign the "View" permissions to the respective Taskflows, Pages.
I also created JAAS permissions and applied them to the rendered property to the buttons.
Ex: rendered="#{securityContext.userGrantedPermission['permissionClass=sni.nmrm.view.permission.ComponentPermission;target=MenuDMLPermission1;action=access']}"
If we follow the above steps, everything goes smoothly.
I am able to implement Security in ADF11g in our project. I thank everyone from Oracle Team.
Thanks.

Similar Messages

  • Enabling item level security

    Hi,
    We are using portal version 3.0.9. We are trying to implement security at the item level and have super-user rights. According to <http://portalstudio.oracle.com/help/sblgrapi.htm>, if you scroll all the way to the bottom it says that "You cannot enable item level security for items in the Portlet Repository content area." I am assuming that this Portlet Repository content area is referring to the Administer->Display Portlet Repository ->Seeded Providers -> Portal Content Area -> Content Areas
    The items that we want to secure are currently in the folder called "other providers" but I can also access the items from within the portal repository content areas.
    So far I have been specifying access to the page, the category, the folder, and the item, and when I log in as a view only user I still can see things that I shouldn't. Perhaps, it is because it is somehow still in the repository?
    I think that I am missing a step somewhere. I have cleared inherit privileges and enable item level security wherever I could find that option while editing. Has anyone successfully added security to even a folder?
    Thanks in advance.
    Best Regards,
    Lindsay

    Lindsay,
    I'm not sure if this is what you are looking for, but you can secure access to portlets that are shown in the portlet repository
    through the Access tab that is available when you "Edit" the portlet entry in the Edit Folder view of the Portlet repository.
    [ol]
    [li]Go to the portlet repository
    [li]Navigate to the appropriate folder
    [li]Edit the folder
    [li]Click on the Edit link beside the portlet of interest
    [li]Click on the Access tab
    [li]Turn on access control and specify privileges on the portlet.
    [ol]
    See if this is what you are looking for, or let me know if I'm off base.

  • How programmatically "enable" the Page to have Item level security

    Some body known how do we programmatically "enable" the Page to have
    Item level security. - analogous to checking the box in the Page edit mode for "Enable item level security"

    Hi, I only know portal.wwsbr_api.enable_ils_for_item.....
    You can perform actions on multiple objects simultaneously.
    Navigator > Page Groups(TAB) > PageGroup > Page > actions(link)
    Click on actions link and in LOV, select "Enable ILS".
    Hope this help.

  • Menu item level security

    How can I enable item level security on a menu?
    I would like different users to see only parts of a menu.
    Portal 3.0.8.9.2
    I unchecked the "Inherit from Component" checkbox and can grant security to the menu as a whole, but not to a submenu or item. Is this possible?
    Thanks,
    Gary

    Hi Gary
    Although we are using version 3.0.9.8.1 I don't think that this makes the difference. For me there is a certain contradiction between your basic question and your actual answer.
    My conclusion: In the matter of fact you didn't uncheck the 'inherit from component' checkbox in the develop tab, but the 'inherit from application' one in the access tab,
    what is wrong and doesn't help to solve your problem!
    Find the 'inherit from component' checkbox - by editing the top level menu - near checkboxes like 'inherit from component' under COMMON OPTIONS like e.g. 'Show Timing' or 'Log Activity' and uncheck it. The SECURITY 'multi select box' is shown immediately.
    Hope this helps!
    Thanks
    Peter

