Grant access to page programmatically

Hi
I am looking into using pl/sql procedures in portal 9.0.2 to grant access for users and groups, programmatically, to a page that i have created.
I am trying to use this procedure:
wwsec_api.set_user_acl(p_object_type_name,p_owner ,p_name ,p_authorization_function );
However, i m not too sure how to set the variables for p_object_type_name and p_name and how are i can extract the correct object_type_name from WWSEC_PRIV_OBJECT_TYPE. I am also not sure if I am on the right track.
Would appreciate if anyone can advise on this procedure and if there are any other ways of implementation.
Thank you and best regards
Siew Leng

Select the Documents folder, choose Get Info from the Finder's File menu, give them access under Sharing & Permissions, and tell them to use the Go to Folder command in the Go menu to access /Users/yourname/Documents/. Alternatively, move them to /Users/Shared/.
(75108)

Similar Messages

Restrict Access To Page Not Working with Different Auth Levels

I have just started playing with the idea of using different auth levels to allow different users access to certain pages on my site.
Within my SQL database I have a authlevel table consisting of 3 possible levels (guest, user, admin)
I am using the Dreamweaver "Log in user" to log in users based on username, pass, and auth level and "Restrict access to page" set to allow user levels 'user' and 'admin'.
The problem, however, occurs when trying to log in. No matter what auth level I try I am redirected to my page where users should be redirected if they are not allowed to enter that page.
I have included below my code from my login page and the page where all authorized users (user and admin) should be directed upon entering the restricted area.
Login Page:
<?php require_once('../Connections/hondovfd.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
return $theValue;
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
session_start();
$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
$_SESSION['PrevUrl'] = $_GET['accesscheck'];
if (isset($_POST['username'])) {
$loginUsername=$_POST['username'];
$password=$_POST['password'];
$MM_fldUserAuthorization = "authlevel";
$MM_redirectLoginSuccess = "/membersonly/membersonly.php";
$MM_redirectLoginFailed = "/membersonly/loginfailed.php";
$MM_redirecttoReferrer = false;
mysql_select_db($database_hondovfd, $hondovfd);
$LoginRS__query=sprintf("SELECT username, password, authlevel FROM login WHERE username=%s AND password=%s",
GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text"));
$LoginRS = mysql_query($LoginRS__query, $hondovfd) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
    $loginStrGroup = mysql_result($LoginRS,0,'authlevel');
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;
    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
    header("Location: " . $MM_redirectLoginSuccess );
else {
    header("Location: ". $MM_redirectLoginFailed );
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />

<title>Log In</title>

<meta name="description" content="Hondo Fire and Rescue serves the Arroyo Hondo and Canada Village areas of Santa Fe County, NM." />
<meta name="keywords" content="hondo, hondo fire, hondo vfd, hondo fire department, santa fe county fire department, santa fe county, volunteer fire department, hondo volunteer fire department" />
<link href="../stylesheet.css" type="text/css" rel="stylesheet" />

<script src="../SpryAssets/SpryMenuBar.js" type="text/javascript"></script>
<link href="../SpryAssets/SpryMenuBarVertical.css" rel="stylesheet" type="text/css" />
</head>
<body class="thrColLiqHdr">
<div id="container">
<div id="header"></div>
<div id="sidebar1">
<h3>Navigation : </h3>
<ul id="MenuBar1" class="MenuBarVertical">
<li><a href="/index.php">Home</a></li>
<li><a href="/support.php">Support Hondo</a></li>
<li><a class="MenuBarItemSubmenu" href="#">Information Menu</a>
    <ul>
      <li><a href="/people.php">Our People</a></li>
      <li><a href="http://www.google.com/maps/ms?ie=UTF8&hl=en&msa=0&msid=101620713606637979698.00045b6ead4ab4ea70b78&z=11" target="_blank">Response Area</a></li>
      <li><a href="/medical.php">Medical</a></li>
      <li><a href="/apparatus.php">Apparatus</a></li>
      <li><a href="/training.php">Training</a></li>
      <li><a href="/volunteer.php">Volunteer</a></li>
      <li><a href="/statistics.php">Statistics</a></li>
      <li><a href="/patchtrading.php">Patch Trading</a></li>
    </ul>
</li>
<li><a href="/album.php">Photo Gallery</a></li>
<li><a href="/calendar.php">Calendar</a></li>
<li><a href="/news.php">Blog/News</a></li>
<li><a href="/links.php">Links</a></li>
<li><a href="/contact.php">Contact Us</a></li>
</ul>
<br />
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<span class="lefttext">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="8567201">
<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_donate_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!" />
<img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
</img></input></input>
</span>
</form>
<span class="lefttext"><br />
</span>
<center>
<span class="lefttext"><a href="http://www.facebook.com/pages/Santa-Fe-NM/Hondo-Volunteer-Fire-Department/74284233488" target="_blank" class="lefttext">Hondo VFD on Facebook</a></span>
</center>
</div>
<div id="sidebar2">
    <p><a href="/membersonly/login.php">Log In</a> | <a href="/membersonly/logout.php">Log Out</a></p>
    <p>Call Statistics for <?php
$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/month.txt";
$fh = fopen($myFile, 'r');
$theData = fread($fh, filesize($myFile));
fclose($fh);
echo $theData;
?> as of <?php
$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/date.txt";
$fh = fopen($myFile, 'r');
$theData = fread($fh, filesize($myFile));
fclose($fh);
echo $theData;
?></p>
<table width="90%" border="0" cellspacing="0" cellpadding="0">
<tr>
    <td width="60%">EMS Calls</td>
    <td width="40%"><?php
$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/emscalls.txt";
$fh = fopen($myFile, 'r');
$theData = fread($fh, filesize($myFile));
fclose($fh);
echo $theData;
?></td>
</tr>
<tr>
    <td>Fire Calls</td>
    <td><?php
$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/firecalls.txt";
$fh = fopen($myFile, 'r');
$theData = fread($fh, filesize($myFile));
fclose($fh);
echo $theData;
?></td>
</tr>
</table>
<hr />
    <div id="cse" style="width:100%;">Loading</div>
<script src="http://www.google.com/jsapi" type="text/javascript"></script>
<script type="text/javascript">
google.load('search', '1');
google.setOnLoadCallback(function(){
    new google.search.CustomSearchControl().draw('cse');
}, true);
</script>
     
