How to define a flexfiled in security manager

Similar Messages

• How can define the cost center (department) manager?

  We are on 11.5.0.10
  Financials implementation is done(GL,AP,AR,FA,IA)
  In iAssets System, we want to set up the approval method to use "cost center-based approvals". (For cost center-based approvals to work properly, each cost center must have a manager defined.)
  How can define the cost center (department) manager? Thanks.

  I believe this is done in the organization definition screen. For each organization, we attach a classification "Company Cost Centre" (the same place where we attach the classification operating unit, inv org etc). In the others section, there are 2 additional information - GL company cost centre and reporting information. In the GL company cost, you need to attach the balancing segment value and the cost centre value. In the reporting information, you need to attach the manager for that organization. This ay the relationship between the cost centre and manager is created.
  Hope this clarifies.
  Vinit

• How to define permission in ADF Security programmatically

  Hi
  I try to develop an application in ADF and I need to declare Application-Role, Permission, Principal programmatically and store them in policy store.
  I found an example in chapter 19 of E10043-12 but it just creates Application-Role!! . I need know how can I detect my TaskFlow, PageDefination and other resources of my application at RunTime to protect them after deployment through a custom security console. In other word i try to find a way in which i store my pageDef or TaskFlow name in database or detect them programmatically in runtime and Grant Permission to my users or enterprise role for access/denied to my application pages, TaskFlow and also if possible entities and their attributes.
  [link to chapet 19 of E10043-12|http://docs.oracle.com/cd/E23943_01/core.1111/e10043/intregrating.htm#BABECICC]
  Thank you so much

  Hi,
  you can configure WLS to use the database as the policy store, which then means that you write permissions to the database infrastructure. However, you should be able to update the default file based policy store or OID based store as well
  For database OPSS store See: http://docs.oracle.com/cd/E15586_01/core.1111/e10043/cfgauthr.htm#CHDHAIBJ
  I am not sure if OPSS supports direct updates to the policy tables. Here's a blog post of how to update policies with WLST scropts: http://enterprisesecurityinjava.blogspot.de/2010/03/ok-more-details-here.html
  Bottom line is that this is less a ADF Security question than a general WLS/OPSS question of how to administer policies using a custom interface. For this you can use WLS MBeans and WLST script, which is my understanding.
  Frank

• How to Define Workbook / Business Ares Security Correctly for new Users

  Hi All,
  Please could you help me understand the Security Model for Workbooks and business Areas as I believe I am very close to understanding it, but missing something important.
  Background Information:
  We are using the predefined Oracle Business Areas (Payables, Receivables, Purchasing & General Ledger) to build our reports on. These are the steps I am taking to try and assign a new user & responsibility access to the existing report.
  1. I create the Report in Discoverer Desktop under the ‘General Ledger Responsibility’ logged in as myself – assume report name = ‘Report_1’.
  2. I create a new Responsibility in Oracle Apps called ‘Discoverer Resource Coordinators’.
  3. I create a new User in Oracle Apps called ‘Joe Bloggs’ and assign the responsibility ‘Discoverer Resource Coordinators’ to the Joe.
  4. Logged in as myself in Discoverer Desktop, Responsibility ‘General Ledger’ I Share the Report (Report_1) to the new Responsibility I just created ‘Discoverer Resource Coordinators’.
  5. In Discoverer Administration, Security, I assign the new Responsibility ‘Discoverer Resource Coordinators’ to the predefined Oracle Business Areas (Payables, Receivables, Purchasing & General Ledger).
  6. In Discoverer Administration I set privileges so that the Responsibility ‘Discoverer Resource Coordinators’ can do all tasks, query data, administer. .etc. etc..
  7. I therefore believe everything has been done and attempt to Login and run the report under Joe Bloggs, but am unable to retrieve any data.
  Help… what am I missing!
  Thanks,
  Lance
  Message was edited by:
  Lance

  Dear All,
  This has now been adjusted according to your recommendations but to no avail.
  Myself and Lance have ensured that this new responsibility has unlimited access to all the existing Business areas to eliminate joins within folders not being recognised, we have also ensured that the workbooks that have been created are shared with the correct responsibility.
  I have thoroughly tested this set up by logging in as this new responsibility within Disco. Client to try and retrieve data in a new Workbook, but even for the simplest of queries this fails.
  It seems that there may be a problem with the Responsibility linking to the EUL, could this be due to the new responsibility being created after the Current EUL was set up?
  Does anyone have any information or knowledge where this could happen?
  Regards
  Si

• Enable security manager netbeans - where/how ?

