How to implement method level authorisation in JSF

Similar Messages

• JAAS method level authorisation

  Hi
  Is it possible to do method level authorisation in java.
  I was under the impression you grant permission at the class level. Can you please inform as to
  how we can grant permissions at method level.
  example :
  class A {
  method1();
  method2();
  can I grant permissions to A.method1() to execute, without having to create an actions class
  with run implemented as required , that is :
  class actionMethod1() implements PrivilegedAction {
  run(){
  A.method1();
  because then I will have to create too many action classes !

  Hi, try this:
  Within method 1 of Class A, do a permission check at the beginning of the method.
  Class A {
  1. public void method1() {
  2. SecurityManger sm = System.getSecurityManager();
  3. if(sm!= null ) {
  4. sm.checkPermission( new XXXPermission() );
  5. }
  6. }
  where XXXPermission is the type of permission that your checking for. If the current thread doesn't have this (XXXPermission) permission, then a SecurityException will be thrown and the rest of the method will not be executed. Alternatively, I believe that the above code (line 2-4) can be replaced with :
  1. AccessController.checkPermission(new XXXPermission());
  I hope this helps. You can also try referring to: http://java.sun.com/j2se/1.4/docs/api/java/security/AccessController.html
  >
  Hi
  Is it possible to do method level authorisation in
  java.
  I was under the impression you grant permission at the
  class level. Can you please inform as to
  how we can grant permissions at method level.
  example :
  class A {
  method1();
  method2();
  can I grant permissions to A.method1() to execute,
  without having to create an actions class
  with run implemented as required , that is :
  class actionMethod1() implements PrivilegedAction {
  run(){
  A.method1();
  because then I will have to create too many action
  classes !

• How to Implement N-Level Approval for Bid,Live Auction,PO,Contract ?

  Hi Experts,
                I am new to SRM 5.0. My requirement is how to implement N-Level Approval for Bid, Auction, PO and Contract? Which steps should I follow for        N-Level Approval? Can any one send me sample code and name of BADI where I have to implement the code.
  Abhijeet Panse

  Hi
  Please check for <b>BBP_WFL_APPROV_BADI</b> using SE18 transaction for relevant Code as well and standard SAP documentation.
  Related sample code and other useful pointers ->
  WS14500015 is not working for Multilevel approval
  Re: SRM / Shipping cart
  Re: N Step Approval BADI - BBP_WFL_APPROV_BADI
  Re: N-step BADI workflow
  http://help.sap.com/saphelp_srm50/helpdata/en/8b/4fa9585db211d2b404006094b92d37/content.htm
  http://help.sap.com/saphelp_srm50/helpdata/en/2c/e68d406b305537e10000000a1550b0/frameset.htm
  http://help.sap.com/saphelp_srm50/helpdata/en/17/40a86c773d6c41801d78af1a34b90f/frameset.htm
  Multiple Implementation For BBP_WFL_APPROV_BADI
  Re: Help needed on N-Step Approval WFL for SC
  Re: N-Step 14000109 workflow - Unable to identify Approvers
  Do let me know.
  Regards
  - Atul

• How to implement data level security

  How to implement data level security in BI Publihser?. I am using Obiee enterprise edition and bi publihser. My requirement is to show data based on User- Region relation ship.
  User A - belongs to Eastern Region
  User B - belongs to Southern Region
  so if user A logged in he should see only Eastern Region report. If user B logged in He should see only Southern region. I am using direct sql to my oralce database as data source.
  i appriciate your help

  I am using a common database username and password for jdbc connection. what i am looking is based the BI Publihser login, is there any way?
  say i have userregion table joined with fact. so that i can write a query to get the data
  select c1,c2,c3
  from userregion, fact
  where fact.region=userregion.region
  and userregion.user = BIPUBLIHSERUSER
  but my question is ithere any variable to tell who is logged in BI Publisher? Any server varaibles?
  Other related question is, In every report i want to show User name who is running the report. How can i get this?

• How to Implement Strut Tiles  Framework in JSF

  Hi
  I am new to JSF tried to implent struts tiles in jsf 1.2 but i am facing some problm.
  is any one have ideas about how to implementing struts tiles framework in jsf??....
  Cheers
  Sekar M

  Hope the below URLs should answer your question
  [http://www.jroller.com/HazemBlog/entry/how_to_use_struts_tiles]
  [http://www.ibm.com/developerworks/library/j-integrate/]
  [http://www.laliluna.de/blog/2007/02/28/struts_tiles_jsf_myfaces_migration_or_integration.html]

• How to implement row level secuirty at universe level

  Hi All
  How can we implement row level security in universe ?
  John

  HI,
  Can we try this?
  Open designer >>tools>>Manage security>Manage access retrictions
  Click on "new" under available restrictions area .
  Select "rows" tab click add select the table and an appropriate where condition.
  Click ok .
  Add a user\group on which the retriction is to be imposed Click Ok.
  Hope this will help
  Kultar

• How to implement row level security?

