Guide to set Security zone?

hi all,
Hhow to set the security zone of a portal object? Could anyone please provide me with a step by step guide to set up the security zone.
Thanks for your help
regards
Priya

Hi Priya,
Start with SMP, under the NetWeaver 04 Documentation site:
<a href="https://websmp107.sap-ag.de/nw04doc">NW 04 Documentation</a>
On the left, click on How-To Guides:
On the right, click on Portal, Knowledge Management and Collaboration.
Scoll down to "How to Use Security Zones in NW04 SPS09"...
I hope that this helps,
Judson

Similar Messages

  • How do you set the expiration date of a secure zone?

    I am trying to set up a form where a user can sign up for access to a secure zone for 1 year. How do I set the expiration date of the secure zone for them to expire one year after they sign up for it?
    I have tried using a hidden field named "ZoneExpiry" (I have tried "ExpiryDate" as well) in the form and set its value attribute manually in the HTML (with the format 13-May-13), and the expiration date always ends up being 31-Dec-9999.
    Any help would be greatly appreciated.
    Thanks!

    I have done this.
    Have a hidden input field on form  <input name="ZoneExpiry" id="ExpiryDate" />
    Then have a function as follows:
    var dat=new Date();
                                                      dat.setDate(dat.getDate() + 365);
                                                      var monthname=new Array("Jan","Feb","Mar","Apr","May","Jun", "Jul","Aug","Sep","Oct","Nov","Dec")
                                                      var pretty = dat.getDate() + "-" + monthname[dat.getMonth()] + "-" + dat.getFullYear();   
                                                      jQuery("#ExpiryDate").val(pretty);
    Hope this helps.

  • Setting Security in Internet Zone to High affects Trusted Sites

    In response to the recent Security Advisory, we recommended our users set the Internet Zone security to High.
    However, this is causing our local Intranet site which is in every users Trusted Sites Zone (set at Medium-Low) to not function.
    I was under the impression that Trusted Sites are treated different than Internet Sites.
    What security settings do they share that would be affected by setting the Internet Zone to High?
    Thank you.
    Jeremy Leigh

    Hi
    f12>Console tab, refresh the page to show suppressed error messages, warnings, blocked content warnings.
    A 'High' security zone settings is equivalent to the Restricted Zones default setting.
    by default Active Scripting, scripting of ActiveX and applets and xss is disabled in the Restricted Zone.... basically domains mapped to the Restricted sites zone will be useless without active scripting.
    Rob^_^

  • Setting a secure zone expiry date beyond the invoice date.

    Is it possible to set the secure zone expiry date later than the invoice date? We're just looking at a way to let our members continue to have access for say 1 week after an invoice has failed so that they can log in and update their credit card details, possibly without seeing the 'access expired' message.
    I've seen this behaviour on a site before, but I think that may have had something to do with the fact that it was a weekly membership site and that the invoices were already generated.
    Cheers
    Pat

    Hey Gaurav,
    This is for a monthly recurring subscription. What I was thinking was that if for example a user signed up on the 1st of the month that their SZ access expires on the 8th of the next month, but the invoice is still issued and paid on the 1st of the following month, and when the invoice is successfully paid the SZ access gets extended till the 8th of the next month - now that I've written it out like that I'm pretty sure this isn't possible, unless there is some setting that dev can see in the backend?
    Pat

  • Set Security Level per Security Zone in IE

    I am trying to set the Trusted Security Zone to Low in IE (all versions).
    I have made the change under Computer > Administrative Templates > Windows Components > Internet Explorer > Internet Control Panel >
    Security Page > Trusted Sites Zone Template (and also tried under User). With User logged in I can see rsop which shows the setting, but in IE it remains at Medium.

    Hi,
    Please check below article and set the security level for each zone:
    Best
    Practice: How to use Group Policy to configure Internet Explorer security zone sites
    Regards,
    Yan Li
    Regards, Yan Li

  • Secure Zone password set (send log in details email) link not working for everyone

    Hi Guys,
    I have a site with three secure zones for different online programs. We're beginning to sell some programs and, because we aren't using a seemless gateway, we are manually subscribing them to the secure zones then clicking the 'Send log in details email' button. The email seems to be going out which is good. But, some clients can't click on the link to set their password. Nothing happens. Even if they copy and paste the link text into a browser window, still nothing.
    Anybody know why this would be working for some people and not others. Could it be to do with cookies or email clients etc. We are at a loss and therefore have lost two sales so far (they asked for refunds) because they couldn't access their programs in the secure zone.
    Any help greatly appreciated.