  • Setting up Row Level Security in EPM 11.1.1.3

    I have been following the Administration guide but failed to setup row level security in EPM 11.1. Please advise which part of my steps are wrong. (note I am using MS SQL Server for the EPM Shared Services and Workspace database, everything under Windows env)
    i) Enable row level security in Workspace.
    Step 1) Define a ODBC Data Source named "EPM_WS" in Windows. The ODBC Data Source points to the MS SQL Server database of EPM Workspace since it contains the 3 tables (BRIOSECG, BRIOSECP, BRIOSECR) related to row-level-security.
    Step 2) Login to workspace, select "Administer"->"Configuration Console". Edit "Interactive Reporting Data Access Services" and add a data source with ODBC->MS SQL Server -> "EPM_WS" as the name of datasource. Restart "Interactive Reporting Data Access Services".
    Step 3) Login to workspace, select "Administer"->"Row Level Security". Check "Enable Row Level Security", Choose ODBC->MS SQL Server-> fill in "EPM_WS" as Data Source Name"-> Provide correct user name and password. Click "Save Properties"
    Step 4) It always prompt "Server error setting the Connectivity. Recommended Action: Logoff and logon again. If problem persists contact your local security administrator."
    Any log I can inspect for the connectivity error?
    ii) Configure Row Level Security setting
    I know that for Hyperion IR, there is a file row_level_security.bqy comes with the installation. User can use this bqy file to configure the actual row level security setting. However, I cannot locate this bqy file in the EPM 11.1 installation. What is the proper step for setting up the row level security configuration?
    thank you very much.

    I have been following the Administration guide but failed to setup row level security in EPM 11.1. Please advise which part of my steps are wrong. (note I am using MS SQL Server for the EPM Shared Services and Workspace database, everything under Windows env)
    i) Enable row level security in Workspace.
    Step 1) Define a ODBC Data Source named "EPM_WS" in Windows. The ODBC Data Source points to the MS SQL Server database of EPM Workspace since it contains the 3 tables (BRIOSECG, BRIOSECP, BRIOSECR) related to row-level-security.
    Step 2) Login to workspace, select "Administer"->"Configuration Console". Edit "Interactive Reporting Data Access Services" and add a data source with ODBC->MS SQL Server -> "EPM_WS" as the name of datasource. Restart "Interactive Reporting Data Access Services".
    Step 3) Login to workspace, select "Administer"->"Row Level Security". Check "Enable Row Level Security", Choose ODBC->MS SQL Server-> fill in "EPM_WS" as Data Source Name"-> Provide correct user name and password. Click "Save Properties"
    Step 4) It always prompt "Server error setting the Connectivity. Recommended Action: Logoff and logon again. If problem persists contact your local security administrator."
    Any log I can inspect for the connectivity error?
    ii) Configure Row Level Security setting
    I know that for Hyperion IR, there is a file row_level_security.bqy comes with the installation. User can use this bqy file to configure the actual row level security setting. However, I cannot locate this bqy file in the EPM 11.1 installation. What is the proper step for setting up the row level security configuration?
    thank you very much.

  • Item level security, workflow and tab problems

    was wondering if someone could help us out with some problems we are having. We need to up and running over the next two days so anyone who could get back to us pretty quickly would be greatly appreciated.
    We are actually having a couple of issues which all revolve around three
    groups we have created (for simplicity we have only attached one user to each group). Here are the steps we took:
    Problems adding content:
    a) Added the three groups to the page group and gave them view access.
    b) Turned on approvals and set group3 as the approver.
    c) Added the three groups to the page and gave them view access.
    d) In the page properties, I enabled item level security.
    e) Added an item content area to the page.
    f) Added three pieces of simple content
    g) For content item1 I granted granted full access to group1(Own, manage, view), for content item 2 I granted full access to group2, etc.
    h) WHen I log on as a user in group1 I only see content item1. HOwever, when I edit the page I find I cannot add any items as user1.
    i) I went back to the page properties and changed the access of all three groups to "manage items with approval" but let the item level security as it was.
    j) When I logged on as user1 I found I could see all items now when I should only have seen content item1. What the hell? Can anyone tell me what I did wrong?
    Problems with item level security on tabs:
    a) Repeat steps a) through d) above.
    b) Create a content region and add three tabs: Home, Work, Life.
    c) On the Work tab changed portlet region to item region.
    d) Added three items with security exactly as I did above.
    e) When I signed on as user1 I saw all three items when I only should have seen item1. What the hell?
    f) I monkeyed around with the secutiry at the tab level but it didn't seem to make much difference. ANyone have any ideas what is going on here?
    Thanks in advance.