</div>

<div id="mainContent">
<div class="top"></div><div class="wrap">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
    <td height="47" class="h2">Members Only Login</td>
</tr>
<tr>
    <td><form ACTION="<?php echo $loginFormAction; ?>" id="login" name="login" method="POST">
    <table width="40%" border="0" cellspacing="0" cellpadding="0">
<tr>
    <td width="31%">Username:</td>
    <td width="69%"><input name="username" type="text" /></td>
</tr>
<tr>
    <td>Password</td>
    <td><input name="password" type="password" /></td>
</tr>
</table>
<input name="Submit" type="submit" />
    </form></td>
</tr>
</table>

</div>
<div class="bottom"></div>
</div>
      <br class="clearfloat" />
<div id="footer">
    <p align="center">© Copyright 2009 Hondo Volunteer Fire Department | <a href="mailto:[email protected]">Contact Us</a><a href="http://www.legalhelpers.com/chapter-13-bankruptcy/chapter13.html"></a><br />Hosting provided by <a href="http://studiox.com/" target="_blank">Studio X</a></p>
</div>
</div>
<script type="text/javascript">

</script>
<?php include_once("/var/home/hondovfd/hondovfd.org/www/analyticstracking.php"); ?>
</body>
</html>
Other Page:
<?php
if (!isset($_SESSION)) {
session_start();
$MM_authorizedUsers = "user,admin";
$MM_donotCheckaccess = "false";
// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
// For security, start by assuming the visitor is NOT authorized.
$isValid = False;
// When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
// Therefore, we know that a user is NOT logged in if that Session variable is blank.
if (!empty($UserName)) {
    // Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
    // Parse the strings into arrays.
    $arrUsers = Explode(",", $strUsers);
    $arrGroups = Explode(",", $strGroups);
    if (in_array($UserName, $arrUsers)) {
      $isValid = true;
    // Or, you may restrict access to only certain users based on their username.
    if (in_array($UserGroup, $arrGroups)) {
      $isValid = true;
    if (($strUsers == "") && false) {
      $isValid = true;
return $isValid;
$MM_restrictGoTo = "/membersonly/loginfailed.php";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {
$MM_qsChar = "?";
$MM_referrer = $_SERVER['PHP_SELF'];
if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0)
$MM_referrer .= "?" . $QUERY_STRING;
$MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
header("Location: ". $MM_restrictGoTo);
exit;
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />

<title>Members Only Area</title>

<meta name="description" content="Hondo Fire and Rescue serves the Arroyo Hondo and Canada Village areas of Santa Fe County, NM." />
<meta name="keywords" content="hondo, hondo fire, hondo vfd, hondo fire department, santa fe county fire department, santa fe county, volunteer fire department, hondo volunteer fire department" />
<link href="../stylesheet.css" type="text/css" rel="stylesheet" />

<script src="../SpryAssets/SpryMenuBar.js" type="text/javascript"></script>
<link href="../SpryAssets/SpryMenuBarVertical.css" rel="stylesheet" type="text/css" />
</head>
<body class="thrColLiqHdr">
<div id="container">
<div id="header"></div>
<div id="sidebar1">
<h3>Navigation : </h3>
<ul id="MenuBar1" class="MenuBarVertical">
<li><a href="/index.php">Home</a></li>
<li><a href="/support.php">Support Hondo</a></li>
<li><a class="MenuBarItemSubmenu" href="#">Information Menu</a>
    <ul>
      <li><a href="/people.php">Our People</a></li>
      <li><a href="http://www.google.com/maps/ms?ie=UTF8&hl=en&msa=0&msid=101620713606637979698.00045b6ead4ab4ea70b78&z=11" target="_blank">Response Area</a></li>
      <li><a href="/medical.php">Medical</a></li>
      <li><a href="/apparatus.php">Apparatus</a></li>
      <li><a href="/training.php">Training</a></li>
      <li><a href="/volunteer.php">Volunteer</a></li>
      <li><a href="/statistics.php">Statistics</a></li>
      <li><a href="/patchtrading.php">Patch Trading</a></li>
    </ul>
</li>
<li><a href="/album.php">Photo Gallery</a></li>
<li><a href="/calendar.php">Calendar</a></li>
<li><a href="/news.php">Blog/News</a></li>
<li><a href="/links.php">Links</a></li>
<li><a href="/contact.php">Contact Us</a></li>
</ul>
<br />
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<span class="lefttext">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="8567201">
<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_donate_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!" />
<img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
</img></input></input>
</span>
</form>
<span class="lefttext"><br />
</span>
<center>
<span class="lefttext"><a href="http://www.facebook.com/pages/Santa-Fe-NM/Hondo-Volunteer-Fire-Department/74284233488" target="_blank" class="lefttext">Hondo VFD on Facebook</a></span>
</center>
</div>
<div id="sidebar2">
    <p><a href="/membersonly/login.php">Log In</a> | <a href="/membersonly/logout.php">Log Out</a></p>
    <p>Call Statistics for <?php
$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/month.txt";
$fh = fopen($myFile, 'r');
$theData = fread($fh, filesize($myFile));
fclose($fh);
echo $theData;
?> as of <?php
$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/date.txt";
$fh = fopen($myFile, 'r');
$theData = fread($fh, filesize($myFile));
fclose($fh);
echo $theData;
?></p>
<table width="90%" border="0" cellspacing="0" cellpadding="0">
<tr>
    <td width="60%">EMS Calls</td>
    <td width="40%"><?php
$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/emscalls.txt";
$fh = fopen($myFile, 'r');
$theData = fread($fh, filesize($myFile));
fclose($fh);
echo $theData;
?></td>
</tr>
<tr>
    <td>Fire Calls</td>
    <td><?php
$myFile = "/var/home/hondovfd/hondovfd.org/www/membersonly/firecalls.txt";
$fh = fopen($myFile, 'r');
$theData = fread($fh, filesize($myFile));
fclose($fh);
echo $theData;
?></td>
</tr>
</table>
<hr />
    <div id="cse" style="width:100%;">Loading</div>
<script src="http://www.google.com/jsapi" type="text/javascript"></script>
<script type="text/javascript">
google.load('search', '1');
google.setOnLoadCallback(function(){
    new google.search.CustomSearchControl().draw('cse');
}, true);
</script>
     
