GRC 10 Add on installation -Access control node missing in IMG SPRO
Dear Experts
We have got GRC 10 addon install on our server by basis team and i can verify that by going to saint t code but when i am going to SPRO i cannot see aplication by name GRC .Where as i can see GRC Process control and GRC risk management , GRC access control is missing , following are the attached files. quick response will be appreciated. thanks in advance.
Hi Luciana.,
Thanks for your great explanation and you have answered my query all the way Thanks once again.
But one more query please
Regarding below,
"The GRCPIERP is an addon basically for your system that has SAP HR installed, so you can integrate HR into GRC, to get requests for new hires, termination, etc."
Does this means if I have no need of HR trigger/my plugin systems is not HR system then GRCPIERP is not at all required for ARQ, EAM, ARA and BRM for even single functionality?
BR,
Mangesh
Similar Messages
-
Can't Add To Access Control List Airport Express
We have both Airport Extreme (2) and Express Base Stations (3) to create a wireless network. On the Extremes I can click the Add button in Access Control in the Airport Admin Utility to add people to the list. On all the Express Base Staions I can edit or delete entries already on the list but can't add any new ones. I can export an Access Control List but not import one. The button is greyed out only the button works. I could add to the lists in the past and I'm not sure when it stopped working. The network structure and settings have not changed. Has anyone heard of this problem?
Aiport Express Mac OS X (10.4.8)WDS is used on two Express units to relay the signal from the main base station but not on third one which is connected directly to the network via ethernet.
On the internet connected Express the Airport Network setting is:
Wireless Mode: Create a Wireless Network (Home Router)
All base stations have the same name to allow roaming.
Internet is connected using Ethernet. -
GRC10 Access Controls - User Provisioning
Hello All,
While creating Access request form NWBC getting below mentioned error :-
- Item '0001' resulted to 'Initiator_Final'; cannot resolve path; check routing mapping
- Request submit failed; error in MSMP submit method
Version is already generated successfully ,without any errors and warnings
Thanks,
JagatHello Luis,
I am also facing similar issue and when i check SLG1 for object GRFN , i see the following errors
Error 1 :
Object Txt : GRC
Sub-Object Txt : Access control
Error :
Config Error,Function Module is not maintained for Plug-in
Error 2 :
Object Txt : GRC
Sub-Object Txt : MultiStage Multi Path
Error :
Submission failure of request 900000031/ACCREQ/001635B0E5821ED181BEFC3542741962 - Process ID SAP_GRAC_ACCESS_REQUEST
Item '0001' resulted to 'Z_WF_TriggerVal'; cannot resolve path; check routing mapping
We checked the routing mapping and it seems to be fine.
Is there anything that needs to be configured in SPRO (looking at error1 ) ??
Regards,
Victor -
Nodes in Personal Management (SPRO)
Hi Team ,
I am trying to access the nodes in the IMG but am unable to see the nodes
i have tried using the transaction SFW5 however all the options are in the ON status
but am unable to finthe nodes in the IMG
personal management -
> Employee self service -
> service specific settings -
> Own Data
please help with the issue
Thanks & Regards
MadhuHi Madhu,
Ask your security guy to give you proper authorisation. Test the same with SAP_ALL.
You will get all the nodes.
Reagrds, -
GRC Access Control 5.3 installation
Hello all,
I'm planning the installation of SAP GRC Access Control 5.3 and have a few questions. In the software download section of SAP Service Marketplace, the most recent installation files are for Virsa 5.2. Under SAP GRC Access Control, there are no installation files that I can see. (I tried several different OSS IDs including partner ID, so I do not think it is a licensing issue) Could someone please confirm that the Virsa 5.2 files represent GRC Access control 5.3?
One reason for this question is that in Solution Manager, under Business Blueprint (SOLAR01), SAP GRC Access Control 5.3 is displayed as the default selection for Internal Controls. Is SAP planning to release installation files in the near future for SAP GRC Access Control 5.3? If so, when?
Thanks in advance,
Glen Hoaglund
Capgemini Basis Consultant
Edited by: Glen Hoaglund on Jun 3, 2008 3:13 PMJohn & Glen-
Right now Compliance Calibrator 5.3, now Risk Analysis and Remediation, which is part of Access Control 5.3 is currently in Ramp Up, and will be available in October 2008.
