How to restrict access to portal based on entitlements.

Similar Messages

• How to restrict access to portal when LDAP is used ?

  Hello,
  We implemented an XSS portal using Active Directory as user source. However we are facing a worry : all declared users in LDAP are allowed to connect to portal, even they are not declared within our ECC6 backend.
  I have been told that in an normal situation, unauthorized users should be stopped after authentication by a white screen informing that they are not allowed to access the application.
  Can anyone tell me what miss in the configuration that I set ?
  Regards,
  Sabrina CARK

  So all the users who fall within the group everyone will have the default role and will be able to logon to the portal. However since they dont have access within the R3 they wont be able to execute any transaction if you have enbled SSO with logon tickets (AND NOT User Mapping).
  If I were to configure a scenario like you, I would put in all the users who have access to XSS into a common group and do role mapping for XSS roles only with that group. This would ensure that the XSS tabs are visible only to members from that group. While all other users will have access just to the Home tab post logon
  Thanks,
  GLM

• How do I access the web-based utility

  I just purchased a wireless router...WRT300N. I want to access the "web-based utility" in order to update the firmware.
  How do I access the web-based utility...help!
  Thanks.

  Access the router’s web-based setup page.
  For instructions, click here.
  Linksys Easy Answer 4030, applies to WRT300N
  Upgrading the Linksys Router's Firmware
  Hope this helps,
  Lilla
  Westell 6100 modem/router; Linksys WRT54GL v1.1 router firmware 4.30.9; Linksys WPC54G v2 Notebook Card; CenturyTel DSL using PPPoE

• How to restrict access in 2008?

  How to restrict access in 2008?
  So, I would like to do the 2 following things:
  1. Grant developers access to read all Active Form Comonents
  2. Create new Form Groups
  3. Not be able to change nS Resticted AFC
  and
  1. Grant developers rights to Create Ous
  2. Add/Rmeove Members to OUs
  3. Remove rights to add/remove to/from Site Admin OU
  Any suggestions on how to do that?
  So far I tried the out of the box Capabilities and Permissions, created custome ones, but still no luck in accomplishing all 3 items.

  Your request #1 is not possible. In paticular, you can't create new form groups and still not be able to change all form groups. Please submit an enhancement request, asking that newScale support your desired role configuration.
  Similar problem with #2.

• Restricting access to link based on a user's accesslevel

  I've gotten the DW login feature working for restricting
  access to pages based on a user's successful login and associated
  accesslevel. However, I have some links that open an Excel
  spreadsheet and an Outlook calendar. Is there an easy way to
  restrict access to a link so that an unauthorized user can't
  navigate to the link? Here's my code for the link:
  <td height="19" colspan="3"
  valign="top"><em><strong><a
  href="STI-Intranet/XLS/PROD_SCHED.xls" title="Current Production
  Schedule (Read Only)">STI Production Schedule
  </a></strong></em></td>
  <td height="4%" valign="top"><strong><a href="
  http://server_3/public/cal_engineering/"
  title="FROM INTRANET"><font size="2" face="Verdana, Arial,
  Helvetica,
  sans-serif">INT</font></a></strong></td>

  What server side language are you using? Do the links need to
  be restricted
  to just one access level, or multiple levels? Should it be
  blocked for only
  one level or multiple?
  Bryan Ashcraft (remove brain to reply)
  Web Application Developer
  Wright Medical Technologies, Inc.
  =============================
  Macromedia Certified Dreamweaver Developer
  Adobe Community Expert (DW) ::
  http://www.adobe.com/communities/experts/
  "mslee1965" <[email protected]> wrote in
  message
  news:e52o7e$3ak$[email protected]..
  > I've gotten the DW login feature working for restricting
  access to pages
  > based
  > on a user's successful login and associated accesslevel.
  However, I have
  > some
  > links that open an Excel spreadsheet and an Outlook
  calendar. Is there an
  > easy
  > way to restrict access to a link so that an unauthorized
  user can't
  > navigate to
  > the link? Here's my code for the link:
  >
  > <td height="19" colspan="3"
  valign="top"><em><strong><a
  > href="STI-Intranet/XLS/PROD_SCHED.xls" title="Current
  Production Schedule
  > (Read
  > Only)">STI Production Schedule
  </a></strong></em></td>
  >
  > <td height="4%" valign="top"><strong><a
  href="<a target=_blank
  > class=ftalternatingbarlinklarge
  > href="
  http://server_3/public/cal_engineering/"">http://server_3/public/cal_engin
  > eering/"</a> title="FROM INTRANET"><font
  size="2" face="Verdana, Arial,
  > Helvetica,
  sans-serif">INT</font></a></strong></td>
  >
  >

• How to restrict logging on portal (Performance issue)

  Hi guys,
  does anyone know how to restrict logging of the portal? Even though I made a change on Visual Administrator -> Services -> Log Configurator setting ALL categories to severity = 'Error', I keep getting 'Info' severity traces logged in defaultTrace.trc (viewed by Logg Viewer). Which in practise means tons of logged trace information! I think this might be one of the reasons we have been experiencing performance issues lately.
  Does anyone know how to restrict this logging?
  Any help greatly appreciated!
  Cheers,
  Frank