  Hi all,
  There is a database which is for 3 companies to use it and how to use row level security to make sure that they can only manipluate their own data? For example, "employee" table, for each company they just can see their own employees information. How to use dynamic view to do it?
  Many Thanks
  Amy

  Here are two options to achieve what you want.
  A. You can do this by coding, that's if you are ready to. Are you? If yes then try the steps below:
  1. create a security codes table. Say for example
  001 - company a
  002 - company b
  2. create a security table that will list all users and which company they should have access to. You can also implement this by roles.
  3. alter all tables in the application schema to add a security code column. This will be a foreign key reference to table created in 1 above.
  4. update all data in the tables according to which company they belong to.
  5. write a procedure or package that does a validity check whenever a user requests for data. This procedure/package determines which company data the user has access/rights to.
  With this, you should be able to achieve what you want if you do not want to spend on VPD and FGAC. The problem comes where there are users who would have cross access to data from both companies. In this regard, then you have to modify your security table a little bit to handle this.
  B. This option i will admit is not so clean. You can also achieve this by two different views for every table in the application schema. And on each of these views, create a private synonym for every user. For illustration purposes:
  Table name = Employee.
  Create a view employee_a on employee
  create a view employee_b on employee
  Let's say you have users x and y. X has access to employees of company a and y has access to employees of company b. You can now create private synonyms for each of these users as follows:
  create synonym employee on employee_a in x schema.
  create synonym employee on employee_b on y schema.
  This i have not tried but believe should work.
  Hope one of these options serve your purpose.

• How to implement row level security using external tables

  Hi All Gurus/ Masters,
  I want to implement row level security using external tables, as I'm not sure how to implement that. and I'm aware of using it by RPD level authentication.
  I can use a filter condition in my user level so that he can access his data only.
  But when i have 4 tables in external tables
  users
  groups
  usergroups
  webgrups
  Then in which table I need to give the filter conditions..
  Pl let me know this ...

  You pull the Group into a repository variable using a session variable init block, then reference that variable in the data filters either in the LTS directly or in the security management as Filters. You reference it with the syntax VALUEOF("NQ_SESSION.Variable Name")
  Hope this helps

• How to implement Method output converion in BADI HRPAD00INFTYUI

  Hi All,
  I have to implement Output conversion method in HRPAD00INFTYUI for the requirement of adding custom field in the structure HRWPC_S_EP_COMMUNICATION. Usage is, In MSS general data service the manager should see his subordinates telephone extn number and his mobile number.
  While trying to add, system is asking for access key and one possible solution is append structure. I am confused after seeing the parameters in that BADI. Anyone please give solution for the above requirement. Please share code as well if you have.
  Thanks in Advance.
  S.Vikgnesh

  I am curious: can you explain WHY you want method level security? It seems woefully overkill and paranoid to me - server level security should be enough to keep out rogue code.
  Anyway for that level of security, the security measures built into the JVM should be used.
  [Java Security documentation|http://java.sun.com/javase/technologies/security/]
  You can also look into a security API like Spring security - be warned though, it has a steep learning curve.

• How to implement Dimension Level Security on Tabular?

  Not possible on SQL Server 2014 SSAS Tabular? How to work around?
  Kenny_I

  Hi Kenny_l,
  According to your description, you want to implement dimension security in SSAS 2014 tabular. Right?
  In Analysis Services Tabular mode, dimension level security (based on role permission) is not supported. This security can only used in Multi-dimension mode. In tabular mode, we can only use row-level security based on role permission.
  Please refer to links below:
  Implement Dynamic Security by Using Row Filters
  Reference:
  Comparing Tabular and Multidimensional Solutions (SSAS)
  If you have any question, please feel free to ask.
  Best Regards,
  Simon Hou
  TechNet Community Support

• How to implement Three Level Sort ?

  I am performing a complex search and get a List of Object. Now, the problem is I have to sort this list in three levels. That is,
  If I have Object like this
  public class A {
  private String id ; // unique for every record
  private String attr1;
  private String attr2;
  private String attr3;
  private String attr4;
  then I have to Sort the List of above type of objects
  First level -attr1 as Asc
  Second level -attr2 as Asc
  third level - attr3 as desc
  Could u suggest some way to implement this.

  I would suggest using the built in Collections framework for sorting.
  have class A implement the Comparable interface then implement the compareTo method as follows:
  public int compareTo(Object o) {
      A a = (A)o;  // <-- may cause ClassCastException if (o instanceof A) != true, but that should not be a problem.
      int value = attr1.compareTo(a.attr1);
      if (value != 0) return value;
      value = attr2.compareTo(a.attr2);
      if (value != 0) return value;
      value = a.attr3.compareTo(attr3);  //Notice I switched a.attr3 and attr3 for desc
      return value;
  }That should do it for you.
  Now put everything into an instance of java.util.List and pass that to java.util.Collections.sort(java.util.List);
  If you didn't create class A, and therefore can't add a method to it, then implement a Comparator. The idea is the same, just look at the java.util.Comparator API and use java.util.Collection.sort(java.util.List, java.util.Comparator) method to sort;

• How to implement row-level security in Discoverer?