</div>

<div id="mainContent">
<div class="top"></div><div class="wrap">
    <table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
    <td height="47" class="h2">Members Only Area</td>
</tr>
<tr>
    <td><p><a href="/membersonly/documents.php">Useful Documents</a></p>
      <p><a href="/membersonly/IncidentCount01_08.pdf">Current Call Statistics</a> as of 9/3/09</p>
      </td>
</tr>
</table>
<script type="text/javascript">

</script>
</div>
<div class="bottom"></div>
</div>
      <br class="clearfloat" />
<div id="footer">
    <p align="center">© Copyright 2009 Hondo Volunteer Fire Department | <a href="mailto:[email protected]">Contact Us</a><a href="http://www.legalhelpers.com/chapter-13-bankruptcy/chapter13.html"></a><br />Hosting provided by <a href="http://studiox.com/" target="_blank">Studio X</a></p>
</div>
</div>
<script type="text/javascript">

</script>
<?php include_once("/var/home/hondovfd/hondovfd.org/www/analyticstracking.php"); ?>
</body>
</html>

you don't need all that bloat. set a session during login of some kind of uniquely identifying id. i.e.
$_SESSION['id'] = $row_rs['id'];
then on the pages you need to protect, check it like this....
<?php
session_start();
if (!(isset($_SESSION['id']) && $_SESSION['id'] != '')) {
die(header("Location: http://www.notinprotectedareas.com")); }
?>
you can use an include file i.e.
<?php require_once('login_check.php'); ?>
where file is name login_check.php to make your auth controls clean on your protected pages.

Restrict Access to Page Issue...

Hi this is my first time on Adobe forums, im regard myself as
new to web design, im making my first proper website, for portfolio
purposes. www.imaginationwebdesign.co.uk/port2 is the website..
I am using Dreamweaver CS3 coding with HTML / PHP / MySQL
My Issue:
I have implemented Restrict Access to Page dependant upon
User / Pass / Access Level.
Access Levels are 1 and 3 and are stored on my MySQL
Database.
3 = Full Admin Rights
1 = Minimal Admin Rights.
Now, Whilst the Restrict access works, when Access Level 1
attempts to display page only for Access Level 3, It's not
redirecting to the "AccessDenied.php" page... instead a blank white
page is being displayed and unless i press Back, it just stays
blank and doesnt redirect.
I have used the Server Behaviour Panel so the code is
automatically generated but the source is:
<?php
if (!isset($_SESSION)) {
session_start();
$MM_authorizedUsers = "3";
$MM_donotCheckaccess = "false";
// *** Restrict Access To Page: Grant or deny access to this
page
function isAuthorized($strUsers, $strGroups, $UserName,
$UserGroup) {
// For security, start by assuming the visitor is NOT
authorized.
$isValid = False;
// When a visitor has logged into this site, the Session
variable MM_Username set equal to their username.
// Therefore, we know that a user is NOT logged in if that
Session variable is blank.
if (!empty($UserName)) {
// Besides being logged in, you may restrict access to only
certain users based on an ID established when they login.
// Parse the strings into arrays.
$arrUsers = Explode(",", $strUsers);
$arrGroups = Explode(",", $strGroups);
if (in_array($UserName, $arrUsers)) {
$isValid = true;
// Or, you may restrict access to only certain users based
on their username.
if (in_array($UserGroup, $arrGroups)) {
$isValid = true;
if (($strUsers == "") && false) {
$isValid = true;
return $isValid;
$MM_restrictGoTo = "AccessDeniedAdmin.php";
if (!((isset($_SESSION['MM_Username'])) &&
(isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'],
$_SESSION['MM_UserGroup'])))) {
$MM_qsChar = "?";
$MM_referrer = $_SERVER['PHP_SELF'];
if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
if (isset($QUERY_STRING) && strlen($QUERY_STRING)
> 0)
$MM_referrer .= "?" . $QUERY_STRING;
$MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar .
"accesscheck=" . urlencode($MM_referrer);
header("Location: ". $MM_restrictGoTo);
exit;
?>
any help would be great to get the redirection working...
I've tried this on several pages and it still doesnt work.
Thank you and sorry if this is posted in the wrong area.
David.

