How to restrict simultaneous log in of a user

Similar Messages

• How to restrict multiple log-ins by same user in SAP BO 4.0

  Hi ,
  Facing licence issue Due to subjected  error  .
  How to restrict multiple log-ins by same user in SAP BO 4.0
  Thanks in advance .

  Then I would say it is not possible:  Restrict multiple login in SAP Business Objects 4.0 SP6 for single user
  multiple login disable in BO | SCN

• Restrict multiple log in with same user ID

  I have a JSF Project where I use Oracle JAAS for Login.
  The login works perfectly and also the components on the JSF page shows as per User Role. I am using OAS 10.1.3.3.
  I want to now implement the code so as to restrict simultaneous logins with the same user id. That is a user id cannot be looged in at once to the server from more than one machine.
  The login.html is:
  <form  name="loginFrm" method="post" action="j_security_check">
        <p>Log in to access restricted zone.</p>
        <table>
         <tr>
          <td>User name</td>
          <td>
           <input id="j_username" type="text" name="j_username"/>
          </td>
         </tr>
         <tr>
          <td>Password</td>
          <td>
           <input type="password" name="j_password"/>
          </td>
         </tr>
         <tr>
          <td> </td>
          <td>
           <input type="submit" value="Login" onclick="document.body.style.cursor='wait';"/>
          </td>
         </tr>
        </table>
       </form>The securityconfig int he web.xml file is:
  <login-config>
        <auth-method>FORM</auth-method>
        <realm-name>jazn.com</realm-name>
        <form-login-config>
           <form-login-page>/login.html</form-login-page>
           <form-error-page>/loginError.html</form-error-page>
        </form-login-config>
      </login-config>
      <security-role>
        <role-name>ADMINISTRATOR</role-name>
      </security-role>   
      <security-role>
        <role-name>MANAGER</role-name>
      </security-role>
      <security-role>
        <role-name>INSURER</role-name>
      </security-role>
      <security-role>
        <role-name>TRACKER</role-name>
      </security-role>
      <security-role>
        <role-name>INSURER_MANAGER</role-name>
      </security-role>

  Then I would say it is not possible:  Restrict multiple login in SAP Business Objects 4.0 SP6 for single user
  multiple login disable in BO | SCN

• How to restrict data in reports for different users...

  i created a monthly_sales report on XYZ_SALES_FACT table
  i have to give restriction on reports based on the users.
  i.e. user_1 will access only NORTH region sales info on monthly_sales report
  user_2 will access only SOUTH region sales info on monthly_sales report etc.
  Note: my client is not agreeing to create multiple reports based on the user/region.
  how i have to give user restriction on report based on the users?

  Hi,
  You can create a VPD policy and then create a login trigger and pass SSO client_indentifier or database session_user (use if/then/else to protect both)
  You can check here for the VPD/login trigger.
  Disco Config Guide
  http://download.oracle.com/docs/html/B13918_03/security2.htm#sthref1002
  OTN articles
  http://www.oracle.com/technology/obe/10gr2_db_vmware/security/vpd/vpd.htm
  http://www.oracle.com/technology/oramag/oracle/04-mar/o24tech_security.html
  You can also use secure views, mandatory conditions in the EUL, etc.
  Some other related forums entries:
  Re: Using VPD with Oracle Discoverer without SSO
  Re: Restrict Data for a user without VPD
  May want to search, likely many others on the subject.
  Should give you a good place to start.
  Regards,
  Steve.

• SHD0 transaction-how to restrict the variant transaction to specified users

  I have created a variant transaction for MM02 wherein am disabling a field .I want this field to be disabled only for certain users.The variant transaction which I created affects all users.So,for everyone the field is grayed out.How to restrict this for specified users???

  Hello,
  Try to look an exit for that transaction, either user exit or badi, then try to disable the field doing a LOOP AT SCREEN, but first you should have the restricted users in a Z table, or by cheking the profiles for each user..
  Another way to do it is trying to do it the profiles customization, maybe you can do it that way.
  Cheers!!
  Dont forget to reward.
  Gabriel P.

• How come nobody can log in to a user account?