You can download the User manuals for 5.3 from SAP Marketplace. That will give you an idea of what functionalities 5.3 has and how it is structured.
From my observation of 5.3, and having implemented 5.2 for some clients, 5.3 does have some functionalities which are missing in 5.2. But for setup and sizing, it is always recommended that you allocate GRC on its own server with a lot of space. The applications are very memory-intensive.
I believe FireFighter, or Superuser Privileged Access in 5.3, will still reside in the ABAP stack, with the reporting done on both ABAP and Java stacks. The bulk of the functionality of 5.3 is the same as 5.2.
Let me know if you have any questions...
Ankur
GRC Consultant -
Add Fields in CUP Request - SAP GRC Access Control 5.3
Dear Friends,
I am wondering on how to add fields value in CUP (Compliant User Provisioning) SAP GRC AC 5.3.
Currently i'm leading 9 SAP Security Coordinators in Indonesia and i want to create Performance Metrics on how long the CUP Requests is processed. It needs to enhance the CUP by adding value Delegation of Authority and the record no. of the DOA requests.
Really appreciate your inputs on how to add fields value in CUP.
Thank you so much
-Mesti-
Edited by: AnnisaPramesti on Jan 2, 2012 5:37 PMHi.
Check under http://service.sap.com/instguides
SAP BusinessObjects -> SAP BusinessObjects Governance, Risk, Compliance (GRC) -> Access Control -> SAP GRC Access Control 5.3
Cheers,
Diego. -
Installation SAP IDM 7.1/SAP GRC Access Control 5.3
Hello,
I can install Access Control products with Solution Manager, Enterprise Portal... But it is possible to install Access Controll 5.3 and IDM 7.1 on the same server?
Thanks and best Regards
AlexanderHi Alexander,
SAP IDM 7.1 is still in the ramp up state. as per the product availability matrix [pam|https://websmp104.sap-ag.de/~form/handler?_APP=00200682500000001303&_EVENT=DISP_NEW&00200682500000002804=01200314690900001014] , I am not yet sure if SAP IDM is available for 64 bit servers.
SAP GRC AC 5.3 should be installed on as java netweaver
server after properly sizing. If your hardware can support sizing for both GRC AC 5.3 and SAP IDM 7.1 , then you can install both on them. usually netweaver 7.0 sp12 will be in 64 bit system.
You can get GRC AC 5.3 sizing information from [link|http://service.sap.com/~form/sapnet?_SHORTKEY=00200797470000071612&_SCENARIO=01100035870000000112&_OBJECT=011000358700000435122007E] -
Install GRC Access Control 5.3 on Java only?
Hello,
we want to install SAP GRC Access Control 5.3 on a stand alone system. We tried to figure out, if it's possible to install it on a NW 07 Java stack only or if it's necessary to make a add-in installation with Abap and Java.
For the backends and the RTA we need Abap, but also for the GRC itself?
Thanks in Advance
IngmarI just found something useful..
https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/408bd039-d9c1-2a10-0fab-a92b97c7cd25
https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/a07b4cc8-1a57-2b10-1798-d2fec068473a -
Netweaver 7.30 does it support GRC 10.0 ACCESS CONTROL
Does anyone know if GRC 10.0 access control runs on Netweaver 7.30
where do you get Netweaver 7.20
I see the trial version. I need this for sql 2008 not trial
Any help is appreciated.
Thanks
JoeHi,
As per Note 1490996, you would need Netweaver 7.0 Enhancement Package 2 (7.02) as base for installing the GRC add-on. NW 730 does not seem to be supported.
Check the service market place(http://service.sap.com/swdc) for Netweaver 7.02 and not 720.
Regards,
Srikishan -
NWBC no option "Access Control" - can't start working with GRC 10.0
I have installed GRC AC 10.0 and have followed the post-installation documentation. All seems to be fine so far.
But when I run NWBC, I do not get the Icon/Option "Access Control".
What can go wrong? My user has sap_all and sap_grac_all, so it shouldn't be the access rights...what else can I check?I have installed GRC AC 10.0 and have followed the post-installation documentation. All seems to be fine so far.
But when I run transaction NWBC, the web-browser (Iexplorer) opens the HTML-NWBC, but I do not get the Icon/Option "Access Management". I see this option however on the screenshots of the documentation. And it seems to be the only way to work with the application - or can I work directly within SAP-GUI ?