    Thanks LiamDilley for such a prompt reply. Currently my code looks like this:
         ...and your password is [<strong>{tag_password}</strong>]
    Are you saying that I should be changing the '[<strong>{tag_password}</strong>]' to:
    [<strong>,a href="{tag_password}>{tag_password}</a></strong>]
    The thing is, most of the time the link text appears as a link, but not for everyone. Do you think this will fix it?

  • Setting up subscription secured zone

    I am trying to setup a subscription based secured zone. I followed the directions in the knowledge base but i think the directions were outdated cause it is adding an Invoice field to the credit card form. When we try to test it we get an error:
    Credit Card Payment Failed
    There was an error processing your credit card. Please correct this and try again.
    Invoice Number Not Found: . Please go back and correct this.
    Shouldnt the invoice number populate the field automatically?
    How can the user know what the invoice is to input it?
    Thanks
    Tom Cuneo

    Reference:
    http://forums.adobe.com/message/4964176#4964176
    (bottom)

  • Set expiration dates for Secure Zone Memberships

    We run an online exercise company offering memberships with access to exercise videos so users can exercise online - we sell memberships by the week, month, or month to month memberships. We also sell a beginner courses. The site has been built in Adobe Muse, integrated with Business Catalyst.
    For the time-based memberships we have inserted a snippet of code in Business Catalyst that limits the amount of time members have access to the secure zone where we keep the videos - this is tied to the form members fill out when they purchase. The issue is that when the entire Muse site is republished or just the page with the form - the code disappears. So we have to go into each form and reinsert the code. This has been going on for quite some time. Below is most of the code we've been using - which we found in Business Catalyst Forum Section a couple years ago:
    function setExpiryDate( )
    var dat=new Date();
    dat.setDate(dat.getDate() + 8);
    var monthname=new Array("Jan","Feb","Mar","Apr","May","Jun", "Jul","Aug","Sep","Oct","Nov","Dec")
    var pretty = dat.getDate() + "-" + monthname[dat.getMonth()] + "-" + dat.getFullYear();
    document.getElementById("ExpiryDate").value = pretty;
    };setExpiryDate( );
    We are looking to 'permanently' anchor the code in the form.

    Hi
    If you are using BC secure zones then you can setup the expiry date from BC end only, regarding the code that you are using , I believe you are trying to use specific form for secure zone sign up and limiting the expiry date.
    Regarding form code being stripped off, are you submitting the form once from site front end and then also code is stripped off ?
    Please include site url in your response.
    Thanks,
    Sanjit

  • Optus ADSL2+ and WRT610n Quick Guide to setting up.

