How to config the user and role in the runtime for executing in the GP?....

Similar Messages

• How to use the user and role API's and where to use it

  Hi All,
  I have configured SSO for my UCM11g. Now my application authenticates through the Oracle SSO login page. Currently it is working with SQL authenticator.
  Now, i have to use LDAP authenticator. when i will configure the LDAP authenticator, i have to use the user and role API's to fetch the user profile information from LDAP. i have got the API's which will be used to fetch the respected information, but i am not getting as where i will write those java programs and how this API will be used in my application. what settings i need to do on it so that application uses the API's. ?
  Please can anyone help me on this.
  thanks,
  Saurabh

  Hi, Mithu,
  Thanks a lot for your help in advance.
  I have carefully read the document: https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/6b66d7ea-0c01-0010-14af-b3ee523210b5.
  Now, I think I have to set the processor of every actions in every process if I use the GP for processing the workflow.
  I am better to hope that I can set the processor to the role for every actions in every process in the runtime through get the organizational structure in the WDA(webdynpro for java or webdynpro for java). Thus, the customer don't set the processor to the role for every action in every process when runing in the GP.   I don't know how to do this. 
  Whether the function is not supported in the GP? If so, I have to config two organizational structure: in the R/3 and in the Portal. I don't think our customer don't receipt this solution.
  Do you give me some hints? Thanks a lot.  My email: [email protected]
  Thanks again.
  Thanks & Regards,
  Tao

• I purchased an iphone 4 from a friend, i called the carrier and they have unlocked it for me but the phone still needs to be activated as i have restored it. Can i activate the iphone through itunes by using a different carriers sim card?

  Help Please,
  I purchased an iphone 4 from a friend, i somehow cleared it and it's now at the original activation screen, i have spoken to the carrier and they have unlocked it for me. Once the carrier unlock details get sent to apple, will i be able to use any carrier sim card to activate the iphone? currently when i connect to itunes it says the sim is not the original one and i need to insert the original sim... will this happen now that it has been carrier unlocked? i have been told the unlocking can take between 5 and 72 hours, do i just keep trying with itunes or do i have to do something different?
  This is a christmas present for my son and i am running out of time, i'm not in an area that i can just go into an apple store and ask, i'm currently overseas in a very poor country and there are not many iphones that i have seen here so your help would really be appreciated.
  i think the operating system is 6.0.1
  Thanks,
  Matt.

  scrapman26 wrote:
  i was told it can take between 5 and 72 hours for the carrier unlock is done.
  And have you waited that long? If not, then that's why it's not done yet.

• How to obtain a user's roles

  We are migrating a OC4J app to weblogic 10.3. I won't go into all the gory details, but there was a security component that would read the jazn-data.xml file and return a list of all the roles a username was mapped to. Once I define the users and roles in the WL realm, is there any programmatic API that given a principal, can return all the roles that the principal is assigned to?
  Thanks,
  Leor