  10.6 Server functioning well in all configured aspects. Did a software update. I don't think it was an important one, perhaps Safari and iTunes which I did just because I always do all the updates. Then, I used Disk Utility to repair permissions. Again, just because some say that you should, and it has never caused me any problems.
  Instant disaster! Now nobody can log in to a user account to access any network home folders. All users can log in and access the Wiki service as normal. And I can log in via ARD and use Server Admin and Workgroup Manager. But no luck with users accessing the homes.
  I suspect inappropriate permissions at or near the top of my Users directory, but I am not sure. First of all, what may have happened, and then how can I solve this problem???

  I have no idea what may have happened (surely nothing SHOULD have), and I'm pretty much a novice (especially with NetBoot), but did you check in...
  - Workgroup Manager: User/'Basic' tab/"User can" access account
  - Server Admin: NetBoot (and NFS or Web) is running
  To check permissions 'at or near the top of the Users directory', use ServerAdmin/AFP/Sharepoints/Browse then click on the permissions tab and double-click the user/group name. Or select the user/group and click the gear icon below for more ways to cause trouble!
  Apologies if you knew all this already.

• How to restrict simultaneous execution of two programs?

  Hi Experts,
  Need inputs for the situation described below:
  We have two programs prog A and prog B. These are independent executable programs and have no dependency on each other. I want to restrict execution of prog B if prog A is running in any session by any user. Is there any system/basis table which stores runtime status of all the programs? There should be some table where all the currently executing programs get stored and once program is completed, entry is cleared from the table.
  One way can be:
  When prog A has started execution, add an entry in any Z table and at the time of finishing delete the particular entry. In prog B check that the table has any entry for prog A. If yes that means prog A is still running.
  Issue with this approach is, if program A has some error or cancelled while execution, it will not delete its own entry and hence even if prog A is finished, prog B will find entry in Ztable. 
  Any other way to achieve this functionality?
  This is very urgent.Please help!
  TIA
  Abhishek

  Hi,
  Although I don't understand why you need to serialized two programs
  that have no dependency on each other, maybe the following code can help provided the programs are executed using specific tcodes.
    DATA: BEGIN OF USR_TABL OCCURS 10.
            INCLUDE STRUCTURE UINFO.
    DATA: END OF USR_TABL.
  CONSTANTS: OPCODE_LIST LIKE TH_OPCODE VALUE 2.
    refresh USR_TABL.
    CALL 'ThUsrInfo' ID 'OPCODE' field OPCODE_LIST
      ID 'TAB' FIELD USR_TABL-SYS.
    sort usr_tabl by mandt bname.
  You can check wheter the other program(tcode) is being run from itab USR_TABL, good luck.
  Jeffrey Satriadi

• How  to Restrict G/L Accounts for One  User

  Hi All,
  I have to restrict the G/L Account when doing FI Postings  for  some particular Users ...
  Ex 100000 Is G/L to be Posted In  XXXX Plant.
       100001 Is G/L to be Posted in  YYYY  Plant 
  I have to give an Authorization  to User in XXXX Plant  to Post only  in 100000 G/L .
  Plz Suggest me at which level I can restrict the Postings ..
  Regards,
  Sriram.

  How about flagging the accounts as "Automatically posted only" and then let customizing take care of the ability to post to the accounts (automatic account determination)?
  That is, if that works for these specific accounts.
  Cheers,
  Julius

• How to restrict instance in swimlane to initiating User only?

  Hi,
  In my process, using BPM 11.1.1.6, there are two swimlanes. The first swimlane (SUBMITTER) allows a user to instantiate an instance, and after some service tasks, the user moves to the next human task, in the same lane. On submission, the instance moves to the second (APPROVER) swimlane. However, if the submitter has not yet submitted the second human task (say he just saves it) then ALL other SUBMITTERS in the same SUBMIITER lane, can see his data! Apparently, this is because the instance is given the SUBMITTER Role, and not assigned to the instantiating person.
  How can we restrict the instance to be assigned or restricted ONLY to the instantiating user (during its life in the SUBMITTER Lane), so that other submitters cannot see his instance?
  Any help is appreciated.
  Thanks!
  ps: We are instantiating the task via APIs, so we have flexibility to make an API call if we can know which API call will fix this. Thx.