I see however the Icons "Office", "Cross-Application Components", "Accounting", "Information Systems", "Tools" and I can well drill down into the submenus and use the fonctionality.
What can go wrong? My user has sap_all and sap_grac_all assigned, so it shouldn't be the access rights...what else can I check? any ideas are welcome... - thanks in advance... -
GRC Access Control 5.3 Organizational Levels - logical AND - OR changed
Hello GRC Community,
We are working with Access Control 5.3 SP 12 and we are setting up organization levels for the risk analysis.
The setup is loaded with a flat file, and the configurations seems to be loaded in the right way.
Doing the configuration on the RAR portal, openning the tab "rule architect" then "organization rules" and "create", we have this information:
Organization Rule: Z001
Description: TEST
Risk Organization Level from to search type Status
F001* BUKRS PRE0 AND Enabled
F001* EKORG PR00 OR Enabled
F001* EKORG PR01 OR Enabled
F001* EKORG RP00 AND Enabled
F001* VKORG RP00 OR Enabled
F001* VKORG RP01 OR Enabled
F001* VKORG RP02 AND Enabled
F001* WERKS SV00 OR Enabled
F001* WERKS VS00 OR Enabled
Finally save button.
When we want to edit an organization rule or add new one with the screen of organization rules, after saving we have the next result when load the rule again:
In the case of the same organization rule (Z001), the RAR returns this info:
Organization Rule: Z001
Description: TEST
Risk Organization Level from to search type Status
F001* BUKRS PRE0 AND Enabled
F001* EKORG PR00 OR Enabled
F001* EKORG PR01 OR Enabled
F001* EKORG RP00 OR Enabled
F001* VKORG RP00 OR Enabled
F001* VKORG RP01 OR Enabled
F001* VKORG RP02 OR Enabled
F001* WERKS SV00 OR Enabled
F001* WERKS VS00 OR Enabled
So the RAR has changed the logical AND for OR.
Why is it happening? This effect doesnt happen if i made an upload from a ftlat file of organizational rules.
We already tryed this symptom doing the same exercise with RAR SP 14 with the same issue.
Thanks in advance for all your comments
Regards,
Alejandro
Edited by: Alejandro Acuña Acosta on Jun 3, 2011 8:53 AMHi,
>
> 1. The Addons HR and NonHR are installed on the erp?
>
Yes.
> 2. The GRC could be an stand alone java server?
>
It should be on separate server.
> 3. The Spro config for process control is configured on the ERP or the grc server?
>
ERP server.
Thanks
Sunny -
We have a problem when execute the next steps in GRC Access Control 10.0
SPRO-->Governance, Risk and Compliance>Access Control--> Access Risk Analysis--> Batch RisK Analysis
We applied the next note, but problem is the same.
1563583 - SYSTEM_NO_TASK_STORAGE dump on AIX
Category
ABAP Programming Error
Runtime Errors
ASSERTION_FAILED
ABAP Program
CL_GRRM_DASHBOARD_MENU_AUTH===CP
Application Component GRC-RM
Date and Time
13.03.2013 11:50:04
|Short text
|
|
The ASSERT condition was violated.
|
|What happened?
|
|
In the running application program, the ASSERT statement recognized a
|
|
situation that should not have occurred.
|
|
The runtime error was triggered for one of these reasons:
|
|
- For the checkpoint group specified with the ASSERT statement, the
|
|
activation mode is set to "abort".
|
|
- Via a system variant, the activation mode is globally set to "abort"
|
|
for checkpoint groups in this system.
|
|
- The activation mode is set to "abort" on program level.
|
|
- The ASSERT statement is not assigned to any checkpoint group.
|
|What can you do?
|
|
Note down which actions and inputs caused the error.
|
|
|
|
|
|
To process the problem further, contact you SAP system
|
|
administrator.
|
|
|
|
Using Transaction ST22 for ABAP Dump Analysis, you can look
|
|
at and manage termination messages, and you can also
|
|
keep them for a long time.
|
|Error analysis
|
|
The following checkpoint group was used: "No checkpoint group specified"
|
|
|
|
If in the ASSERT statement the addition FIELDS was used, you can find
|
|
the content of the first 8 specified fields in the following overview:
|
|
" (not used) "
|
|
" (not used) "
|
|
" (not used) "
|
|
" (not used) "
|
|
" (not used) "
|
|
" (not used) "
|
|
" (not used) "
|
|
" (not used) "
|
|How to correct the error
|
|
Probably the only way to eliminate the error is to correct the program.