  Hi Leor,
  You can use a WLST script. I don't have a finished script for what you want, but here is an interactive example which should show how you navigate the WLST structure, down to the security information:
  [bea@myserver esbDomain]$ . bin/setDomainEnv.sh
  [bea@myserver esbDomain]$ java weblogic.WLST
  Initializing WebLogic Scripting Tool (WLST) ...
  Welcome to WebLogic Server Administration Scripting Shell
  Type help() for help on available commands
  wls:/offline>
  wls:/offline> connect('weblogic','weblogic','t3://myserver:7011')
  Connecting to t3://myserver:7011 with userid adadm ...
  Successfully connected to Admin Server 'esbAdminServer' that belongs to domain 'esbDomain'.
  Warning: An insecure protocol was used to connect to the
  server. To ensure on-the-wire security, the SSL port or
  Admin port should be used instead.
  wls:/esbDomain/serverConfig> cd ('SecurityConfiguration')
  wls:/esbDomain/serverConfig/SecurityConfiguration> ls()
  dr--   esbDomain
  wls:/esbDomain/serverConfig/SecurityConfiguration> cd ('esbDomain')
  wls:/esbDomain/serverConfig/SecurityConfiguration/esbDomain> ls()
  dr--   DefaultRealm
  dr--   Realms
  -r--   AnonymousAdminLookupEnabled                  false
  -r--   CompatibilityConnectionFiltersEnabled        false
  -r--   ConnectionFilter                             null
  -r--   ConnectionFilterRules                        null
  -r--   ConnectionLoggerEnabled                      false
  -r--   ConsoleFullDelegationEnabled                 false
  -r--   Credential                                   ******
  -r--   CredentialEncrypted                          ******
  -r--   DowngradeUntrustedPrincipals                 false
  -r--   EnforceStrictURLPattern                      true
  -r--   EnforceValidBasicAuthCredentials             true
  -r--   Name                                         esbDomain
  -r--   NodeManagerPassword                          ******
  -r--   NodeManagerPasswordEncrypted                 ******
  -r--   NodeManagerUsername                          nodemgr
  -r--   Notes                                        null
  -r--   Type                                         SecurityConfiguration
  -r--   WebAppFilesCaseInsensitive                   false
  -r-x   findDefaultRealm                             WebLogicMBean :
  -r-x   findRealm                                    WebLogicMBean : String(realmDisplayName)
  -r-x   findRealms                                   WebLogicMBean[] :
  -r-x   freezeCurrentValue                           Void : String(attributeName)
  -r-x   generateCredential                           [B :
  -r-x   isSet                                        Boolean : String(propertyName)
  -r-x   unSet                                        Void : String(propertyName)Regards Peter

• Is it possible to store user and role information in MDS instead of jazn ?

  Hi
  I want to store the user and role details in mds rather than jazn xml. Is it posssible? Could any one tell the steps that to be follow?
  Thanks,
  Vishnu

  Hi,
  MDS is not a polic store nor an identity management system. It does not really make sense what you are asking for. Instead of jazn-data.xml you can use OID and RDBMS for holiding user identities and policies. If it is only user identities and groups you want to move to another store then you have OID, RDBMS, Active Directory. OAM etc.. The jazn-data.xml file btw. is used at design time only. Upon deployment - by default - users and groups are created from jazn-data.xml into the integrated WLS LDAP server. Policies in jazn-data.xml file are copied to system-jazn-data.xml of the target WLS server.
  Frank

• User and role permissions getting reset on managed server

            Hi..
            I am not sure whether this is really a clusteing problem. I have a clusted server
            with one admin server and one managed server. I have deployed the some of my own
            applications alongwith the Weblogic Integration application on the managed server.
            I have some users and roles defined in the BPM studio to access and execute the
            workflows.
            But every time I restart the managed server, the user and role permissions are
            reset and the workflows are not executed. I get the following error.
            ####<May 13, 2003 10:01:22 AM BST> <Error> <BPM> <hwdusa08> <managed1_eai2d2A>
            <ExecuteThread: '44' for queue: 'default'> <kernel identity> <11
            1:21ad542a0d3cc527> <000000> <<wlpirequest>
            <started>2003-05-13 10:01:22.230</started>
            <requestor>wlisystem</requestor>
            <templateid>1</templateid>
            <template-name> WLI Logging Framework V2.0 Installation test</template-name>
            <templatedefinitionid>1</templatedefinitionid>
            <instanceid>2001</instanceid>
            <actions>
            <error time="2003-05-13 10:01:22.427">WorkflowException: The server was unable
            to complete your request.
            The WebLogic Integration role "logging" is not mapped to a WebLogic
            Server security group.</error>
            </actions>
            <completed>2003-05-13 10:01:22.428</completed>
            </wlpirequest>
            >
            And the only remeady I need to do here is to delete the role and recreate it with
            specific permissions every time the managed server is bounced. The same thing
            also happens for the created user also where the user loses all the permissions.
            Can anyone please help me on this issue ?
            Thanks in advance
            Mandar
            