  One thing you'd want to double check before continuing is to see how the predefined variable "creator" is set coming into the human task is set (not sure what this is set to when the API is used).
  Assuming the "creator" (or some other string variable) is set to your initiator's userid, here are the steps to assign this person to the task in a subsequent human task.
  1. Open the human task.
  2. Click the "Assignment" tab.
  3. Click the icon with the person in it -> click the "Edit" icon.
  4. In the dropdown, select "Names and Expressions" -> make sure that the "Value-based" radio button is selected -> click the + icon on the right -> under "Identification Type" select "User" -> under "Data Type" select "By Expression" -> under "Value" click the "..." button.
  5. Expand the "task" -> scroll down and select "task:creator" (or whatever string variable you have set to the userid of the person who created it in the API) -> click "Insert Into Expression" -> click "OK" -> "OK"
  Hope this helps,
  Dan

• How to  get the log on details of users in the given period

  Hi Frndz..
  I need logon information of portal users, means in a given period i need the information of each user when they loged in and how much time they are in portal and if it is possible whcih application they accessed.
  Am trying to get this from Portal Activity Reports but am not gettinig as per my requirment, n it seems to be not possible to customize as per our requirment.
  Thanks in Advance
  Regards
  Rajesh

  hi
  You can also directly query the following Portal database tables,for information on users:
  WCR_USERSTAT: Holds information about the number of users who logged on to the portal.
  WCR_USERFIRSTLOGON: Holds information about the first logon of each user and how many pages and iViews the user viewed
  WCR_USERPAGEUSAGE: Holds information about which users viewed which pages and iViews.
  Thanks
  Bharathi.ch

• How to create different log files for different users in log4j

  I want to create different logs for different users, using different appenders for each user so that logs are created in his file only.
  Confusion:How to direct them to different files in my logger class

  Hi Avi,
  First of all I have given a first reading to log4j and I think there will some more easy way of logging debugging messages than log4j (If you could provide me a detailed explanation of a servlet,jsp,java bean that uses log4j and how to use log4j then it will be very helpful for me). The other easy ways (if I am not using log4j) to my problem i.e creating different log files for each of web applications deployed in oc4j are
  I have created multiple instances of OC4J that are configured to run on different ports and so on each instance I have deployed a single web application . And I started the 2 oc4j instances by transferring thier error/log messages to a file. And the other way is ..
  I have download from jakarta site a package called servhelper . This servhelper is a thread that is started in a startup servlet and stopped in the destroy method of that startup servlet. So this thread will automatically capture all the system.out.println's and will print those to a file. I believe that this thread program is synchronized. So in this method I need not run multiple instances of OC4J instead each deployed web application on single instance of oc4j uses the same thread program (ofcourse a copy of thread program is put in each of the deployed web applications directories) to log messages on to different log files.
  Can you comment on my above 2 approached to logging debugging messages and a compartive explanation to LOG4J and how to use LOG4J using a simple servlet, simple jsp is appreciated ...
  Thanks and Regards,
  Ravi.

• How to restrict the all access ? Single user mode....

  I am doing export/import of schema objects from Windows to Oracle. How to make sure when I do the export in the migration database no one else is modifying the data. Is there any single user mode so that I can be sure of only one connection while exporting?
  Oracle 10g R2 on Windows Server.
  Thank you,
  Smith

  Perhaps you are not familiar with the concept of multi-version read consistency.
  No one can see that which is not committed and reads can never be blocked.
  If you want a system where no one can see things kill their sessions and do a STARTUP RESTRICT.

• How do stop automatically logging in to another user's account?

  My computer connects to SBC Yahoo DSL via PPPoE. The SBC Yahoo DSL account and password are set (in Internet Connect) so that when you click on Safari, the computer is able to connect to the internet without having to type in the account name and password each time.
  The problem is, there are multiple users on my computer who have Yahoo (or some variation of Yahoo, such as SBC Yahoo! or My Yahoo!) as a homepage. When one logs off, and I log onto my Yahoo homepage, I find I am still logged into the account of the user who just logged off. How do I stop this from happening?