|
|
|
|
|
|
If the error occures in a non-modified SAP program, you may be able to
|
|
find an interim solution in an SAP Note.
|
|
If you have access to SAP Notes, carry out a search with the following
|
|
keywords:
|
|
|
|
"ASSERTION_FAILED" " "
|
|
"CL_GRRM_DASHBOARD_MENU_AUTH===CP" or "CL_GRRM_DASHBOARD_MENU_AUTH===CM001"
|
|
"IF_GRFN_MENU_ITEM_AUTH~IS_AUTHORIZED"
|
|
|
|
If you cannot solve the problem yourself and want to send an error
|
|
notification to SAP, include the following information:
|
|
|
|
1. The description of the current problem (short dump)
|
|
|
|
To save the description, choose "System->List->Save->Local File
|
|
(Unconverted)".
|
|
|
|
2. Corresponding system log
|
|
|
|
Display the system log by calling transaction SM21.
|
|
Restrict the time interval to 10 minutes before and five minutes
|
|
after the short dump. Then choose "System->List->Save->Local File
|
|
(Unconverted)".
|
|
|
|
3. If the problem occurs in a problem of your own or a modified SAP
|
|
program: The source code of the program
|
|
In the editor, choose "Utilities->More
|
|
Utilities->Upload/Download->Download".
|
|
|
|
4. Details about the conditions under which the error occurred or which
|
|
actions and input led to the error.
|
|
|
|
|
|System environment
|
|
SAP Release..... 702
|
|
SAP Basis Level. 0012
|
|
|
|
Application server... "KIO13701"
|
|
Network address...... "172.20.1.137"
|
|
Operating system..... "AIX"
|
|
Release.............. "7.1"
|
|
Hardware type........ "00F6C78E4C00"
|
|
Character length.... 16 Bits
|
|
Pointer length....... 64 Bits
|
|
Work process number.. 10
|
|
Shortdump setting.... "full"
|
|
|
|
Database server... "KIO13701"
|
|
Database type..... "DB6"
|
|
Database name..... "DGR"
|
|
Database user ID.. "SAPDGR"
|
|
|
|
Terminal.......... "192.168.0.5"
|
|
|
|
Char.set.... "C"
|
|
|
|
SAP kernel....... 720
|
|
created (date)... "Jul 8 2012 19:43:01"
|
|
create on........ "AIX 2 5 00092901D600"
|
|
Database version. "DB6_81 "
|
|
|
|
Patch level. 300
|
|
Patch text.. " "
|
|
|
|
Database............. "DB6 08.02.*, DB6 09.*, DB6 10.*"
|
|
SAP database version. 720
|
|
Operating system..... "AIX 2 5, AIX 3 5, AIX 1 6, AIX 1 7"
|
|
|
|
Memory consumption
|
|
Roll.... 0
|
|
EM...... 8379584
|
|
Heap.... 0
|
|
Page.... 16384
|
|
MM Used. 6205712
|
|
MM Free. 2170976
|
|User and Transaction
|
|
Client.............. 100
|
|
User................ "LVELASCO"
|
|
Language key........ "E"
|
|
Transaction......... " "
|
|
Transaction ID...... "51400164B1F00C40E1008000AC140189"
|
|
|
|
EPP Whole Context ID.... "5140015EB1F00C40E1008000AC140189"
|
|
EPP Connection ID....... "5140F9B0B19C1150E1008000AC140189"
|
|
EPP Caller Counter...... 1
|
|
|
|
Program............. "CL_GRRM_DASHBOARD_MENU_AUTH===CP"
|
|
Screen.............. "SAPMHTTP 0010"
|
|
Screen Line......... 2
|
|
Debugger Active..... "none"
|
|Server-Side Connection Information
|
|
Information on Caller of "HTTPS" Connection:
|
|
Plug-in Type.......... "HTTPS"
|
|
Caller IP............. "192.168.0.5"
|
|
Caller Port........... 44300
|
|
Universal Resource ID. "/sap/bc/webdynpro/sap/grfn_service_map"
|
|
|
|
Program............. "CL_GRRM_DASHBOARD_MENU_AUTH===CP"
|
|
Screen.............. "SAPMHTTP 0010"
|
|
Screen Line......... 2
|
|
|
|
Information on Caller ofr "HTTPS" Connection:
|
|
Plug-in Type.......... "HTTPS"
|
|
Caller IP............. "192.168.0.5"
|
|
Caller Port........... 44300
|
|
Universal Resource Id. "/sap/bc/webdynpro/sap/grfn_service_map"
|
|Information on where terminated
|
|
Termination occurred in the ABAP program "CL_GRRM_DASHBOARD_MENU_AUTH===CP" -
|
|
in "IF_GRFN_MENU_ITEM_AUTH~IS_AUTHORIZED".