  are you using filerealm?
            This seems like a security related question - can you please post this
            question to the security newsgroup you may get a faster answer there.
            sree
            "Mandar Gandhe" <[email protected]> wrote in message
            news:[email protected]...
            >
            > Hi..
            >
            > I am not sure whether this is really a clusteing problem. I have a clusted
            server
            > with one admin server and one managed server. I have deployed the some of
            my own
            > applications alongwith the Weblogic Integration application on the managed
            server.
            > I have some users and roles defined in the BPM studio to access and
            execute the
            > workflows.
            >
            > But every time I restart the managed server, the user and role permissions
            are
            > reset and the workflows are not executed. I get the following error.
            >
            > ------
            > ####<May 13, 2003 10:01:22 AM BST> <Error> <BPM> <hwdusa08>
            <managed1_eai2d2A>
            > <ExecuteThread: '44' for queue: 'default'> <kernel identity> <11
            > 1:21ad542a0d3cc527> <000000> <<wlpirequest>
            > <started>2003-05-13 10:01:22.230</started>
            > <requestor>wlisystem</requestor>
            > <templateid>1</templateid>
            > <template-name> WLI Logging Framework V2.0 Installation
            test</template-name>
            > <templatedefinitionid>1</templatedefinitionid>
            > <instanceid>2001</instanceid>
            > <actions>
            > <error time="2003-05-13 10:01:22.427">WorkflowException: The server
            was unable
            > to complete your request.
            > The WebLogic Integration role "logging" is not mapped to a
            WebLogic
            > Server security group.</error>
            > </actions>
            > <completed>2003-05-13 10:01:22.428</completed>
            > </wlpirequest>
            > >
            >
            > ------
            >
            > And the only remeady I need to do here is to delete the role and recreate
            it with
            > specific permissions every time the managed server is bounced. The same
            thing
            > also happens for the created user also where the user loses all the
            permissions.
            >
            > Can anyone please help me on this issue ?
            >
            > Thanks in advance
            > Mandar
            >
            

• How to create the IView and Roles ,User for WebdynPro Application in Portal

  Hi,
         I have one simple webdynpro application. i want to create the user,Role and Iview for my webdynpro application in the Portal . after that i need to assign the roles to the user and i want to see the different output for each user depends upon the Role.
    Can anyone give me Tutorial page(PDF) or Guide me How to do?
           Thanks in Advance
  Regards
  Ramkumar

  Hello Ramkumar,
  following please find the link to available documentation in SAP Help Portal:
  http://help.sap.com/saphelp_nw70/helpdata/en/42/fa080514793ee6e10000000a1553f7/frameset.htm.
  Regards,
  SAP AG
  Gesine Raith

• Reset the user and password in the config tool

  Dear All,
  how can I reset the user and password in the config tool ?
  Regards
  ertas

  how can I reset the user and password in the config tool ?
  Section from help:
  http://help.sap.com/saphelp_nw70/helpdata/en/1c/129d440bbe4b7d8ae8b82879808d7e/content.htm
  Section from SDN Wiki:
  https://www.sdn.sap.com/irj/scn/wiki?path=/display/ep/to%252breset%252badministrator%252bpassword%252bthrough%252bconfig%252btool
  Regards,
  Abhishek.

• How to create new user and How can i assign end user roles

  Hi,
  I am new to SAP, please explain how to create end users and their roles
  Thanks
  ravi

  Hi,
  Roles are decided by IT managers. Suppose if Persons who are working in shopfloor or production side
  give authorization to Production order create , change and Confirm like that etc
  1. In role maintenance (transaction PFCG), choose the Authorizations tab page.
  2. To change the authorization data for the transactions assigned to the role, choose Change Authorization Data or Expert Mode for Profile Generation. Otherwise, a dialog box appears in expert mode (see Regenerating an Authorization Profile After Changes).
  Please take telp from Basis person also refer this link,
  http://help.sap.com/saphelp_46c/helpdata/EN/52/6714a9439b11d1896f0000e8322d00/frameset.htm
  Thanks

• How do the User and Shared Folders relate to the main drive? Can we delete?

