How to restrict the Request and Response process in that cookies should be Secure way SAP Portal 7.0 ?

Similar Messages

• How to restrict the modification of a process form field.

  Hi,
  Is there a way out to restrict the modification of a process form field.
  I have a process form field loginid which can not be updated in a target. I want to achieve the same in OIM. I have not created any update task for the field but if the user changes the loginid field then it is getting saved in the OIM database and hence any operation thereafter is falling.
  Thanks

  Hi Kevin.
  I really appreciate your help.
  But I tested your configuration in our environment and it doesn't work. The same error (The Resource has not been configured properly) is displayed when I try a provisioning for that resource. Anyway, we could not use this configuration here, because end-users shall have the option to change some values in their process form.
  I don't know why, but seems that when I define any field as Display-Only, the prepopulate adapter runs in a post-insert schedule and a error is given cause it try to fulfill a display-only field, which is not allowed.
  I try an alternative configuration, which works properly:
  - keep the field User ID as Text Field.
  - use the prepopulate adapter to populate this field with the User Login (previously defined in the User Definition form)
  - delete the property "required = true" to this field
  - set property "visible = false" to this field
  In this way, the end-users can modify the other fields, except User ID. Otherwise, they never will can see their own User IDs while making a request. For new users it will not be a problem because their User Login (on User Definition) and User ID (on Process Form) will be exactly the same, but for users that already exists in the target system, this values will be different which can originate small issues.
  Until achieve an understanding about why a display-only field can not be filled by an pre-populate adapter, I will use this setting above.
  Regards.

• How to get the number and response time of HTTP request through Weblogic?

  hi,
  does anybody know how to get the HTTP request information through Weblogic server, such as the number of HTTP request in 1 min and the average response time of request in 5 mins ?
  Or is there anyway i can do it through monitoring and get these data then? If so, please help tell me.
  Thanks in advance
  BTW, we don't have the 3rd-party monitoring tool here.

  Hi,
  tables: usr02, usr41.
  data: OPCODE_MODE_COUNT(1) TYPE X VALUE 3,
        modes like sy-index,
        u_MODES LIKE MODES.
  select * from usr02.
    select * from usr41 where BNAME = usr02-bname.
      CALL 'ThUsrInfo' ID 'OPCODE' FIELD OPCODE_MODE_COUNT
        ID 'TID' FIELD usr41-TERMID
        ID 'MODES' FIELD MODES.
      IF SY-SUBRC = 0.
        u_MODES = u_MODES + MODES.
      ENDIF.
    endselect.
    if sy-subrc = 0.
      write:/ usr02-bname, u_MODES.
    endif.
    clear u_modes.
  endselect.

• How to monitor Http Request and Response when load testing is going on

  Hi,
  can any one please let me know how to monitor http request sent and response received for each virtual ID when a load test is going on ?
  Thanks,

  You used to be able to see what the VUs "see" using the "VU Monitor" (it would only do a simple rendering of the HTML but it served it's purpose). However this was replaced (in v12 I think?) by the "VU Log". While this offers simlilar functionality, I have had problems getting to see the same level of detail. You may need to use the "debug" modes. Also check the "Content" tab within the VU Logs (it is the closest equivalent to the HTML you would see in the responses in the old VU Monitor).

• How to restrict the PA30 and PA40.

  Dear Experts,
  Need so help to resolve the below issue.
  Through the ABAP-HR program we are sending an email to the particular mail ID.
  FOR HIRING A NEW EMPLOYEE:
  while performing PA40 it has give authorization to user to update 0000,0001 and 0002 and it has to block the user not to update further any info type and a mail has to be sent to the mail ID( EX: Superior) which is maintained.
  FOR EXISTING EMPLOYEE:
  When ever the user want's to update the master data thru PA30 an email has to be sent to the mail id which is maintained to get the approval.
  Is it possible to do this with out workflow.
  Thanks in Advance.
  Regards,
  Prasad

  Hi,
  Means when ever User want to change the Master data through PA30 mail has to send to his superior and after getting the approval user has to change. is your query ?
  have you maintained any workflow ? how the system configuration has done can you explain the configuration.

• How to change the day and time seen on the calendar

  Hi.
  I am a bit confused as to how to restrict the day and time shown on a calendar.
  The ical help says this:
  To change the days of the week or the number of hours that appear in the main calendar view, choose iCal > Preferences, and make your choices from the Week and Day pop-up menus in the General pane. For example, you can choose to only see the hours from 9AM to 5PM on Monday through Friday.
  However, in my preferences pane, i don't have a either a week or day pop up menu that i can see, so i can't seem to restrict these fields. It's really frustrating as calendars are beginning at 1am!!!!
  Anybody got any ideas?
  Thanks
  David Tobin