    Does the library have versions enabled? Also are these logins occuring within word/excel etc?
    If there's multiple login prompts which occur even if entering valid credentials what does hitting escape (after the first prompt) achieve, does the document open anyway?
    There's a situation where Office will prompt for credentials if you open a document when you've only got read access but there's a version history (to which you don't have access). This is to allow you to enter more highly privelidged credentials if you
    want to.

  • Setting up item level security access

    Hello,
    I am new to Oracle Instant Portal and I'm trying to figure out how to set up item level security on a particular tab page. Can anyone give step by step instructions on how to make it work?
    So, say that I have a tab page called HR. On that HR page, I have 3 items. For item1 and item2, I want user1 to have view access to these only, and for user2 they could have view access to item3 only.
    I checked the option in the HR page's Page Access settings to Enable Item Level Security, saved the changes, and even cleared the cache, but it doesn't seem to give me any new functionality where I could specify that for item1 and item2, only user1 should have access to it, and for item3, only user2 should access it.
    Can someone please help?
    Thanks!

    Please disregard--I figured out how to do this:
    1. When you are editing the page, you must click on the "Edit Item" icon next to the item.
    2. Then click on the Access tab in the upper right.
    3. Select Define Item Level Access Privileges and click Apply.
    4. In the Grant Access section that now appears just below, select the user id you want to grant access to the item and then click Add.

  • Access Tab not showing for item level security

    I have enabled item level security for the portal page I am working on, but the access tab for the items is not showing.
    I have come accross exactly the same problem on this forum and the advice was:
    Hi try the following :
    go to page properties
    set the item level security
    clear the cache
    clear your browser cache
    it should work "
    I have tried all that, closed and opened a browser but the access tab is still not showing. This is a 10.1.4 portal on LINUX. Starnge enough I have a testing environment installed on my Windows XP (AS 10.2.0.2 not upgarded to 10.1.4) and I don't have any issues with item security access tab at all.
    I would appreciate any clues.
    Regards,
    Anna

    There should be two icons shown for each item when you put the page in Edit mode - Edit and Actions. Click on the Actions icon and "Access" should be one of the links in the list of actions (like hide, expire, delete, move, etc.)

  • How to use Item Level security

    I am working on portal 9.0.2.6.18.
    I have a folder with 1000 items. I want to grant groupA
    access to 997 items and
    (Group B,GroupA) access to 3 items.
    How do i do this.
    Here is what i tried:
    1.enabled item level security on folder
    2.granted folder level access to groupA and groupB
    3.Changed access of 997 items to grant access to GroupA
    4.Did nothing to the 3 items which i wanted to give access to GroupA,GroupB
    Is there a better way of achieving this?
    I am not really comfortable granting folder level access to groupB, because if i miss overwriting privileges of an item (in step 3), then groupB will have access to that item. I would love to change just 3 items because they are the exception.
    How is this feature supposed to be used?
    Thanks
    Harish

    Martin,
    Thanks for the reply. I just cited 1000 items folder as an example. We have various complex combination of security requirements for folders and items. So creating sub-folders for each combination will not work for me.
    Everytime the security requirements change we have to move the items around, which can confuse users. And sometimes we have to create sub-folders to workaround the item-level security problems even when there is no logical business classification to a set of items.
    Harish

  • Item level security apis

    Hello:
    Requesting clarification on a Content API question in 10G
    Using the APIs, I have created a Page and an item heirarchy in the same page. Now in order to assign item level security, I need to call the following API to "enable" item level security on the specified item -
    wwsbr_api.enable_ils_for_item(
    p_master_item_id => v_category_id2a
    ,p_caid => v_page_group_id
    ,p_folder_id => v_new_page_id);
    However, this throws an exception wwsbr_api.ILS_DISABLED
    meaning -
    "The page does not allow Item Level Security.
    Cannot add item specific privileges."
    But, how do we programmatically "enable" the Page to have
    Item level security. - analogous to checking the box in the Page edit mode for "Enable item level security"
    Thanks
    -Ananth

    I'd appeciate a reply as well. For now I've been using content as a PL/SQL stored procedure in a package and then wrapping is_logged_in code around it. It works but isn't cusomizable.