    Hi all fellow Optus (australian isp) ADSL2+ and Linksys users,
    I have a quick guide to setting up your new WRT610n with the optus supplied ADSL2+ Speedstream 4200 modem. This should solve most users problems with no internet connections, firewall rules not appearing to work properly etc.
    It took me several hours of stuffing around and online researching untill I got these two to work together and have full firewall funtionality!
    First up.... DON'T USE the LELA to setup the router! For some unknown reason, the laptop I used to setup the router, was configured by LELA to be a proxy and gateway, and unless that laptop was on.... the router wasn't passing info through it and back out to the internet! A full Reset of the Router was needed to clear this setting!
    Now Lets get started.
    BEFORE inserting the router into the network and connecting everything up, we need to reconfigure the Speedstream modem to FULL BRIDGE mode. NOTE! this will infuture disable the Web interface to the DSL modem, so changing to FULL BRIDGE mode should be the last thing you do to the modem before logging out. A full hard reset (little button) will restore the web functionality again should you need to put it back to normal.
    1) Setting Speedstream 4200 to Full Bridge mode - This is necessary for the Modem to fully pass on ALL of the ISP settings. Such as correct gateway info, DNS info, "REAL" online IP address (not the generic psuedo 10.x.x.x number) etc.
    - To do this, open your web client, Internet Explorer or similar. And enter the IP address 10.1.1.1
    - Feel free to look around the settings of the modem but don't change anything just yet. Wouldn't be a bad idea to take screenshots of all the settings pages now like I did should I need to return it to original settings.
    - The Webpage of the modem will open up and click on PPP - Take note (as in write this down!) of your "PPPoE 8/35" type which you'll select in the router later, and your Username for optus logon and password (you should know that or go looking for that paperwork that has your username and password that came with your optus Modem installer CD). You will enter all this login info in the router later as the router will do the logging in and take over from the modem!
    - Next, click on Mode - You will see 3 options. For most, it will currently be on Optus Bridge. This mode enables a router inside the modem and is now to be replaced by the new Linksys you just bought. By Changing this to FULL BRIDGE mode, you essentially disable the modems internal router and turn it into a dumb modem (like the good old days of dumb dial up modems yey!)
    - When you've changed to FULL BRIDGE mode, it will tell you the Web interface is now disabled. Close the window. And lets get to configuring the router.
    2) Plugging everything in time!
    - The Speedstream 4200 ADSL2+ Modem stays plugged into the wall as normal, but the LAN cable which used to go to your computer now plugs into the WAN port of the router.
    - Plug the PC into one of the LAN ports of the Router also.... or if like me, you have a Switch that all the PC's use, plug that into the router.
    3) Setting up the WRT610n (or similar linksys router)
    - Open Internet Explorer/Firefox and enter the IP Address of the Router (Fresh install IP is 192.168.1.1)
    - Username is "admin" and password is "admin" (you'll want to change this later I'm sure)
    - OK now your in! We need to setup the internet account settings.
    - Setup-Basic Setup page:- Internet Connection Type will be what you saw in the modem PPP page (you did write that down didn't you?). For me, I select PPPoE.
    - The enter my optus username info and password
    - click on Keep Alive (30 Secs).
    - Then click Save Settings at the very bottom of the webpage.
    It will likely ask to reboot.... let it do so
    Now at this point:
    - Your modem should have always been in Sync
    - Your LAN IP from the WRT610n should be in the 192.168.1.100+ range? (I changed this later to put my IPs back in the 192.168.0.100+ range so I didn't have to reconfigure static PC's or printers around my network)
    - Your Router should have reset about now and hopefully logged onto the internet through the modem.
    To check all is working fine. Open the Routers webpage again and click on Status. Under the Internet Connection area, Click connect if it hasn't already connected for ya. This page should auto-refresh.
    Check that the connection says Connected and that the IP addresses given in all the fields appear to be internet addresses (ie not 10.x.x.x or 192.168.x.x etc). If not, check that the status lights on the modem are all correct (you know how it should look when it's ok).
    Open IE or firefox and check that you have internet!
    It's important to make sure that the Internet IP Address in the Status page matches the one you get from http://www.whatismyip.com/. Because if it doesn't, then the Router isn't truely at the front of the Internet-Lan boundary. If this is the case, you may still have internet working ok, but the firewall portforwards may not work as seen in other forum posts around the net.  
    If it's OK, then Grab a Beer and Celebrate, you've just saved yourself 6 hours of hair pulling frustration!
    SUCCESS!
    Now, if your so inclined.... I would highly recommend changing Admin passwords, adding security to your Wireless connections, changing your DHCP to something your comfortable with or just leave them alone if everyone is server assigned IP's. I find it's a good idea to use the DHCP Mac reservation in the basic setup so I know each PC will get the same IP each time it logs into the router and thus makes Portforwarding SOOoooo much easier knowing the IPs don't change on you when the IP lease time expires if the PC has been offline too long.
    Please feel free to comment on this, I'm pretty sure 99% apart from grammar is correct! Hope it helps many new and old users.
    Have a brilliant day! and may the force be with you!
    Ramjet

    It's not clear to me exactly what problem you're having, but does this post help?
    http://discussions.apple.com/message.jspa?messageID=1806715#1806715

  • How to create a Payment Form for access to multiple secure zones

    I'm trying to create a Payment Form that allows the user to select from a dropdown of videos, each of which represents a secure zone page with an embedded video.
    What I can't figure out -- and tech chat can't help -- is how to redirect the user to the correct secure zone for the video they purchased.
    Videos are are streaming, vimeo embeds, not downloads.
    Anyone know how to do this? Can post link to test form if you need it.
    Thanks!
    jerry

    Hi,
    This can be done for already available list. Have a look at the following steps:
    Create an Empty SharePoint Project, then right click the project, add SharePoint “Layouts” Mapped Folder.
    Right click the project name, add New item Application Page, then add the custom code there.
    Under Features, add a feature, right click the added feature then add an event receiver, override the FeatureActivated method to set the new edit/new form as the default form.
    How to set new form as default form:
    SPList lstTest = web.Lists["Shared Documents"];
    string newUrl =
    string.Format("layouts/NewEditForm.aspx", web.ServerRelativeUrl, lstTest.RootFolder.Url);
    var form = web.GetFile(newUrl);
    if (form !=
    null && form.Exists)
     //string newFomrUrl = lstTest.DefaultEditFormUrl.Replace("EditForm.aspx", "docEditForm.aspx");
      lstTest.DefaultEditFormUrl = newUrl;
      lstTest.Update();
    For more information, see
    http://community.bamboosolutions.com/blogs/sharepoint-2010/archive/2011/05/12/sharepoint-2010-cookbook-how-to-create-a-customized-list-edit-form-for-development-in-visual-studio-2010.aspx
    To add a custom list form, the best way I think is using SharePoint Designer 2010, it’s very fast.
    Regards,
    Kelly Chen