Davidbirkin wrote:
> I finally managed to solve the issue.. although, to me
it was a rather strange
> issue..
Strange to you, perhaps, but it's a very common issue.
> Before the Validation to check for Access level i had
this line of code...
>
> <?php require_once('Connections/con1.php'); ?>
>
> No, i have moved that line of code to appear AFTER the
access level validation
> check, and it's all working fine... maybe it's the order
i added the dynamic
> functions to the Page, but now it is working...
As I said in my original reply, the problem was almost
certainly caused
by an error that you couldn't see because the display of
errors is
turned off for security reasons. The Restrict Access to Page
server
behavior uses session_start(), which must come before there
is any
output to the browser. "Output" includes new lines or
whitespace outside
PHP tags. There is almost certainly an extra line at the end
of
con1.php, which would prevent the session from starting. In
turn, that
would generate an error, resulting in your blank page.
The problem is closely related to the "headers already sent"
error
message that confuses most PHP beginners. Read about it here:
http://docs.php.net/manual/en/function.header.php
By the way, it sounds as though you are testing everything on
a remote
server, rather than testing locally before deploying to a
remote server.
That's a very bad idea, particularly if the display of errors
is turned
off. You should test files in a safe, local environment with
error
reporting turned to the highest level, and eliminate all
errors before
deploying to a live server. If you're testing locally, make
sure that
error_reporting in php.ini is set to E_ALL, and that
display_errors is on.
David Powers, Adobe Community Expert
Author, "The Essential Guide to Dreamweaver CS3" (friends of
ED)
Author, "PHP Solutions" (friends of ED)
http://foundationphp.com/

Grant Access at Portlet Level

I've read in some documentation (afair) that access can be granted at a lower level that the page level i.e. it's possible to grant access to a portlet to certain users/groups.
I cant seem to find any docs that show me how to change the permissions/access on each portlet though (I'm assuming that this should be possible for all types of portlets including HTML Portlets). I'd be grateful if someone could point me in the right direction.
Thanks,
WG

You cannot do that directly.
A possible workaround: add the portlet(s) to a dummy page, specify the access privileges for the dummy page, and add the dummy page to your real page as a portlet.

Check access on page that inherit security

Hi,
I'm building a dynamic menu which needs to render a page_group with all his pages and subpages. I want to implement security in such a way that only pages are shown wherefore the current logged-in user has manage rights for.
Currently I have 2 pages and each page has a subpage:
Page 1
->Page 1.1
Page 2
->Page 2.1
On page 1 and 2, I specify access settings (grant a group to access these) and the subpages of both pages will inherit these access settings from there parent pages (respectively page 1 and 2).
If I check whether a user (that belongs to the above mentioned group) has access to Page 1 or Page 2, the result is TRUE. (using wwsec_api.has_privilege)
When I check whether a user has access to a subpage of page 1 or page 2, the result is FALSE, although they must inherit the access settings configured on there parent pages.
My question now is: is there a function available which checks the access settings on pages that inherit these? If not, how can I easily implement this requirement.
Thanks in advance,
Koen

> I am working with php so it constantly needs to be
uploaded and checked
> for
> bugs.
Why not do that locally?
> And to top it all off i am not the only one working on
the project, hence
> the
> checkin/out.
All the more reason to do it locally. Can you install Apache
or are you on
a Mac?
Murray --- ICQ 71997575
Adobe Community Expert
(If you *MUST* email me, don't LAUGH when you do so!)
==================
http://www.projectseven.com/go
- DW FAQs, Tutorials & Resources
http://www.dwfaq.com - DW FAQs,
Tutorials & Resources
==================
"strubester" <[email protected]> wrote in
message
news:fn7u3f$kcr$[email protected]..
> Well my situation is this:
>
> I am working on a test server (basically) and so there
is no worry about
> pushing stuff live accidentally because the whole site
is not live.
>
> I am working with php so it constantly needs to be
uploaded and checked
> for
> bugs.
>
> And to top it all off i am not the only one working on
the project, hence
> the
> checkin/out.
>
> I dont shut down my computer.
>
> Case to case this *OPTION* of checking in on close may
not be the best
> situation, but thats why it is an *OPTION* - something
that adobe
> (macromedia)
> has not even provided.
>
> I feel that the absence of even an option for this
effect means the
> software
> is lacking.
>
> If you have a better method of development, i am all
ears.
>

Granting Access in custom portlets

Hi,
I'm deploing some portlets using PLSQL. Those portlets work's fine. Now i want to grant restricted access to this portlets. The best i can do is function is_runnable return false to users that i don't want to show my portlet.
Example:
if wwctx_api.get_userid!= 'PORTAL30' then return false;
else return true;
end if;
Can i use portal funcionality of grant access to, by example applications components or pages or content areas to restric access to my portlets ?
Thanks
Pedro Ribeiro

I realize that this is an old thread, but on the chance there are others like me looking into how to restrict access to custom porlets, I thought I would venture a reply.
I looked at the current online docs for for Portal Security Services. If you have a need to get down in the weeds these docs will show you what you need to know. But there is a very SIMPLE way to restrict access to your new portlet.
After you have your new PL/SQL or JAVA porlet in place, just create a new Portal Page using the wizard. Make it a plain page, no banner. Add your custom portlet to the new page. Then PUBLISH THIS NEW PAGE AS A PORTLET. Instead of adding your original portlet to other pages, add this "wrapper page" instead. You can use the grant access tab for the wrapper page to restrict access of the portlet to specific users and groups.
pmw

A very simple question on granting access.