  • Item Level Security - 9.0.2.2.22.

    Is there a problem with setting item level security? My scenario is one multitabbed page within a page group. My settings are shown below. I want some items on the page to be seen by the public and some to only be seen by certain groups - basically welcome messages, one for employees, one for customers.
    Page Group properties - nothing to set for item level security.
    Page Level properties - On Access tab set both 'Display Page to Public Users' and 'Enable Item Level Security'
    On 'Welcome' Tab properties for above page (not page group) - On Advanced Options tab set 'Inherit Access Settings from the Page' and 'Display tab to public users'.
    On subtab 'About Us' on 'Welcome' tab properties - same as above, i.e. On Advanced Options tab set 'Inherit Access Settings from the Page' and 'Display tab to public users'.
    On 'About Us' subtab region 1 - an item region - there is no access settings to make.
    On text item added to region 1 - On Access tab set 'Define Item Level Access Privileges' then added my EMP group; view item privilege. Only other grantee is PORTAL.
    The text item still shows up for public (without login) and everyone else that logs in; that is when no one signs in! Item Level Security settings seem to have no affect whatsoever. What did I set incorrectly?

    isn't there just a bugfix available?
    9025 isn't out yet - when will it be available ?
    markus

  • Item level security for custom items in 902

    I've created several custom item types and created some items in a page
    that enables Item Level Security.
    Enabling item level security on any of these items cause
    Error 30694: Error in API - update item failed
    Steps:
    1. Create custom item type
    Extended simple text type
    added image attribute
    2. Create custom item
    3. Edit custom item just created
    Select Access / Item Level Security
    Select Define Item Level Access Privileges
    Hit Apply or OK
    -> Error 30694: Error in API - update item failed
    Same error is using a "Image" item type.
    The above steps do not cause an error if using the default types; e.g. Simple Text and Simple URL
    Also tried promoting the item type so its shared. No effect.
    Is item-level security only for base "simple" item types??? If so then this is a MAJOR restriction.
    Any help would be greatly appreciated.
    --jason mathews                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       

    Hi Jason
    I filed a bug on this. See 2529787
    I narrowed the problem down to custom item types that have a file or image attribute and only when the item is edited by someone other than the orginial publisher.

  • Row level security in discoverer desktop

    currently, I have designed a business area on one of my star schema, and I created several other business area in order to allow different level of users to view the pre-defined reports on discoverer desktop. and I want different users to view different data from my star schema tables. So I created some criteria on those business area.
    e.g. condition on bus_area1 : sales_manager="man01",
    condition on bus_area2 : sales_manager="man02"
    in short, i want to enable record level security by using discoverer's conditions.
    but unfortunately, even I un-checked "Create/Edit Query" privileges on discoverer administrator for those users, they still can modify the worksheet. So they can just remove my condition and to view data that they shouldnot be able to see..
    can any one tell me how to solve this problem, or how to do row level security in discoverer?
    What can I do if I want to disable "edit worksheet" in discoverer desktop from users??
    thanks in advance..
    Marco

    Marco,
    Probably the best way to achieve row-level security is to upgrade to 9.0.4.1 and take advantage of the new functionality of Discoverer to pass the SSO user to the DB query. You would apply Oracle Fine Grained Security/VPD/striping on the DB tables using a policy based on SSO userid. Then using Disco 9.0.4.1 the user would see only the data they are privileged to see. However this works only in a web environment (Discoverer Plus, Viewer and Portlets) not for Desktop.
    Discoverer Product Management - mpd