|
|
The main program was "SAPMHTTP ".
|
|
|
|
In the source code you have the termination point in line 59
|
|
of the (Include) program "CL_GRRM_DASHBOARD_MENU_AUTH===CM001".
|
|Source Code Extract (Source code has changed)
|
|Line |SourceCde
|
| 29|
lv_dashboard = lv_value.
|
| 30|
|
| 31|
TRANSLATE lv_dashboard TO UPPER CASE.
|
| 32|
|
| 33|
CASE lv_dashboard.
|
| 34|
WHEN 'HEATMAP'.
|
| 35|
lv_report = 'GRRM_HEATMAP'.
|
| 36|
|
| 37|
WHEN 'LOSS_OVERVIEW' OR 'LOSS_STRUCTURE' OR 'OB_LOSS_OVERVIEW' OR 'OB_LOSS_STRUCTU|
| 38|
lv_report = 'GRRM_LOSS_ANALYSIS'.
|
| 39|
|
| 40|
WHEN 'OVERVIEW'.
|
| 41|
lv_report = 'GRRM_OVERVIEW'.
|
| 42|
|
| 43|
WHEN OTHERS.
|
| 44|
ASSERT 1 = 2.
|
| 45|
|
| 46|
ENDCASE.
|
| 47|
|
| 48|
EXIT.
|
| 49|
|
| 50|
ENDLOOP.
|
| 51|
|
| 52|
WHEN 'GRRM_LOSS_MATRIX' OR 'GRRM_LOSS_MATRIX_NEW'.
|
| 53|
lv_report = 'GRRM_LOSS_ANALYSIS'.
|
| 54|
|
| 55|
WHEN 'GRRM_HEATMAP_REPORT'.
|
| 56|
lv_report = 'GRRM_HEATMAP'.
|
| 57|
|
| 58|
WHEN OTHERS.
|
|>>>>>|
ASSERT 1 = 2.
|
| 60|
|
| 61| ENDCASE.
|
| 62|
|
| 63| TRY.
|
| 64|
lv_regulation_id = cl_grfn_api_regulation=>if_grfn_api_regulation~get_regulation_id( i|
| 65|
|
| 66|
ev_authorized = cl_grfn_util_rep_auth=>has_rep_auth(
|
| 67|
io_session
= io_session
|
| 68|
iv_regulation_id = lv_regulation_id
|
| 69|
iv_report
= lv_report
|
| 70|
iv_activity
= grfn0_c_activity-print
|
| 71|
|
| 72|
|
| 73|
CATCH cx_grfn_exception.
|
| 74|
ev_authorized = abap_false.
|
| 75|
|
| 76| ENDTRY.
|
| 77|
|
| 78|ENDMETHOD.
|
|Contents of system fields
|
|Name
|Val.
|
|SY-SUBRC|4
|
|SY-INDEX|2
|
|SY-TABIX|1
|
|SY-DBCNT|1
|
|SY-FDPOS|0
|
|SY-LSIND|0
|
|SY-PAGNO|0
|
|SY-LINNO|1
|
|SY-COLNO|1
|
|SY-PFKEY|
|
|SY-UCOMM|
|
|SY-TITLE|HTTP Control
|
|SY-MSGTY|
|
|SY-MSGID|
|
|SY-MSGNO|000
|
|SY-MSGV1|
|
|SY-MSGV2|
|
|SY-MSGV3|
|
|SY-MSGV4|
|
|SY-MODNO|0
|
|SY-DATUM|20130313
|
|SY-UZEIT|115004
|
|SY-XPROG|SAPCNVE
|
|SY-XFORM|CONVERSION_EXIT
|
|Active Calls/Events
|
|No. Ty.