  How do I enable the java security manager in netbeans ?
  for example -
  the way I do on command line is :
  java -Djava.security.policy=/Desktop/TestSecurity/pol.txt -Djava.security.manager test
  Where do I give these options -Djava.security.policy=/Desktop/TestSecurity/pol.txt -Djava.security.manager while working in netbeans...

  * reply to peter lawrey
  my browser hs gone crazy..
  nope,
  the link talks about command line argument, this one is vm argument.
  Edited by: javaflex on Jul 28, 2008 1:31 PM

• Cannot assign custom security manager to repository

  Hello,
  I've been following the details on how to implement a read-only security manager (https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/e2ddd63d-0b01-0010-46bb-e092790068cb) and I have run into the following problem:
  After following the instructions for option B in the document (creating a security manager only) and  deploying my project, the new security manager appears in the list of managers on the admin screen (Content Management -> Repository Managers -> Security Manager) but it is not available in the drop down list of security managers for my repository. Without that entry I cannot apply the new security manager to my repository.
  According to the document, the new security manager should be part of this list but it is not even after I've restarted the J2EE engine.
  The document is dated May 2006 so perhaps there have been some changes to the system that are not covered in the document. We are running NW 7.0 SP14.
  Any help in determining why my custom security manager is not part of the security manager drop down list would be appreciated.

  Ok, after much decompiling and inspection of the standard KM security manager implementations I found the answer to my question.
  Basically I found that the security manager tutorial only applies if you plan on using your custom security manager with your own custom repository manager. You cannot apply a security manager created using that document to a standard KM repository manager.
  In my case I want to apply a custom security manager to a standard KM File System Repository. By inspecting the SFSRepositoryManager.cc.xml file I found the following entry:
  <attribute name="securitymgr.ref" type="ref" refType="/cm/repository_managers/security_managers/SecurityManager" mandatory="false" hotReload="true" />
  The refType value defines which security managers are displayed in the drop down list of available Security Managers at runtime for the repository manager. In order to get a custom security manager to be available you must define the cc.xml for your custom security manager so that it extends "SecurityManager" not "SecurityManagerMi" as the tutorial describes.
  Changing the extension means your security manager implementation must also change so that it extends com.sapportals.wcm.repository.manager.AbstractRepositorySubManager and implements com.sapportals.wcm.repository.manager.ISecurityManager.
  Now if only I could figure out how to reward points to myself .....

• Specifying system properties/security manager for OC4J

  I have a couple of related questions regarding OC4J/orion.jar:
  1. Generically, how can we specify system properties to orion.jar? Being an executable JAR, simply using -D does not work.
  2. Specifically, I need to launch the OC4J app server with a Java security manager (with associated security policies, etc.) Java's way of doing this is via -Djava.security.manager=... but this does not work with executable JARs it seems. I tried specifying these parameters via -D and I got a security exception:
  Exception in thread "main" java.security.AccessControlException: access denied (java.util.PropertyP
  rmission java.protocol.handler.pkgs write)
  at java.security.AccessControlContext.checkPermission(Unknown Source)
  at java.security.AccessController.checkPermission(Unknown Source)
  at java.lang.SecurityManager.checkPermission(Unknown Source)
  at java.lang.System.setProperty(Unknown Source)
  at com.evermind.server.ApplicationServer.initProtocolHandlers(ApplicationServer.java:652)
  at com.evermind.server.ApplicationServer.launchCommandline(ApplicationServer.java:319)
  at com.evermind.server.ApplicationServer.main(ApplicationServer.java:314)
  So, how do I install the Java security manager with orion.jar? Is there any other way to specify system properties to this, or is there any other way to install the Java security manager for OC4J?
  Any help much appreciated.
  ..Hrishi