Hi All,
I created a very low-level user in portal. I have added the Oracle built-in Favorites portlet to the user?s page. But when the user logs in, she still can't see the Favorites portlet. I usually go to the Navigator, Applications, and the Application and would grant the user access to the Application to the portlet I want to add. This works fine except you can't do for the Oracle built-in Favorites portlet. My question is how do I grant access to the Favorites portlet for a user. I'm sure it is something very easy that I'm missing.
Many Thanks,
Tom

Never mind this question, because I'm an idiot. I had a different page defaulting then I thought. Please disregard this question, and sorry for wasting the forum's space.

HTTP Error 405 - The HTTP verb used to access this page is not .....

Goodmorning,
I've installed BO XI R3 SP4 on a 2k3-server with IIS 6.0. I wanted to configurate the SSO. After changing the web.config file and restart of the IIS , I get the following error :
HTTP Error 405 - The HTTP verb used to access this page is not allowed.
Internet Information Services (IIS)
The frame where you normally are using for authentication has this error, the frame around is normal.
Hope someony can help, thx in advance

I can't fin a upload button , so the file in plain text gepasted
Hope it is readable :
#Software: Microsoft Internet Information Services 6.0
#Version: 1.0
#Date: 2012-02-29 12:19:21
#Fields: date time s-sitename s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status
2012-02-29 12:19:21 W3SVC1 10.13.0.119 GET /InfoViewApp/logon.aspx - 80 - 10.13.0.119 Mozilla/4.0(compatible;MSIE7.0;WindowsNT5.2;Trident/4.0;.NETCLR1.1.4322;.NETCLR2.0.50727;.NETCLR3.0.4506.2152;.NETCLR+3.5.30729) 200 0 0
2012-02-29 12:19:21 W3SVC1 10.13.0.119 GET /InfoViewApp/res/schema.blue/default.css.ashx - 80 - 10.13.0.119 Mozilla/4.0(compatible;MSIE7.0;WindowsNT5.2;Trident/4.0;.NETCLR1.1.4322;.NETCLR2.0.50727;.NETCLR3.0.4506.2152;.NETCLR+3.5.30729) 200 0 0
2012-02-29 12:19:21 W3SVC1 10.13.0.119 GET /InfoViewApp/js/utils.js.ashx - 80 - 10.13.0.119 Mozilla/4.0(compatible;MSIE7.0;WindowsNT5.2;Trident/4.0;.NETCLR1.1.4322;.NETCLR2.0.50727;.NETCLR3.0.4506.2152;.NETCLR+3.5.30729) 200 0 0
2012-02-29 12:19:21 W3SVC1 10.13.0.119 GET /InfoViewApp/js/helpSystem.js.ashx - 80 - 10.13.0.119 Mozilla/4.0(compatible;MSIE7.0;WindowsNT5.2;Trident/4.0;.NETCLR1.1.4322;.NETCLR2.0.50727;.NETCLR3.0.4506.2152;.NETCLR+3.5.30729) 200 0 0
2012-02-29 12:19:21 W3SVC1 10.13.0.119 GET /InfoViewApp/common/appService.aspx service=skinning&resource=img&img=img.banner.logon.pattern 80 - 10.13.0.119 Mozilla/4.0(compatible;MSIE7.0;WindowsNT5.2;Trident/4.0;.NETCLR1.1.4322;.NETCLR2.0.50727;.NETCLR3.0.4506.2152;.NETCLR+3.5.30729) 200 0 0
2012-02-29 12:19:21 W3SVC1 10.13.0.119 GET /InfoViewApp/listing/blank.aspx - 80 - 10.13.0.119 Mozilla/4.0(compatible;MSIE7.0;WindowsNT5.2;Trident/4.0;.NETCLR1.1.4322;.NETCLR2.0.50727;.NETCLR3.0.4506.2152;.NETCLR+3.5.30729) 200 0 0
2012-02-29 12:19:21 W3SVC1 10.13.0.119 GET /InfoViewApp/common/appService.aspx service=skinning&resource=img&img=img.banner.logo 80 - 10.13.0.119 Mozilla/4.0(compatible;MSIE7.0;WindowsNT5.2;Trident/4.0;.NETCLR1.1.4322;.NETCLR2.0.50727;.NETCLR3.0.4506.2152;.NETCLR+3.5.30729) 200 0 0
2012-02-29 12:19:21 W3SVC1 10.13.0.119 GET /InfoViewApp/logon/logon.aspx parameter=logonService 80 - 10.13.0.119 Mozilla/4.0(compatible;MSIE7.0;WindowsNT5.2;Trident/4.0;.NETCLR1.1.4322;.NETCLR2.0.50727;.NETCLR3.0.4506.2152;.NETCLR+3.5.30729) 200 0 0