Program
Include
Line |
|
Name
|
| 34 METHOD
CL_GRRM_DASHBOARD_MENU_AUTH===CP
CL_GRRM_DASHBOARD_MENU_AUTH===CM001
59 |
|
CL_GRRM_DASHBOARD_MENU_AUTH=>IF_GRFN_MENU_ITEM_AUTH~IS_AUTHORIZED
|
| 33 METHOD
CL_GRFN_API_MENU_ITEM_ELA=====CP
CL_GRFN_API_MENU_ITEM_ELA=====CM001 126 |
|
CL_GRFN_API_MENU_ITEM_ELA=>IF_GRFN_MENU_AUTH~ITEM_AUTH
|
| 32 METHOD
CL_GRFN_API_MENU==============CP
CL_GRFN_API_MENU==============CM003
34 |
|
CL_GRFN_API_MENU=>IF_GRFN_MENU_AUTH~ITEM_AUTH
|
| 31 METHOD
CL_GRFN_LAUNCHPAD_UIBB========CP
CL_GRFN_LAUNCHPAD_UIBB========CM006
60 |
|
CL_GRFN_LAUNCHPAD_UIBB=>IF_FPM_GUIBB_LAUNCHPAD~MODIFY
|
| 30 METHOD
CL_FPM_LAUNCHPAD_UIBB_ASSIST==CP
CL_FPM_LAUNCHPAD_UIBB_ASSIST==CM001
76 |
|
CL_FPM_LAUNCHPAD_UIBB_ASSIST=>INIT_FEEDER
|
| 29 METHOD
/1BCWDY/T2POSMRSKMLY9L6LJP5Z==CP
/1BCWDY/B_T2POSBAR6C8HPR0XTR4P
410 |
|
CL_COMPONENTCONTROLLER_CTR=>WDDOINIT
|
|
Web Dynpro Component
FPM_LAUNCHPAD_UIBB
|
|
Controller
COMPONENTCONTROLLER
|
| 28 METHOD
/1BCWDY/T2POSMRSKMLY9L6LJP5Z==CP
/1BCWDY/B_T2POSBAR6C8HPR0XTR4P
181 |
|
CLF_COMPONENTCONTROLLER_CTR=>IF_WDR_COMPONENT_DELEGATE~WD_DO_INIT
|
|
Web Dynpro Component
FPM_LAUNCHPAD_UIBB
|
|
Controller
COMPONENTCONTROLLER
|
| 27 METHOD
CL_WDR_DELEGATING_COMPONENT===CP
CL_WDR_DELEGATING_COMPONENT===CM004
9 |
|
CL_WDR_DELEGATING_COMPONENT=>DO_INIT
|
| 26 METHOD
CL_WDR_CONTROLLER=============CP
CL_WDR_CONTROLLER=============CM00V
3 |
|
CL_WDR_CONTROLLER=>INIT_CONTROLLER
|
| 25 METHOD
CL_WDR_COMPONENT==============CP
CL_WDR_COMPONENT==============CM019
24 |
|
CL_WDR_COMPONENT=>INIT_CONTROLLER
|
| 24 METHOD
CL_WDR_CONTROLLER=============CP
CL_WDR_CONTROLLER=============CM002
7 |
|
CL_WDR_CONTROLLER=>INIT
|
| 23 METHOD
CL_WDR_CLIENT_COMPONENT=======CP
CL_WDR_CLIENT_COMPONENT=======CM00E
24 |
|
CL_WDR_CLIENT_COMPONENT=>INIT
|
| 22 METHOD
CL_WDR_CLIENT_COMPONENT=======CP
CL_WDR_CLIENT_COMPONENT=======CM00A
42 |
|
CL_WDR_CLIENT_COMPONENT=>IF_WDR_COMPONENT_FACTORY~CREATE_COMPONENT
|
| 21 METHOD
CL_WDR_COMPONENT_USAGE========CP
CL_WDR_COMPONENT_USAGE========CM009
67 |
|
CL_WDR_COMPONENT_USAGE=>IF_WD_COMPONENT_USAGE~CREATE_COMPONENT
|
| 20 METHOD
CL_FPM_COMPONENT_MANAGER======CP
CL_FPM_COMPONENT_MANAGER======CM003
81 |
|
CL_FPM_COMPONENT_MANAGER=>ADD_COMPONENT
|
| 19 METHOD
CL_FPM_COMPONENT_MANAGER======CP
CL_FPM_COMPONENT_MANAGER======CM004
19 |
|
CL_FPM_COMPONENT_MANAGER=>ATTACH_COMPONENT_TO_USAGE
|
| 18 METHOD
CL_FPM========================CP
CL_FPM========================CM005
89 |
|
CL_FPM=>PROCESS_EVENT
|
| 17 METHOD
CL_FPM========================CP
CL_FPM========================CM00C
34 |
|
CL_FPM=>RUN_EVENT_LOOP
|
| 16 METHOD
CL_FPM========================CP
CL_FPM========================CM002
5 |
|
CL_FPM=>IF_FPM~RAISE_EVENT
|
| 15 METHOD
CL_FPM========================CP
CL_FPM========================CM003
11 |
|Hi Alberto,
The below Notes should resolve!