  Hi,
  I would not only set the severity of categories to 'Error' but also locations to 'Error'.
  A log controller - can be a "category" or a "location".     Categories are used for "logging" and represent problem areas such as network, database, security, user interface, etc. Identified by a slash-separated ('/') path of names, prefixed with an additional slash.     Locations are used for "tracing" and correspond to places in the development components. Identified by a dot-separated ('.') path of names, which is often the name of the respective java package.
  Greetings,
  Praveen Gudapati

• How to restrict access to views for some users in the app?

  Hi SDN!
  I have an WD application wich embedded in the portal. Appication has 2 iViews (and 2  pages respectively). These iViews consist several views connected with each other (e.g. one view provide list data, second view is add/edit form for this data). I need to restrict access for some users for view with add/edit form. I can't make separate page for this view.
  What I've done:
  1) create yet another UIContainer for this view in main window and embed view to this container. It was be done for create separate iView for form.
  2) in the portal I create iView for this form but don't embedd in any page.
  When I try to call my form from list data (that is one iView from another) I get exception:
  <b>com.sap.tc.webdynpro.services.exceptions.WDRuntimeException: duplicate usage of view .MyCarRentalAddCity</b>
  Is there a way to get needed functional?
  Thanks,
  Lev

  Hi,
  do you need to remove the IView from the portal menu or do you just want to make a View container in your WD application invisible if the user doesn't have the rights to see it.
  If so, you could create your own roles on the app server:
  You need to create a new class that extends NamePermission like:
  import com.sap.security.api.permissions.NamePermission;
  public class ApplicationAccessPermission extends NamePermission {
             * @param name
            public ApplicationAccessPermission(String name) {
                 super(name);
             * @param name
             * @param action
            public ApplicationAccessPermission(String name, String action) {
                 super(name, action);
  Also, you have to create an Action.XML file that looks like this:
  <BUSINESSSERVICE
       NAME="com.vendor.administration">
       <DESCRIPTION
            LOCALE="en"
            VALUE="actions view usage"/>
       <ACTION
            NAME="View Permission">
            <DESCRIPTION
                 LOCALE="en"
                 VALUE="Show view"
                 />
            <PERMISSION
                 CLASS="com.vendor.utilities.ApplicationAccessPermission"
                 NAME="ShowView"
                 />
       </ACTION>
  </BUSINESSSERVICE>
  If you have created these to files in your packages, you can access this function like:
  IUser user ;
  try {
            user = WDClientUser.getCurrentUser().getSAPUser();
            if(user.hasPermission(new ApplicationAccessPermission("Show view"))){
                 wdContext.currentV_UIElement().setViewVisibility(WDVisibility.VISIBLE);
            }else{
                 wdContext.currentV_UIElement().setViewVisibility(WDVisibility.NONE);
       }catch (WDUMException e1) {
            wdContext.currentV_UIElement().setViewVisibility(WDVisibility.NONE);
                  e1.printStacktrace();
  You have to bind the ViewVisibility attribute of the context to the View Container you want to hide.
  The applicationAccessPermission you defined in the XML File will be visible in the UME Manager of you J2EE engine. With this action you can create a new role and group that you can map to the users that should see you view.
  But, the exception you get is because you have embedded one view twice, which is not possible.
  Hope this helps.
  Regards,
  Dennis

• How do I access the portal "builder"?

  It seems like I am successfully logging in as the orcladmin user via the Login link off of the portal home page (/pls/portal/portal.home), because there is no error upon logging in and I can access the OID admin pages. However, I can't seem to figure out how I get to the pages that will allow me to build portal pages, etc. All I see is the "Home", "Community" , "Refresh","Login" and "Help" buttons on the top navigator. Is there a url that I can type in to access the portal builder pages?
  I am quite certain that I am logging in properly because after my initial login, when I click the Login link, it does not take me to the login page, just leaves me where I am at.
  Upon my initial login, should'nt I be forwarded to the portal admin page or something??
  Any help would be appreciated.

  once you login, click on the "corporate documents" tab.
  a link to the "builder" should show up in the top right.
  clicking on that gets you what you want. (there is then a link to navigator on the top right of that page...if you want to work on pages).