2012-02-29 12:19:21 W3SVC1 10.13.0.119 POST /PlatformServices/Shared/Logon/Logon.aspx - 80 - 10.13.0.119 Mozilla/4.0(compatible;MSIE7.0;WindowsNT5.2;Trident/4.0;.NETCLR1.1.4322;.NETCLR2.0.50727;.NETCLR3.0.4506.2152;.NETCLR+3.5.30729) 405 0 1
2012-02-29 12:32:05 W3SVC1 127.0.0.1 GET /InfoViewApp/logon.aspx - 80 - 127.0.0.1 Mozilla/4.0(compatible;MSIE8.0;WindowsNT5.2;Trident/4.0;.NETCLR1.1.4322;.NETCLR2.0.50727;.NETCLR3.0.4506.2152;.NETCLR+3.5.30729) 200 0 0
2012-02-29 12:32:05 W3SVC1 127.0.0.1 GET /InfoViewApp/res/schema.blue/default.css.ashx - 80 - 127.0.0.1 Mozilla/4.0(compatible;MSIE8.0;WindowsNT5.2;Trident/4.0;.NETCLR1.1.4322;.NETCLR2.0.50727;.NETCLR3.0.4506.2152;.NETCLR+3.5.30729) 200 0 0
2012-02-29 12:32:05 W3SVC1 127.0.0.1 GET /InfoViewApp/js/utils.js.ashx - 80 - 127.0.0.1 Mozilla/4.0(compatible;MSIE8.0;WindowsNT5.2;Trident/4.0;.NETCLR1.1.4322;.NETCLR2.0.50727;.NETCLR3.0.4506.2152;.NETCLR+3.5.30729) 200 0 0
2012-02-29 12:32:05 W3SVC1 127.0.0.1 GET /InfoViewApp/js/helpSystem.js.ashx - 80 - 127.0.0.1 Mozilla/4.0(compatible;MSIE8.0;WindowsNT5.2;Trident/4.0;.NETCLR1.1.4322;.NETCLR2.0.50727;.NETCLR3.0.4506.2152;.NETCLR+3.5.30729) 200 0 0
2012-02-29 12:32:05 W3SVC1 127.0.0.1 GET /InfoViewApp/listing/blank.aspx - 80 - 127.0.0.1 Mozilla/4.0(compatible;MSIE8.0;WindowsNT5.2;Trident/4.0;.NETCLR1.1.4322;.NETCLR2.0.50727;.NETCLR3.0.4506.2152;.NETCLR+3.5.30729) 200 0 0
2012-02-29 12:32:05 W3SVC1 127.0.0.1 GET /InfoViewApp/common/appService.aspx service=skinning&resource=img&img=img.banner.logon.pattern 80 - 127.0.0.1 Mozilla/4.0(compatible;MSIE8.0;WindowsNT5.2;Trident/4.0;.NETCLR1.1.4322;.NETCLR2.0.50727;.NETCLR3.0.4506.2152;.NETCLR+3.5.30729) 200 0 0
2012-02-29 12:32:05 W3SVC1 127.0.0.1 GET /InfoViewApp/common/appService.aspx service=skinning&resource=img&img=img.banner.logo 80 - 127.0.0.1 Mozilla/4.0(compatible;MSIE8.0;WindowsNT5.2;Trident/4.0;.NETCLR1.1.4322;.NETCLR2.0.50727;.NETCLR3.0.4506.2152;.NETCLR+3.5.30729) 200 0 0
2012-02-29 12:32:05 W3SVC1 127.0.0.1 GET /InfoViewApp/logon/logon.aspx parameter=logonService 80 - 127.0.0.1 Mozilla/4.0(compatible;MSIE8.0;WindowsNT5.2;Trident/4.0;.NETCLR1.1.4322;.NETCLR2.0.50727;.NETCLR3.0.4506.2152;.NETCLR+3.5.30729) 200 0 0
2012-02-29 12:32:05 W3SVC1 127.0.0.1 POST /PlatformServices/Shared/Logon/Logon.aspx - 80 - 127.0.0.1 Mozilla/4.0(compatible;MSIE8.0;WindowsNT5.2;Trident/4.0;.NETCLR1.1.4322;.NETCLR2.0.50727;.NETCLR3.0.4506.2152;.NETCLR+3.5.30729) 405 0 1
2012-02-29 12:33:17 W3SVC1 10.13.0.119 OPTIONS /c$ - 80 - 10.13.8.13 Microsoft-WebDAV-MiniRedir/6.1.7601 200 0 0
2012-02-29 12:33:17 W3SVC1 10.13.0.119 PROPFIND /c$ - 80 - 10.13.8.13 Microsoft-WebDAV-MiniRedir/6.1.7601 501 0 0
2012-02-29 12:33:17 W3SVC1 10.13.0.119 PROPFIND /c$ - 80 - 10.13.8.13 Microsoft-WebDAV-MiniRedir/6.1.7601 501 0 0
2012-02-29 12:33:17 W3SVC1 10.13.0.119 PROPFIND /c$ - 80 - 10.13.8.13 Microsoft-WebDAV-MiniRedir/6.1.7601 501 0 0
2012-02-29 12:33:17 W3SVC1 10.13.0.119 PROPFIND /c$ - 80 - 10.13.8.13 Microsoft-WebDAV-MiniRedir/6.1.7601 501 0 0
Thx in advance for your reply

Sql server grants access to specific login to database.

i have created website for intranet and hosted it on server. for that i needed to create login "IIS APPPOOL\hi" in sql server 2008 for my application
to access my "reportdb" database. "IIS APPPOOL\hi" has sysadmin and public server roles in sql server 2008. And i have default login"sa" same
as "IIS APPPOOL\hi". these are working correctly. Now I want these two logins to access"reportdb" for all
operations in database and remaining all logins should be denied to access"reportdb". My Sql Server 2008 is having mixed mode (windows authentication and Sql authentication). plz help me