  I'm curious how the User and Shared folders relate to the main hard drive and if there is duplicate files in these folders and the main hard drive. Some software programs I have seemed to have loaded content/info into these folders and I'm wondering why they put files in there instead of just the regular main hard drive pathing. These 2 folders are more confusing than anything. I can see that might be of use to a family and each family member wants to keep files in a personal file, but when I'm the only one using my computer, it seems like I should have the option to remove these folders completely, but I don't because I feel like I would be deleting some important files that I wasn't aware were in these folders.
  Another thing is, when I click on User folders (at least I think it's the User and not Shared folder), it brings up my name and 'Shared' in 2 seperate subfolders. Is anything in these folders duplicates of what's on my main hard drive? Is there anything significant about these folders if I'm the only user on my computer?
  I would nice to get rid of clutter and to eliminate options for software to install things by deleting these folders and not have home/user/shared folders. Is that possible?

  stikygum wrote:
  Yeah, I'm really low on space, so I'm going about a bunch of different consolidating options. But I mainly posted my main question to help me understand what 'stuff' is in the User and Shared folders and whether or not they act like an Alias, in order to help me make an informed decision what is best for my needs.
  They are not aliases; it is a hierarchy, and there is intentional duplication at different levels. This is a feature.
  First thing is that Users and Shared are at different levels. Users is at the top level, but Shared is one level inside Users, at the same level as any other user account you have created.
  Therefore, if you delete the Users folder, you delete all user accounts, which means you delete all personal data. OS X probably won't even let you delete the Users folder unless you start up from a different hard drive, because you can't delete your user account while you are running in it.
  Now, more about the hierarchy. The intentional duplication is so that documents and software can exist for individual users or all users. For example, there are multiple Applications folders:
  Hard Drive\Applications - applications any user can see, installed at the system level
  Hard Drive\Users\username1\Applications = applications only that user can see
  Hard Drive\Users\username2\Applications = applications only that user can see
  In the same way, there are multiple Preferences, Cookies, Application Support, etc. folders at different levels, for the same reasons.
  If you do not know what you are doing and you delete one of these folders that "looks like a duplicate" you could cripple some essential part of your system or your account. That is why people are telling you not to do this.
  The Shared folder is there because if you are in one user account you are prevented from seeing the files inside other user accounts. (Because you don't want other accounts to be able to see your personal data.) If you want to share files with others in your house using the same Mac, that's a problem. But the Shared folder solves this. if you want some files to be accessible to all users, like some photos or music, just put them in the Shared folder and now anyone with an account on that computer can see those shared files.
  The reason shared files are not simply stored at the top level is because everything above the Users folder is supposed to be reserved for the system. User-specific are supposed to stay in the Users folder. That is why they put the Shared folder in there.
  If you are not using the Shared folder and are just eyeing it because you want to free up some disk space, well, it probably won't help to delete it. Because if you are not using the Shared folder, it is probably not taking up much space, even though you see stuff in there. And if there is stuff in there taking up space, first figure out if someone put it there for a reason before you delete it.

• Creation of user and roles in ldap using jldap api

  Please help me in creating user and roles in ldap through java api.
  I am able to manupulate the existing user and role in ldap. Please give
  me some steps or some sample code for creating user
  satyanandasahu
  satyanandasahu's Profile: http://forums.novell.com/member.php?userid=89095
  View this thread: http://forums.novell.com/showthread.php?t=414763

  Thanks Jim..
  this is doing the work. Here we have a custimised class with customised
  attributes I am looking how to do that.
  Can you give your mail id.
  thanks again
  Jim Willeke;1995096 Wrote:
  > Have you seen these samples:
  > 'Novell Documentation'
  > (http://developer.novell.com/document...mple/index.htm)
  >
  > See the AddEntry.java
  > -jim
  >
  > On 7/2/2010 9:36 AM, satyanandasahu wrote:
  > >
  > > Please help me in creating user and roles in ldap through java api.
  > > I am able to manupulate the existing user and role in ldap. Please
  > give
  > > me some steps or some sample code for creating user
  > >
  > >
  satyanandasahu
  satyanandasahu's Profile: http://forums.novell.com/member.php?userid=89095
  View this thread: http://forums.novell.com/showthread.php?t=414763