  Thanks, that seemed to work. However it seems that spawned another little problem. I was using the -Xbootclasspath/a option while firing up orion.jar because I needed to append something to OC4J's default classpath (that is specified in orion.jar's Manifest). Now, when I start OC4J with the -D options for the security policy, it seems to ignore the -Xbootclasspath argument. I have not yet been able to confirm this fact, but based on the ClassNotFoundError I'm running into, that does seem to be the problem.
  So I guess my question is, could specifying the -D options to the executable JAR cause it to ignore any other options you may be passing to it (such as -Xbootclasspath)? Is there any sequence in which these args need to be passed?
  Thanks.
  ..Hrishi
  Hi,
  You can try this :
  - Check if you have a file java2.policy in <OC4J_HOME>\config\policy and check if the permission java.util.PropertyPermission "read,write" is granted to <OC4J_HOME>.
  if there is no file, you can create one based on <JAVA_HOME>\lib\security\java.policy and grant the approriate privileges.
  - Launch OC4J :
  java -Djava.security.manager -Djava.security.policy=<OC4J_HOME>/config/java2.policy -jar orion.jar
  OR java -Djava.security.manager -Djava.security.policy=<PATH_TO_FILE_POLICY>/<YOUR_FILE>.policy -jar orion.jar
  Maher

• How to setup security manager for applet at runtime?

  hello everyone,
  I am wonder if there is a way to setup security manager at runtime. This is what I am trying to do:
  1. Create a Applet GUI and allow users to specify in an input dialog box of the URL they like make connection to.
  I know there is two way of do this
  1. Is modify java.policy file and specify the URL SocketPermission to connect to.
  2. setup signed certificate applet.
  But, I would to try to see if there is a way to have applet make connection at runtime when users specify the URL.
  Anyone have any ideas.
  Thanks.

  Thanks, Peter
  Going over some articles you and references that you pointed out was very useful on how the java security model work and a little bit history too.
  So, I am assuming that I can make my own securitymanager class that defines the permission of the applet that I am working, using Permission, SecurityManager, ....etc class right? I just want to be clear on what I am going to be doing.
  If you have any other thoughts, Thanks,

• EIM/WIM: How to install MeadCo Security Manager?

  Hi,
  While logging into an EIM/WIM agent console an agent does not get the following message:
  This site might require the following ActiveX control: 'MeadCo's Security Manager from ... Click here to install...'
  As a result we cannot use the two-way cobrowsing feature of EIM/WIM.
  Please note we set cobrowsing attributes in the department and partition settings accordingly to allow that feature and in IE7 as well.
  What is wrong? How do we launch cobrowsing?
  Thanks.
  Igor

  [email protected] eGain, true cobrowsing is done with another product that you install. This was available with 4.2.x and could be used with 4.3 early release, but CoBrowse is not included in the 4.3 product set from Cisco. CoBrowse is a difficult problem because of dynamic content management and all the rules and security settings required, and by understanding is that Cisco did not think it was ready. My understanding is that it will be added later, along with pro-active chat etc.Just to make sure we are talking about the same thing .... what is it you wish to do? Follow me browsing driven by the customer?Regards,Geoff
  Hi Geoff,
  Thanks for your help.
  Yes, we do want to use cobrowsing driven by an agent or a customer, i.e. the "follow me" feature.
  So, if I understood you correctly we have to wait until Cisco implements this feature.
  Thanks.
  Igor

• How to start Enterprise Security Manager in 11g

  Hi All,
  How to start Enterprise Security Manger in 11g ? Should Grid Control be installed seperately ? There is no menu or utility that represent Enterprise Security Manager in 11g ? In 10g there is a menu item called "Enterprise Security Manager" , how to access it in 11g ?
  Regards,
  Senthil.

  my doubt is ,, just simply giving the above command the listener create and start or do i need to modify any other parameters which i have to copy from old listener file.The former. Unless you need/want to use non-standard parameters, you don't need anything else. Just start it.

• I received the following error when attempting to use HP ProtectTools Security Manager to manage my passwords; Firefox doesn't know how to open this address, b

  I use HP ProtectTools Security Manager to control my passwords. When i updated to Firefox 30. I received the following error message ; Firefox doesn't know how to open this address, because the protocol (dpql) isn't associated with any program. How can I solve this problem ?

  Hi le.hamzou,
  Previous suggestions were to update the Security Manager if there was one. There were also these add ons:
  [https://addons.mozilla.org/en-US/firefox/addon/fingerfox-se/ Fingerfox], but I am not sure if it will work on win8, it does on win7.
  Another work around I saw was [https://addons.mozilla.org/en-US/firefox/search/?q=ietab&appver=29.0&platform=all IE Tab].
  This reference may also help [http://kb.mozillazine.org/Register_protocol]
  Please post back with the results!