I think what Tauseef is requesting is to keep access for the 2 sysadmins & deny access to everyone else, correct?
As Uri mentioned, by being part of sysadmin role, “IIS APPPOOL\hi” & “sa” would have access to everything in the server, and nobody else should have access to the DB unless explicitly being granted access.
If you would really deny anyone else access to the database, you can potentially deny connect to public, and only sysadmins (who override permissions) would be able to connect; although I would strongly recommend against such practice.
Something else I would like to recommend against is the usage of sysadmin for what may not be a DBA role (IIS appPool). Following the least-privilege principle, I would recommend having a non-administrator user for applications that has enough capabilities
to perform the tasks needed.
The main risk is that a SQL injection (SQLi) bug in your application would lead to a complete compromise of your SQL server.
If there are app tasks that would require elevated permissions, I would recommend encapsulating the logic in a stored procedure and either use impersonation or digital signatures to accomplish a controlled elevation of privileges instead. If you have any
question on this topic I will be glad to assist.
I hope this information helps,
-Raul Garcia
SQL Server Security
This posting is provided "AS IS" with no warranties, and confers no rights.

"One or more field types are not installed properly. Go to the list settings page to delete these fields" while accessing website pages

We have a publishing website in SharePoint 2010. There are total 4 environments - Development, Test, Stage and Production. For some enhancements, we had to create some new lists and libraries. When we moved changes from Development to Test environment, everything
worked fine. Relevant lists and libraries in lower environments were saved as templates (in .stp format) including content, imported to higher environment, lists/libraries were created in higher environment using imported templates.
Things worked fine from Development to Test. We did similar exercise from Test to Stage environment. Now in Stage, when we access some pages, we get error message - "One or more field types are not installed
properly. Go to the list settings page to delete these fields.". ULS logs don't tell which exact list has got problems.
On searching for this error, I got many articles that explain how this could happen when we migrate from SharePoint 2007 (MOSS) to 2010. Though our case different (as all our environments are in 2010), we still tried following steps.
De-activate 'SharePoint Server Publishing Infrastructure' Site Collection feature
Go to https://site-name/relationships%20list/allitems.aspx. This is a hidden list. Delete this list.
Re-activate 'SharePoint Server Publishing Infrastructure' Site Collection feature.
Make sure that new hidden list with one item is created at https://site-name/relationships%20list/allitems.aspx
However, this didn't help as we are still getting same error message. Appreciate if someone can suggest how this issue can be resolved.
Following are ULS logs:
Unable to execute query: Error 0x81020014
One or more field types are not installed properly. Go to the list settings page to delete these fields.
System.Runtime.InteropServices.COMException: One or more field types are not installed properly. Go to the list settings page to delete these fields.
at Microsoft.SharePoint.Library.SPRequestInternalClass.GetListItemDataWithCallback2(IListItemSqlClient pSqlClient, String bstrUrl, String bstrListName, String bstrViewName, String bstrViewXml, SAFEARRAYFLAGS fSafeArrayFlags, ISP2DSafeArrayWriter pSACallback,
ISPDataCallback pPagingCallback, ISPDataCallback pPagingPrevCallback, ISPDataCallback pFilterLinkCallback, ISPDataCallback pSchemaCallback, ISPDataCallback pRowCountCallback, Boolean& pbMaximalView)
at Microsoft.SharePoint.Library.SPRequest.GetListItemDataWithCallback2(IListItemSqlClient pSqlClient, String bstrUrl, String bstrListName, String bstrViewName, String bstrViewXml, SAFEARRAYFLAGS fSafeArrayFlags, ISP2DSafeArrayWriter pSACallback, ISPDataCallback
pPagingCallback, ISPDataCallback pPagingPrevCallback, ISPDataCallback pFilterLinkCallback, ISPDataCallback pSchemaCallback, ISPDataCallback pRowCountCallback, Boolean& pbMaximalView)
Thanks!

Hi Shrishail ,
Some time this issue occurs if you have any custom filed types in the list or library and that field type is not installed on server .
Can you please check that if you are having any custom field types column on the list and library and if that is the case you need to install that field type on the server. sometimes it happens if field types are not properly deployed / Installed then
you have to uninstall that field types (retract solution) and deploy it again.
Thanks,
Ujjwal

Is it possible to access the page setup for the printer from a program unit

Hi guys,
I've done a report and i need to print it with a specified superior margin. This is not the margin that we set in the report edit margin button, this is already set, the problem is the pre-defined margin located in the page setup dialog box.
My question is, is there a way (api, etc...) inside the report in which i can access this page setup and configure that margin with the values that i want, programaticaly (runtime)?
Thanks.