1428775
1744179
Hope this helps,
Luciana -
Issue while enabling Access Control for a Coherence server node
Hi
Im trying to enable access control for a Coherence server node, using the default Keystore login method shipped with Coherence. When i start the server i get the error "java.security.AccessControlException: Unsufficient rights to perform the operation". Please see below for the sequence of steps I've followed to enable access control. I just need to be enable Authentication (not authorization) at this stage
1. I have added the following entry in the Coherence Operational override file
<security-config>
<enabled system-property="tangosol.coherence.security">true</enabled>
<login-module-name>Coherence</login-module-name>
<access-controller>
<class-name>com.tangosol.net.security.DefaultController</class-name>
<init-params>
<init-param id="1">
<param-type>java.io.File</param-type>
<param-value>keystore.jks</param-value>
</init-param>
<init-param id="2">
<param-type>java.io.File</param-type>
<param-value>permissions.xml</param-value>
</init-param>
</init-params>
</access-controller>
<callback-handler>
<class-name>com.sun.security.auth.callback.TextCallbackHandler</class-name>
</callback-handler>
</security-config>
2. The following is the entry in the Permissions.xml
<?xml version='1.0'?>
<permissions>
<grant>
<principal>
<class>javax.security.auth.x500.X500Principal</class>
<name>CN=admin,OU=Coherence,O=Oracle,C=US</name>
</principal>
<permission>
<target>*</target>
<action>all</action>
</permission>
</grant>
</permissions>
3. The following is the content of the Login configuration file "Coherence_Login.conf"
Coherence {
com.tangosol.security.KeystoreLogin required
keyStorePath="keystore.jks";
4. The following is the command line tag for starting the server
java -server -showversion -Djava.security.auth.login.config=Coherence_Login.conf -Xms%memory% -Xmx%memory% -Dtangosol.coherence.cacheconfig=PROXY-cache-config.xml -Dtangosol.coherence.override=FOL-coherence-override.xml -Dcom.sun.management.jmxremote.port=6789 -Dcom.sun.management.jmxremote.authenticate=false -Dtangosol.coherence.security=true -cp "%coherence_home%\lib\coherence.jar" com.tangosol.net.DefaultCacheServer %1
Following is the output on the Console when running the command. It asks for a username and password for the JKS store (If i provide the wrong password, it gives a different error, which shows that it is able to authenticate aganst the Keystore). After i put in the password, it throws the error as shown below "java.security.AccessControlException: Unsufficient rights to perform the operation"
D:\Coherence\FOL_CacheServer>fol-cache-server
java version "1.6.0_20"
Java(TM) SE Runtime Environment (build 1.6.0_20-b02)
Java HotSpot(TM) 64-Bit Server VM (build 16.3-b01, mixed mode)
Username:admin
Password:
Exception in thread "main" java.security.AccessControlException: Unsufficient ri
ghts to perform the operation
at com.tangosol.net.security.DefaultController.checkPermission(DefaultCo
ntroller.java:153)
at com.tangosol.coherence.component.net.security.Standard.checkPermissio
n(Standard.CDB:32)
at com.tangosol.coherence.component.net.Security.checkPermission(Securit
y.CDB:11)
at com.tangosol.coherence.component.util.SafeCluster.ensureService(SafeC
luster.CDB:6)
at com.tangosol.coherence.component.net.management.Connector.startServic
e(Connector.CDB:20)
at com.tangosol.coherence.component.net.management.gateway.Remote.regist
erLocalModel(Remote.CDB:10)
at com.tangosol.coherence.component.net.management.gateway.Local.registe
rLocalModel(Local.CDB:10)
at com.tangosol.coherence.component.net.management.Gateway.register(Gate
way.CDB:6)
at com.tangosol.coherence.component.util.SafeCluster.ensureRunningCluste
r(SafeCluster.CDB:46)
at com.tangosol.coherence.component.util.SafeCluster.start(SafeCluster.C
DB:2)
at com.tangosol.net.CacheFactory.ensureCluster(CacheFactory.java:998)
at com.tangosol.net.DefaultConfigurableCacheFactory.ensureServiceInterna
l(DefaultConfigurableCacheFactory.java:923)
at com.tangosol.net.DefaultConfigurableCacheFactory.ensureService(Defaul
tConfigurableCacheFactory.java:892)
at com.tangosol.net.DefaultCacheServer.startServices(DefaultCacheServer.