  Hi mhoesq,
  Thanks for clarifying the different identities.
  Now, when each of you go to different parts of Yahoo, do you have a similar setup as with Safari, that is, each has a Yahoo identity and password ( I presume this if it says welcome so and so) and have you checked an automatic log-in/ remember me sort of thing.
  If that is the case ( and here I'm guessing) then if each person does not log out of their Yahoo account but just closes Safari, then the next time someone else logs in, Yahoo will think it is the same person.
  Safari will remember a user's homepage, and Yahoo will remember who is logged in.
  So adding to the scenario that you have described, if User A actively logs out of their yahoo account and then closes Safari and logs out of the Mac, then I would imagine when User B logs in, fires up Safari and is automatically logged in to a new yahoo account then it should say Welcome User B.
  There are a lot of presumptions here, but this may be the explanation.
  regards, roam

• How to restrict the attribute values for the user in query designer

  Hi All,
  I have a requirment where certain user would see certain vailes in the query desiner of the attribute.
  The requirment is we have planing material which is attribute of material
  When X user want to restrict the  values for planning material ,where he is able to see all the planning material.But who is not authorized for all the value.
  Ex: X user has authorization for see planning material 100,101,102. of material But when he try to restrict the planning material in query designer where is getting all values of planing material.
  Or
  is there way to blank the restriction help.so that he can't able to see values while restricting
  Please some one can advise me on it..

  Hi,
  Let me sum up:
  you have an object ZPLNMAT for the planning material
  you have the object 0MATERIAL for material and this object has ZPLNMAT as attribute.
  If you can restrict in the query designer, I suppose this attribute is then as navigationnal and also added in the multi-provider.
  The object ZPLNMAT is checked as relevant for authorization, and you set up a role with the attached values of ZPLNMAT this user should have access to.
  Are you sure the users are restricting on the ZPLNMAT object and not 0MATERIAL, because you should have everything now
  PY

• How to restrict access to views for some users in the app?

  Hi SDN!
  I have an WD application wich embedded in the portal. Appication has 2 iViews (and 2  pages respectively). These iViews consist several views connected with each other (e.g. one view provide list data, second view is add/edit form for this data). I need to restrict access for some users for view with add/edit form. I can't make separate page for this view.
  What I've done:
  1) create yet another UIContainer for this view in main window and embed view to this container. It was be done for create separate iView for form.
  2) in the portal I create iView for this form but don't embedd in any page.
  When I try to call my form from list data (that is one iView from another) I get exception:
  <b>com.sap.tc.webdynpro.services.exceptions.WDRuntimeException: duplicate usage of view .MyCarRentalAddCity</b>
  Is there a way to get needed functional?
  Thanks,
  Lev

  Hi,
  do you need to remove the IView from the portal menu or do you just want to make a View container in your WD application invisible if the user doesn't have the rights to see it.
  If so, you could create your own roles on the app server:
  You need to create a new class that extends NamePermission like:
  import com.sap.security.api.permissions.NamePermission;
  public class ApplicationAccessPermission extends NamePermission {
             * @param name
            public ApplicationAccessPermission(String name) {
                 super(name);
             * @param name
             * @param action
            public ApplicationAccessPermission(String name, String action) {
                 super(name, action);
  Also, you have to create an Action.XML file that looks like this:
  <BUSINESSSERVICE
       NAME="com.vendor.administration">
       <DESCRIPTION
            LOCALE="en"
            VALUE="actions view usage"/>
       <ACTION
            NAME="View Permission">
            <DESCRIPTION
                 LOCALE="en"
                 VALUE="Show view"
                 />
            <PERMISSION
                 CLASS="com.vendor.utilities.ApplicationAccessPermission"
                 NAME="ShowView"
                 />
       </ACTION>
  </BUSINESSSERVICE>
  If you have created these to files in your packages, you can access this function like:
  IUser user ;
  try {
            user = WDClientUser.getCurrentUser().getSAPUser();
            if(user.hasPermission(new ApplicationAccessPermission("Show view"))){
                 wdContext.currentV_UIElement().setViewVisibility(WDVisibility.VISIBLE);
            }else{
                 wdContext.currentV_UIElement().setViewVisibility(WDVisibility.NONE);
       }catch (WDUMException e1) {
            wdContext.currentV_UIElement().setViewVisibility(WDVisibility.NONE);
                  e1.printStacktrace();
  You have to bind the ViewVisibility attribute of the context to the View Container you want to hide.
  The applicationAccessPermission you defined in the XML File will be visible in the UME Manager of you J2EE engine. With this action you can create a new role and group that you can map to the users that should see you view.
  But, the exception you get is because you have embedded one view twice, which is not possible.
  Hope this helps.
  Regards,
  Dennis