  • Security Zones and portalapp.xml

    On the page http://help.sap.com/saphelp_nw04/helpdata/en/25/85de55a94c4b5fa7a2d74e8ed201b0/content.htm
    it says that the settings (security zone, permission) in the portalapp.xml defines who can access this application.
    Then it says that PRT checks the users iView-permission and then optionally the security zone permission, depending on the setting of the parameter -Dcom.sap.nw.sz=true in the J2EE.
    Question:
    When this parameter is disabled (default), are the security zones just not checked when accessing an application throug an iView or also when they are accessed through direct URL?

    Hi Manuel,
    I just checked it against our SP12 installation, with the same component, which has the same settings as yours:
    > it can be run by any authenticated user
    This at least does not hold for our portal installation. Each access with the given URL, called by an authenticated user which does not have one of the admin roles set within the security zones, ends with:
    Access denied (Object: com.sap.portal.system/security/sap.com/NetWeaver.Portal/high_safety/com.sap.portal.runtime.system.console/components/ClusterAdminConsole)
    The application permissions do not play a role here, these are for the iView wizards, which applications are to be chosen.
    So, double check the user you are testing with; maybe the version is buggy?
    > In the Security-Zone-Permissions
    > ara:/security/sap.com/NetWeaver.Portal/high_safety/com.sap.portal.runtime.system.console
    Under components/ClusterAdminConsole the same settings are to be found? (I expect it, but just to be sure.)
    Hope it helps
    Detlev

  • PS script that fills security zones in IE

    This script fills the IE security zones. The idea is for it to be added as a logon script. I reworked it from the original script from David Wyatt on https://social.technet.microsoft.com/Forums/windowsserver/en-US/84434209-0b35-49f1-91f7-0e041ca656da/powershell-add-url-to-intranet-zone?forum=winserverpowershell
    The script was tested on PowerShell 4.0.
    Each IE security zone has an array of domains.
    It goes like this :
    #Script for adding domains to diferent zones
    #Define zone arrays and zone values
    $LocalArray=@("firstlocal.com", "secondlocal.com")
    $TrustedArray=@("firsttrusted.com", "secondtrusted.com")
    $RestrictedArray=@("firstrestricted.com", "secondrestricted.com")
    $LocalValue=(1)
    $TrustedValue=(2)
    $RestrictedValue=(4)
    #Add array elements to Local intranet zone
    ForEach ($element in $LocalArray)
    #Add to Domains
    $Path=("HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\" + $element)
    if (-not (Test-Path -Path $Path))
    New-Item -Path $Path
    Set-ItemProperty -Path $Path -Name http -Value $LocalValue -Type DWord
    Set-ItemProperty -Path $Path -Name https -Value $LocalValue -Type DWord
    #Add to EscDomains
    $Path=("HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\" + $element)
    if (-not (Test-Path -Path $Path))
    New-Item -Path $Path
    Set-ItemProperty -Path $Path -Name http -Value $LocalValue -Type DWord
    Set-ItemProperty -Path $Path -Name https -Value $LocalValue -Type DWord
    #Add array elements to Trusted intranet zone
    ForEach ($element in $TrustedArray)
    #Add to Domains
    $Path=("HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\" + $element)
    if (-not (Test-Path -Path $Path))
    New-Item -Path $Path
    Set-ItemProperty -Path $Path -Name http -Value $TrustedValue -Type DWord
    Set-ItemProperty -Path $Path -Name https -Value $TrustedValue -Type DWord
    #Add to EscDomains
    $Path=("HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\" + $element)
    if (-not (Test-Path -Path $Path))
    New-Item -Path $Path
    Set-ItemProperty -Path $Path -Name http -Value $TrustedValue -Type DWord
    Set-ItemProperty -Path $Path -Name https -Value $TrustedValue -Type DWord
    #Add array elements to Restricted intranet zone
    ForEach ($element in $RestrictedArray)
    #Add to Domains
    $Path=("HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\" + $element)
    if (-not (Test-Path -Path $Path))
    New-Item -Path $Path
    Set-ItemProperty -Path $Path -Name http -Value $RestrictedValue -Type DWord
    Set-ItemProperty -Path $Path -Name https -Value $RestrictedValue -Type DWord
    #Add to EscDomains
    $Path=("HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\" + $element)
    if (-not (Test-Path -Path $Path))
    New-Item -Path $Path
    Set-ItemProperty -Path $Path -Name http -Value $RestrictedValue -Type DWord
    Set-ItemProperty -Path $Path -Name https -Value $RestrictedValue -Type DWord
    The script is ugly and long. It repeats for each of the three zones.
    Any idea how to add a second loop that would shorten it?
    Newb

    Your request doesn't make any sense.  You have three sets of unrelated things.  You need three loops.
    ¯\_(ツ)_/¯

  • Web App {tag_edit} doesn't render in web Web App search results within secure zone?