java:81)
at com.tangosol.net.DefaultCacheServer.intialStartServices(DefaultCacheS
erver.java:250)
at com.tangosol.net.DefaultCacheServer.startAndMonitor(DefaultCacheServe
r.java:55)
at com.tangosol.net.DefaultCacheServer.main(DefaultCacheServer.java:197)Did you create the weblogic domain with the Oracle Webcenter Spaces option selected? This should install the relevant libraries into the domain that you will need to deploy your application. My experience is based off WC 11.1.1.0. If you haven't, you can extend your domain by re-running the Domain Config Wizard again (WLS_HOME/common/bin/config.sh)
Cappa -
GRC Access Control licensing and Sizing
Dear All,
I am putting up a proposal for GRC Access Control. Could someone please help me with the calculation of licensing cost and the hardware requirements?
1. Is the license cost totally driven by revenue ?
2. Is there a flat base price plus number of user accounts?
3. What sort of hardware config is required?
Thanks,
AjPlease ask your SAP account contact for pricing information.
Frank. -
Is Compliance Calibrator the same as GRC Access Control?
I have been asked to look at<b> Compliance Calibrator </b>and am getting confused about what functionality is offered. I have done the basic e-learning course for Compliance Calibrator (GRC200): this was all about separation of duties etc. Fair enough. But I also have a Document called "<b>SAP GRC Access Control</b>" which talks about the same S.O.D compliance functionality but also talks of "roles triggering workflows", "users creating roles", "automated approvals for roles" eg:
"SAP GRC Access Control streamlines access requests by filling each request automatically with user identity information from a lightweight directory access protocol (LDAP) directory or HR database, thereby eliminating the need for user intervention. Approvers receive an e-mail with a direct hyperlink to the request inside the application, where they can easily view and approve the request. The application then checks for security violations before updating accounts automatically."
None of this was covered on the Compliance Calibrator course, so what product offers this? I can see another product by Virsa called <b>Access Enforcer</b> but have no info on this... can anyone enlighten me?SAP GRC Access Control is the SAP application that comprises the former Virsa products Compliance Calibrator, Access Enforcer, Risk Terminator, Firefighter and Role Expert.
Maybe you are looking for
-
How to connect my macbook pro to my car cd player
hello how to connect my macbook pro to my car cd player
-
Texting more than one person at a time.
First of all, I love the iPhone. This isn't a complaint just more of a request. Mass text messaging. On all of my previous cellphones I've been able to send the same text message to multiple people at the same time. This does not seem possible with t
-
Why can I not connect to my MAC from a PC on the same network
I have a correctly formatted external HD mounted on my MacBook Air (Mac OSX version 10. 7. 5. Lion) and can access it without problems from my MacBook Pro, but when I am trying to access it from a PC (both Windows XP and Windows 7) the PC can "see" m
-
The original computer that I began syncing my iphone to has crashed and I now have a new computer. I need to know if anyone can help me? How do I sync my phone to the new computer and tell it that it's now going to be my primary computer instead of
-
Hi all, I was asked to make a fixed (non-scrollable) header in Web Dynpro. I placed two ViewContainer-elements and linked two views to the main view - one view for the header on the top, another for the body of the document. But it doesn't work - the