• What FM retrieve inner authorization object BBP_ROLE using the user's role

  Hi Experts!
  Do you know what Function Module can be use to retreive the inner authorization object BBP_ROLE using the user's role
  e.g. BUYER : YT:PU:XXXX:BUYERROLE
  Object       : BBP_ROLE      SRM: User function / Role
  field name : BBP_ROLE      SRM: User function / Role
  Activities
  Sel      Activity      Text
  x       EMP             Employee
  x       OPP             Operational Purchaser
  ......etc
  Thanks!

  Hi
  Execute Txn S_BCE_68001414 in debug mode, and figure out how system takes the inner authorizations through the flow of this program
  Regards
  Virender Singh

• What is the SYNTAX for the user and group filters??? Is the HTML Ampersand token Amper A m p semicolon required in the filter

  There seems to be quite a bit of confusion over the actual syntax for the user and group filters on the Forms Based Authentication  Ldap Role and membership providers.. MSFT isn't really clear and there is a universal confusion in the blogsphere.
  I the filters should the prefix be the ACTUAL Ampersand or the HTML token for an AMPERSAND.. I realize the in many cases the blogger might have inadvertently specified the html token when the bare naked ampersand was intended..   The question
  therefore is : can a filter be taken directly from and ADSIEdit query and used as a filter or must the filter be made HTML safe by swapping out the AMERSAND with the HTML Token for AMERSAND before putting it into the configuration
  for the LDAPRole/membership provider...
  All science is either physics or stamp collecting

  Hi GUYO,
  I am not quite sure how we implement this on sharepoint side, as I did research and sharepoint may not have this feature to do this.
  most of the LDAP for sharepoint may need to follow these steps in this article:
  http://technet.microsoft.com/en-us/library/ee806890(v=office.15).aspx
  http://blogs.msdn.com/b/sridhara/archive/2010/01/07/setting-up-fba-claims-in-sharepoint-2010-with-active-directory-membership-provider.aspxhttp://blogs.msdn.com/b/kaevans/archive/2013/01/31/configuring-ldap-for-fba-in-sharepoint-2010-or-sharepoint-2013-with-powershell.aspx
  here is an example :
  http://blogs.msdn.com/b/sharepoint__cloud/archive/2011/12/20/achieving-fba-with-adlds-amp-sharepoint-2010.aspx
  if should this questions was at the ADSIEdit part, perhaps you can help us by opening a new thread at the AD foum
  https://social.technet.microsoft.com/Forums/en-US/home?category=windowsserver
  Regards,
  Aries
  Microsoft Online Community Support
  Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

• Developing Custom User and Role Providers

  Hi
  I am new to Fusion Middleware and trying to develope a Custom User and Role Providers based on the pdf "Oracle® Fusion Middleware Application Security Guide 11g Release 1 (11.1.1) E10043-06"
  It mentioned a sample code "sampleprovider.zip" in chapter 18.10.7 Example: Implementing an Identity Provider
  I couldn't find this zip file anywhere, Can someone know this please let me know how to get this zip?
  Many Thanks
  djia002

  URL:
  http://download.oracle.com/docs/cd/E14571_01/core.1111/e10043/devuserole.htm#CHDEBAEB
  18.10.7.1 About the Sample Provider
  The sample provider is bundled in <b>sampleprovider.zip</b>. Unzip the file. It should generate the following structure (...)

• Portal user and role creation

  How do we add (bulk add) users and roles to Portal 6.0 without the management console ?
  Thanks ,
  Ravi

  Did anyone have an answer to this? I've used tools with other directories that permitted a bulk add or a flat file dirsync that allowed a CSV file to add accounts. I would be interested if someone has done this for portal 6.2 or 6.X.
  Thanks in advance,
  Mike