• How to secure access of Report based on a condition

  Hello Experts,
  My project requirement is to secure BW Reports based on a condition. For e.g a user should be authorized to access the Report if:
  1. He is the WBS Manager of the selected WBS Element
  OR
  2. If he is authorized to access the Profit center Hierarchy Node which is the parent of the selected WBS Element.
  I think this may be achieved by using a Customer exit in the Analysis authorization but i don't know how.
  Do you have any idea, whether it is possible to achieve in BI7 Security Model? Any help will be highly appreciated.
  Thanks
  Rajat

  Hi Tomer,
  There will be a selection variable for WBS in all BW reports. If the user selects a particular WBS Element then he can only see the result of the report if he fulfill EITHER of the following conditions:
  1. If he is the WBS Manager of the selected WBS Element
  OR
  2. If he is authorized to access the Profit center Hierarchy Node which is the parent of the selected WBS Element.
  WBS managers will keep on changing so it is not possible to maintain the users in one role.
  Secondly, according to the second condition, even if the user is not WBS Manager but he is authorized to access Profit center Hierarchy Node, which is the parent of the selected WBS Element, he should view the report.
  Please let me know if don't understand the question.
  Thanks
  Rajat

• How to restrict the idoc creation based on the distribution model

  Hi all,
  I want to create the idocs for certain material types only, for this i configured Distribution  model and set the filter for material types.
  If the delivery is created with the material type which is not in the filter means,
  Idoc is creating for that Delivery with header segments only and restricting Item level segments.
  it is coming to XI and failing in mapping every time.
  I do not want to generate the whole idoc itself. Am i missing any thing??
  Regards
  Edited by: Suman gupta on Jun 10, 2010 11:13 PM

  Hi Mike,
  >>config in PI in the routing condition - if no lines exits don't send the message to the mapping/receiver
  If no lines exists we can restrict don't send to receiver, but how can we restrict dont send to mapping??
  It comes to mapping and failing in PI MONI.
  Is there any way that i can restrict the Idoc generation itself in ECC ??
  Regards

• How to restrict access to sub folders (apart from Manual settings)?

  Hi,
  Is there any method to stop the  group traverse from main Folder to sub folder when user group has access to main folder?
  So that no need to give no access to sub folders manually for given group.
  Manual access settings have become tedious due to large number of sub folder and user groups.
  Scenario:-
  There is a main Folder F1 and it has 100 Sub Folder SF1 to SF100. And these sub folders has child folders.
  Group G1 should have access only  F1, and should not have the access its child folders.
  How can we eliminate manual work to remove access for each group at each sub-folder level?
  Thanks,
  Anu

  Access restrictons by default are inherited from parent folders downward.
  You can break the inheritance, but you'll still need to manualy setup initial security.
  Details are in the Admin guide.

• Restrict access in report based on compnay codes and cost centers

  Hi,
  We are using a standard report, which is  assigend to a Z transaction and assigend to the role.
  The report need to be restricted based on the company code and cost center   ?
  but i could not find any AUTHORITY- CHECK statements in the code ( there is only authority check statement for object G_803J_GJB which has authorization groups and aCTVT field.)
  Please let me know what steps need to be followed to restrict the report based on company codes and cost centers.
  Thanks for your help in advance.

  Thanks all for the quick response.
  Steps to be followed:
  1) incorporatomg AUTHORITY-CHECK  statements for K_KOSTL and F_BKPF_BUK objects in the program.
  2) adding the objects as check yes in SU24 for the Z transaction.
  and restricting in the role.
  The program name is "GP3O4ZGOOF3HA68QMGHF8S7I9ER250".
  Please let me know if any more steps need to be followed.
  Based on this i have to send a estimate to my client.
  Thanks,
  Sanketh.

• How to restrict free goods determination based on item category

  Hi All,
  We have a process where when goods for a sales order are returned , we add a line item to same sales order with a return item category.
  The issue is we have free goods determination activated for this document type and it works even for the returns item added to this order latter, whereas we don't want free goods determination to work for the returns item.
  Can anyone please advise how this can be achieved.

  Hi,
  I can think of one of the probable solution for your requirement.
  Your need to create new condition table with item Category as one of the key combination.  I think you need to update the item category in field catalog as well as in Doc Structures. Then maintain free goods condition record all the item categories except for the Return item category. This way you can exclude free goods activation for return items.
  Note : If the number of active item categories are more then it may be difficult to maintain condition records for the item categories.
  Hope this will help
  Regards,
  Sanjay

• How to restrict access to a deployed web application

  I have a web application (ear-file) and i want to configure NetWeaver so that only certain users can use the web application.
  How/where to configure the Application server to reach that goal?

  Hi Ludger,
  You can create J2EE Security Roles:
  http://help.sap.com/saphelp_nw04/helpdata/en/c2/e13e4045796913e10000000a1550b0/frameset.htm
  Regards,
  Siddhesh

• How to restrict access of data in Infocube

  Hi BW Experts,
  We got HR project and we loaded the Data from Flat File. We developed reports as per their requirement.
  As per some condtions, we should not see the HR Data in Infocube as well as in Report.
  We are having only one role which has all authorizations (SAP_ALL and BI_ALL)
  I know one solution i.e, we have to restrict all Infocubes except HR cube, then only we cant see the data. But we dont want to disturb our existing Role.
  Please can any one tell me other solution.
  Regards,
  Anjali

  Hi Anjali,
              Please check here......
  Authorization issue to view cube contents
  Re: Authorization Object issue
  Thanks,
  Vijay.