  Dear all,
  I have a scenario that I have 2 folders containing sales and inventory data stored by product lines.
  The 2 folders are constructed by 2 SQL statements.
  There exists a set of tables controlling which product line's sales and inventory data a person can read.
  A function is written previously that returns the WHERE clause based on user_id, employee_id and the other parameter.
  So, can you suggest how to integrate the 2 components in Discoverer?
  thanks
  George
  My blog: http://hktour.blogspot.com

  hi Rod,
  Thanks for your suggestions.
  I took your 1st option, ie.
  "You can use VPD at the database level to secure the tables."
  I have a view BUDGET_V with the following columns:
  PERIOD_YEAR
  PERIOD_MONTH
  PRODUCT_LINE
  BUDGET_AMOUNT
  Every salesman can only read the budget amount of certain product lines.
  I built the security function which will be binded to the view BUDGET_V (see below)
  FUNCTION security_policy_function( p_schema in varchar2, p_object in varchar2)
  return varchar2
  as
  begin
  if (user = p_schema) then
  return '';
  else
  return viewProductLine(FND_GLOBAL.USER_ID, FND_GLOBAL.EMPLOYEE_ID, 'BUDGET_V.PRODUCT_LINE');
  end if;
  end;
  The security function actually calls my own security function viewProductLine(FND_GLOBAL.USER_ID, FND_GLOBAL.EMPLOYEE_ID, 'BUDGET_V.PRODUCT_LINE') which take the user id and employee id of the apps user and returns the predicate.
  Then, I bind the security function security_policy_function() to the view BUDGET_V with
  begin
  dbms_rls.add_policy
  object_schema => 'APPS',
  object_name => 'BUDGET_V',
  policy_name => 'MY_POLICY',
  function_schema => 'APPS',
  policy_function => 'security_policy_function',
  statement_types => 'select',
  update_check => FALSE,
  enable => TRUE
  end;
  The problem now is that if I query the view in Discoverer as a Apps user (say "A"), it returns all the records in the view without any filtering (user "A" is supposed be able to read certain product lines).
  I try to verify whether the security function work or not. So, I hardcoded FND_GLOBAL.USER_ID and FND_GLOBAL.EMPLOYEE_ID as 1234 and 6789 which are the user_id and employee_id of user "A". (see below)
  FUNCTION security_policy_function( p_schema in varchar2, p_object in varchar2)
  return varchar2
  as
  begin
  if (user = p_schema) then
  return '';
  else
  return viewProductLine(1234, 6789, 'BUDGET_V.PRODUCT_LINE');
  end if;
  end;
  This time, Discoverer returns only the records with product lines visible to user "A".
  So, I guess there is problem in the function call in viewProductLine(FND_GLOBAL.USER_ID, FND_GLOBAL.EMPLOYEE_ID, 'BUDGET_V.PRODUCT_LINE');
  Can you give me some light on this issue?
  thanks
  George (HK)
  My blog at http://hktour.blogspot.com

• How to implement a "plugin system" in JSF?

  Hi!
  I would like to make a system with can be extended using JAR (or WAR?) plugins...I know how to do using Swing but I'm new in JSF and I have a lot of doubts, I'm trying to find something on the net, I know I can force the navigation to go to a specific page (I can put the entry page of every plugin in a database) but can I mix 2 war and connect one to another (like for example with an entry page from the first one to the second one)?
  if not what can I do? Am I have to rethink the thing?
  thanks a lot!!
  Demetrio Filocamo

  Swing is a desktop tecnology.
  JSF is a Web tecnology.
  If the 2 Wars are deployed as two different web sites, then you can do navigation bettween them, like you do on Html.

• How to implement Aggreagtion level

  Hi Every One,
  I created Aggregation level and based on that created Planning Function..
  When using the t-code ' RSPLAN ' to create planning sequence , there in the edit sequence screen Filters are not populating for particular Planning function.
  Can anyone suggest the solution for how to populate the filter values in the above mentioned area.
  Regards,
  Sreeni

  Hi Sreeni,
  Could you please be more specific about "Filters are not populating"? What exactly is the error you hit?
  Basically you need to create filter for a aggregation level in RSPLAN -> click button 'filters'
  And for planning topic, could you please discuss it in forum: http://scn.sap.com/community/data-warehousing/business-planning/content
  experts for planning are there.
  Best regards,
  Giselle

• How to implement isTokenValid in JSF ?

  Hi guys,
  How to implement a same function in JSF for the org.apache.struts.action.Action.isTokenValid in struts ? Please help, Thanks !
  cheers,
  Mark

  Put your question in a Struts forum.