Sorry, the following is the runable one.
package view;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import oracle.adf.controller.struts.actions.DataAction;
import oracle.adf.controller.struts.actions.DataActionContext;
import oracle.cabo.servlet.BajaContext;
import oracle.cabo.servlet.BaseBajaContext;
import oracle.cabo.servlet.Page;
import oracle.cabo.servlet.PageBroker;
import oracle.cabo.servlet.event.PageEvent;
public class DataAction2Action extends DataAction {
protected void processComponentEvents(DataActionContext actionContext)
throws IOException, ServletException {
HttpServletRequest request = actionContext.getHttpServletRequest();
String eventName = request.getParameter("event");
if ("test".equals(eventName))
PageBroker broker = (PageBroker)
this.getServlet().getServletContext().getAttribute("oracle.cabo.servlet.PageBroker");
BajaContext bajacontext = new BaseBajaContext(this.getServlet(),
broker,
actionContext.getHttpServletRequest(),
actionContext.getHttpServletResponse());
Page page = bajacontext.getPageDecoder().decodeRequestedPage();
PageEvent pageevent = bajacontext.getPageDecoder().decodeRequestedPageEvent();
super.processComponentEvents(actionContext);
}

Update to IOS 6 has been a nightmare. Facebook would allow me to save pictures unless I granted access to my foto album. Does this mean my pictures are going be planted all over the web? The safari keeps crashing and loading is slow.

update to IOS 6 has been a nightmare. Facebook would allow me to save pictures unless I granted access to my foto album. Does this mean my pictures are going be planted all over the web? The safari keeps crashing and loading is slow. Most infuriating is that YouTube was deleted from my entertainment apps and I now have to pay for it if I want it back!! This is a bloody disgrace.

Back up all data.
Boot into Recovery by holding down the key combination command-R at the startup chime. Release the keys when you see a gray screen with a spinning dial.
Note: You need an always-on Ethernet or Wi-Fi connection to the Internet to use Recovery. It won’t work with USB or PPPoE modems, or with proxy servers, or with networks that require a certificate for authentication.
When the OS X Utilities screen appears, follow the prompts to reinstall the OS. You don't need to erase the boot volume, and you won't need your backup unless something goes wrong. If your Mac was upgraded from an older version of OS X, you’ll need the Apple ID and password you used to upgrade, so make a note of those before you begin.

How to access a page from another website in to the portlet

Hai,
I need this specific requirement. In a portlet that is written in jsp, i need to access another page which is running in another server.I will explain what is my requirement clearly.. In a portlet, i have to acess a page from another site, and i have to pass a parameter directly. If i use URL-Based Portlet with passing parameters, It ask the user to enter the parameter and submit the page.. But what my need is, i have to pass the parameter directly. what i am planning is in a new tab, i will add a portlet, where i need to access the another website page..when the user opens that tab, it directly shows that website..... How do i proceed...
Can anybody help me.. Its URGENT....
If possible send me the code..
my mail id: [email protected]
Thanks in advance
damodar

Damodar,
To include an existing JSP page as a portlet have a look in the PDK section http://portalcenter.oracle.com there is lots useful information. The two things you might find most relevant is a paper on creating java portlets. This paper has a section on turning an existing JSP page into a portlet
http://portalstudio.oracle.com/pls/ops/docs/FOLDER/COMMUNITY/PDK/ARTICLES/HOW.TO.BUILD.A.JAVA.PORTLET.USING.PDK.JAVA.V2.HTML
and to pass parameters and events
http://portalstudio.oracle.com/pls/ops/docs/FOLDER/COMMUNITY/PDK/ARTICLES/OVERVIEW.PARAMETERS.EVENTS.HTML
Hope this helps,
Candace

How to delete i.e. clear the pending access requests list from Access request page in SharePoint 2013

Hi Team,
I am site collection admin of a SP13 site. The issue is we have added some of the users manually after we got requests from them for site access. But this has left those users as pending on Access requests page. We don't want that list to stack up.
I can not decline those requests as those users will be notified with declined mail. I searched for clearing the list of those pending requests but did't find any guidelines for this.
Is there any way I can do this. Any help is appreciated thanks in advance

You might consider using PowerShell to remove unwanted items from the "Access Requests" list of the web site. This list holds all of the access requests including pending, declined and approved. The following example demonstrates removing
the first item from the list. Please note, I'm not aware whether or not there are any negative side effects to removing items from this list so doing so would be at your own risk.
$web = get-spweb https://yoursharepointsite
$list = $web.lists["Access Requests"]
$list.items[0].delete()

Error while creating Project Change Control - You are trying to access a page that is no longer active.

Hi there
We are on Release 12.2.4 (on Linux x86-64) and getting the following error while assigning the Agreement to a Change Control's Action Item. As a result of this we are unable to proceed ahead with completing the Project Change Control process.
Any help will be greatly appreciated.
Steps to reproduce
Navigation - Project SU Vision Services Responsibility > Project > Control > Change Orders
1. Create a new Change Order > Create a new Action > Impact > Check Financial Impact checkbox
2. Under the 'Agreement Information' choose the Funding Agreement. Following error is thrown:
You are trying to access a page that is no longer active.
- The referring page may have come from a previous session. Please select Home to proceed.
3. I tried clearing the cache, bounced Apache, and even restarted the entire Application Tier. The error doesn't go away.
Regards
Kabeer Khan

Hi there
We are on Release 12.2.4 (on Linux x86-64) and getting the following error while assigning the Agreement to a Change Control's Action Item. As a result of this we are unable to proceed ahead with completing the Project Change Control process.
Any help will be greatly appreciated.
Steps to reproduce
Navigation - Project SU Vision Services Responsibility > Project > Control > Change Orders
1. Create a new Change Order > Create a new Action > Impact > Check Financial Impact checkbox
2. Under the 'Agreement Information' choose the Funding Agreement. Following error is thrown:
You are trying to access a page that is no longer active.
- The referring page may have come from a previous session. Please select Home to proceed.
3. I tried clearing the cache, bounced Apache, and even restarted the entire Application Tier. The error doesn't go away.
Regards
Kabeer Khan

Grant access to page programmatically

Similar Messages

Maybe you are looking for