    We have secure zones that are to display certain web app items to be filtered by Category. The secure zone members need to filter through web app items and edit these items from the list view. We've set it up accordingly and the list view is exactly how it should be when it is simply displaying on a page within the secure zone, however when the web app search/filtering is applied the "edit" tag doesn't display. Is there anyway to have this work or does it simply not? Please tell me it is possible to filter and edit web apps.
    Thanks in advance,

    Hi The Bowery, the edit tag will not show in general web app item search results unless the owner of that web app item is logged in to a secure zone to view it.
    However, if you are happy for anyone looking at the website to edit all web app items, you can set that in the properties of the web app itself. Then I think the edit tag will show to anyone looking at the web app items.
    If you only want the web app item owner to edit the web app item then you need to set up a secure zone for them to log in and view it.
    It will show when the web app item owner is logged in and viewing the web app items, if the edit tag has been added to the layout customisations. So it will only show to the web app item owner.
    You need to set up a secure zone for the web app item owners to upload and edit their web app items.
    Search results on a webapp use the List template layout  for the webapp to show a summary of the search results and the detail Template Layout is what shows when you click on the search result summary item. In webapp setups I usually put the edit tag in the List template

  • Best practice for secure zone various access

    I am setting up a new site with a secure zone.
    There will be a secure zone. Once logged in, users will have access to search and browse medical articles/resources
    This is how an example may go:
    The admin user signs up Doctor XYZ to the secure zone.
    The Doctor XYZ is a heart specialist, so he only gets access to web app items that are classified as "heart".
    However, he may also be given access to other items, eg: "lung" items.
    Or, even all items. It will vary from user to user.
    Is there any way to separate areas within the secure zone and give access to those separate areas (without having to give access to individual items - which will be a pain because there will be hundreds of records; and also without having the user log out and log into another secure area)

    my only issue with this is that I have no idea how to open up File Sharing to ONLY allow users who are connecting from the VPN
    Simple - don't expose your server to the outside world.
    As long as you're running on a NAT network behind some firewall or router that's filtering traffic, no external traffic can get to your server unless you setup port forwarding - this is the method used to run, say, a public web server where you tell the router/firewall to allow incoming traffic on port 80 to get to your server.
    If you don't setup any port forwarding, no external traffic can get in.
    There are additional steps you can take - such as running the software firewall built into Mac OS X to tell it to only accept network connections from the local network, but that's not necessary in most cases.
    And 2. The best way to ensure secure AND encrypted file sharing via the server...
    VPN should take care of most of your concerns - at least as far as the file server is concerned. I'd be more worried about what happens to the files once they leave the network - for example have you ensured that the remote user's local system is sufficiently secured so that no one can get the documents off his machine once they're downloaded?

  • Extracting secure zone expiration date to be used for webapps

    Hi all,
    Is it possible to extract the secure zone expiration date and use it to set the expiration date for webapps? I see that the expiration date of secure zones can be extracted through the email section, and not other places. globals.user doesn't output the expiration date either.
    All that I need is the number of days so that i can automatically put the day into the Set Webapp to Expire in __ days.
    Unless the webapps automatically deletes itself when users are booted out of secure zones?

    I've found the module which gives the expiry date of the secure zone ie. {module_subscriptions render="collection" collection="subscriptions"}.
    The output is:
      "moduleName": "subscriptions",
      "moduleDescriptor": {
      "templatePath": null,
      "parameters": "render=\"collection\",collection=\"subscriptions\"",
      "apiEndpoint": "/api/v3/subscriptions",
      "objectType": "-1",
      "objectId": "-1",
      "adminUrl": ""
      "items": [
      "entityId": 11421300,
      "zoneId": 51,
      "zoneName": "Member Only Area",
      "expiryDate": "2015-04-30T00:00:00",
      "sellAccess": "false",
      "costPerPeriod": 0.0,
      "cycleType": ""
      "params": {
      "render": "collection",
      "collection": "subscriptions"
    When I use {{subscriptions.items.expiryDate}}, it doesnt output any value. I suspect that this is due to the [] encasing the items sub-information. How can I extract this information for use?

Maybe you are looking for