  • SAP-BO SSO and Row Level Security

    Hi,
    We can configure the SAP authentication and able to login InfoView via SAP user name and password. And also, we can import the roles from the SAP system.
    When we create a connection to BW cubes from designer, we want to use "Use Single Sign On when refreshing reports at view time" to apply row-level security which is defined at the BW cubes.
    In our tests, we use "Use BusinessObjects credential mapping" while creating connection from designer to test the row level security. As you can guess, after importing the SAP user, in CMC screen > Users and Groups > Users, we manually enter the password of the user to the Database credentials part. However, as you can guess, the password of the user's is not static and that is not a good solution.
    My question is that, do I need to configure SSO between SAP and BO system or how can I enable row level security?
    System Information
    Business Objects XI 3.1
    SAP Intg. Kit 3.1
    Thanks a lot,
    Omer

    Hi Omer,
    please note that only row-level security implemented through authorization variables in BW queries can be used in BusinessObjects. Row-level security defined at cube level will not be applied.
    As long as you have used the SAP authentication to log on your BOBJ server, the SAP credentials will be used automatically to get the data from your SAP BW source as long as the "Use Single Sign On when refreshing reports at view time" optionĀ  is selected in the Database configuration panel (Found in the CMC when viewing the properties of your report) and the option "Use BusinessObjects credential mapping" is selected in your universe connection.
    Please note that this will only work for reports that are invoked directly in the infoview. If a user schedules such a report, she/he has to enter her/his SAP credentials explicitely in the Database Configuration Panel appearing in the scheduling assistant window. In this case you can activate SNC trust between your two servers in order to avoid entering a password when the report is scheduled.
    Regards,
    Stratos
    Edited by: Efstratios Karaivazoglou on May 5, 2009 10:16 AM
    Edited by: Efstratios Karaivazoglou on May 5, 2009 10:23 AM

  • Edit Folder link always is visible if Item Level Security is enabled

    Hi,
    When Item Level Security is enabled in a folder, it show the 'Edit Folder' link, instead if the user is not authenticated.
    Does anybody know how to remove this link???
    Thanks.

    We to have experienced this behavior. Is this a bug?
    The Edit Link generated does not allow the user to "edit" any items, but shows the Administration link. This is not a good thing. This makes using Item Level Security very difficult, from the standpoint of User Interface and confusion.
    We are looking into creating a portlet to dynamically generate an "Edit Folder" link to replace the current one. However, we have doubts this will work.
    Dean
    - Solaris
    - Portal 3.0.9.8.2
    - 8.1.7.3
    (Awaiting Release 2!)

Maybe you are looking for

  • Help on Procedure and trigger for updating(urgent please)

    SQL> / Table A CTUT_ID CTUT_COMPANY_NAME CURRT_USER_ID FMIS_ID CREATE_DA UPDATE_BY UPDATE_DATE 1234 A 15-APR-03 2222 B 15-APR-03 3333 C 15-APR-03 4444 D 15-APR-03 5555 E 15-APR-03 6666 F 15-APR-03 150282 G oRACLE 23-APR-03 1 H 15-APR-03 2 I 15-APR-03

  • Login Error SQL Plus in Oracle9i

    I installed completely Oracle9i on my system. I have to make databases, make forms and generate reports for my scool project. I cannot login to sql Plus using scott tiger . I think the problem is with HOST STRING. Can anyone help please. Thank you Sh

  • Dynamic Hide column in table control

    I want to hide colum of table control in program, and then it can invisible,but others is visible. how should i do?

  • Setting up Yahoo Japan e-Mail on 2G iPod Touch

    How can it be done? What is the correct incoming and out going POP server host names? TIA, Apple //GS

  • Overlay my motion menu

    Make most of DVD menus in Motion but still have not figured out haveing the overlay as part of my of my menu, what i mean is i have a 2 minute menu but my buttons wont be active until 30 seconds in but when i draw the buttons out DSP the button is hi