• Compensation Management - How to define the Compensation Area

  Dear Experts,
  We are implementing Compensation Management module for our client which contain global entities( 14 Countries.(Payroll- Country wise)
  Can you please guide me, how do define the Compensation Area for all the 14 countries.
  The following components are defined with similarities for our Client like (regionally)
  India Corporate Office:
  Salary Increase
  PMS Based Incentive(F)
  PMS Based Incentive(B)
  India Factory:
  Salary Increase
  Bonus Factory
  PMS Based Incentive(F)
  PMS Based Incentive(B)
  African Countries: (including 10 Countries having the same components)
  Salary Increase
  PMS Based Incentive(F)
  PMS Based Incentive(B)
  Bonus Africa(only)
  Europe: (3 Countries having the same components)
  Salary Increase
  PMS Based Incentive(F)
  PMS Based Incentive(B)
  Kindly guide me how to define the above business scenario into SAP and looking forward your valuable guidelines.
  Thanks in advance.
  Regards,
  Anbazhagan.N

  Hi,
  Do you mean to say you have diff payroll areas for India say Corp and Factory like wise,then you can group Compensation Area as 01-corp with Ctry Grp 40 and 02-Factory with Ctry Grp 40 so on and so forth,same with other countries depending upon their payroll.
  Also check with the Documentation of Compensation area.

• How do I reinstall the Hp Client Security Manager

  Hi, 
  Recently I uninstalled the Hp Client Security Manager on my folio 1040 because the fingerprint scaner stopped working and when I tried to log into it I got an error. I can't remember what the error was. So I uninstalled it and I can't find how to get it back. 
  Thanks!

  here the driver
  select your OS
  http://h20564.www2.hp.com/hpsc/swd/public/readIndex?sp4ts.oid=6569464
  Wisnu Suryandi

• How To Define Security in the deployment descriptor for an ejb

  Hi All
  Pls help!
  I am trying to call a remote ejb running on JBOSS in a remote server. Typically inside my code I would include a System.setSecurityManager() = new RMISecurityManager () etc. and specify a security policy file to use when running my client.
  But since I am running inside the application server where many other applications are running, I cannot use system.abc() it breaks everyone's application.
  Can someone please refer me to how to specify security manager policy inside the ejb-jar.xml deployment descriptor or how I can resolve the above issue. O am using OC4J to run my ejbs.
  Thanks
  Yours in Java

  Hi All
  Pls help!
  I am trying to call a remote ejb running on JBOSS in a remote server. Typically inside my code I would include a System.setSecurityManager() = new RMISecurityManager () etc. and specify a security policy file to use when running my client.
  But since I am running inside the application server where many other applications are running, I cannot use system.abc() it breaks everyone's application.
  Can someone please refer me to how to specify security manager policy inside the ejb-jar.xml deployment descriptor or how I can resolve the above issue. O am using OC4J to run my ejbs.
  Thanks
  Yours in Java

• Newbie: How does the security manager work with EJB?

  Hi,
  I am new to J2EE and do not seem to grasp how the security manager (or J2EESecurityManager) works with EJB.
  My bean does security-senisitive stuff (like getting the Policy object) and must not do so unless I give it permission in the policy file. So far so good. But the permission will only work if I grant it to ALL code, like:
  grant {
  permission java.security.SecurityPermission "getPolicy";
  Beans do not seem to have a protection domain or code source/certificates attached to it. so I cannot say
  grant "/file/sw/ejb/myejb.jar" {
  permission java.security.SecurityPermission "getPolicy";
  Why is that (probably because beans run remote)? But more importantly, how DO I set permissions based on which bean it is?

  If I add that directory as the codebase to
  a grant statement any class loaded from there will
  have the specified permission.I thought so, too, and that is why I went digging for the code source of my bean (i.e. where is it deployed, from where is it loaded) but that source is NULL:
  Some program output:
  ==Has security manager: com.sun.enterprise.J2EESecurityManager
  ==Code source is ProtectionDomain (null <no certificates>)
  The code seems to have no code source (null) and no signatures (in fact, I also signed my code with the keytool but that certificate did not show here either).
  I am running this against the j2ee server 1.3 -- just experimenting, but it does not go so well. :-)