  OK, but what did the help menu mean when it said..
  To view the day's, week's, or month's events, click the Day, Week, or Month button at the bottom of the iCal window.
  To change the days of the week or the number of hours that appear in the main calendar view, choose iCal > Preferences, and make your choices from the Week and Day pop-up menus in the General pane. For example, you can choose to only see the hours from 9AM to 5PM on Monday through Friday.
  To change which months are shown in the mini-month calendar (in the lower-left corner of the iCal window), click the arrows above the mini-month calendar. To see more than one month, drag the mini-month divider (the horizontal gray bar above the diamond) upward.
  To see events that are earlier or later in the day, use the scroll bar on the right side of the main calendar view.
  To change the range of time in the main calendar view that is not shaded (representing your "normal" day), choose iCal > Preferences. In the General pane, choose the times you want to appear in white (not shaded) from the "Day starts at" and "Day ends at" pop-up menus. All times outside that range are shaded.
  This suggests that you should be able to limit the hours actually shown on the calendar to a set range as opposed to just changing the shaded area.
  Have you any idea how to achieve this, as i don't see the popup menu suggested with...
  To change the days of the week or the number of hours that appear in the main calendar view, choose iCal > Preferences, and make your choices from the Week and Day pop-up menus in the General pane. For example, you can choose to only see the hours from 9AM to 5PM on Monday through Friday.
  I am confused!!
  Any other ideas?
  David Tobin

• How to configure the KMC and Business packages in trail version 7.0

  Hi Experts,
  I have installed the Sneak Preview version 7.00 SP9 from the sdn.
  If i want to start working on the KMC
  What i need to install and configure for KMC and collabrations.
  If i need to install, where i will get the installables and documentaion.
  In the same . I would like to install the business packages also in the same server. where i will get the insallables and related dcoumentation.
  R/3 version is ECC6
  Regards
  Vijay
  Regards
  Vijay

  Dear Samuli,
  Thanks for the Replay,
  We are using HTTPS and SSL confined but man in the middle types of attack is happening here there using one tool based one there taking the Request and Response.The below given cookie are available in that request.
  According to this , set-cookie: JSESSIONMARKID , JSESSIONID and MYSAPSSO2 values are user login time it will change every time  are not.
  After  capturing above response HTTP/1.1 302 etc , when user gives valid credentials and logs in ,
  and now ill give wrong password and wrong user id and on click of log on button, i can intercept the request and response coming from the server and when i replace this valid response stil i am able to loggin in to the portal , which should not happen as JESSIONMARKID is changed , server should not allow , but it is loggin in.Standard Login page also allowing to login in this case.
  My server version is EP 7.0 SP 12.
  Please suggest a solution so that if we restric the hacker at this stage , no matter he can never hijack the sesiona and login  with invalid username and  password.
  Thanks for Advance
  Thanks and regrades,
  Durga Rao.

• Request and Response Objects

  Hi,
  I was told that there is a limit for the request and response object sizes and crossing them will throw IllegalStateException. Could some one explain whether this is true and what is the maximum size of the object allowed?
  Thanks,
  Des

  As far as I know no such limit is defined by the API. There will always be a limit due to implementation and underlying architecture. Which particular implementation of request/response are you concerned about?

• How to restrict the length of input field

  Hi,
  How to restrict the length of input field. That is we should not be able to enter more thatn 10 charecters.
  Regards,
  H.V.Swathi

  Hi swathi,
  For this you have to create a simple data type. No need of writing a code.
  Go to Dictionaries -> Local Dictionary -> Data Type - > Simple Type - > Right click and "Create Simple Type".
  Here you should create a Simple type with String as built-in Type. Here you will also see the Length Constraints option.
  Set the value of maximum length and minimum length. In your case set the value of maximum length to 10. At runtime this will not allow the user to enter more than 10 characters.
  Now create an attribute and bind it to this newly created simple type. Bind the value of the input field with this particular attribute.
  Regards
  Manohar

• How to send a request and get a response through xml

  How to send a request and get a response through xml files?

  This is the code that works for me. Hope you find it useful.
       public static String sendHttpGetRequest(String endpoint, String requestParameters){
            String result = null;
            // Send a GET request to the servlet
            try{
                 // Send data
                 String urlStr = endpoint;
                 if (requestParameters != null && requestParameters.length () > 0){
                      urlStr += "?" + requestParameters;
                 URL url = new URL(urlStr);
                 HttpURLConnection conn = (HttpURLConnection) url.openConnection();
                 conn.setRequestProperty("Accept", "application/xml");
                 // Get the response
                 BufferedReader rd = new BufferedReader(new InputStreamReader(conn.getInputStream()));
                 StringBuffer sb = new StringBuffer();
                 String line;
                 while ((line = rd.readLine()) != null){
                      sb.append(line);
                 rd.close();
                 result = sb.toString();
            } catch (Exception e){
                 e.printStackTrace();
            return result;
       }

• How to trigger the automated row fetch process and open modal window by javascript api?

  Hi,
  I would like to click the one row of column of IR report, to open the modal window of current page.  <----------------it is ok. I can use "javascript:openModal('windowID')"  to do it.
  There is one form in this modal window, Meanwhile, I would like to pass column data to this form.    <--------------------- it is ok also. I can use " $s('P7_ID','column_value');" to do it.
  But I don't know how to trigger the "automated row fetch" process of this form to retrieve other field's value in this form.   
  I tried to use following 2 ways. But failed.
  First method:
  add one ajax process of "automated row fetch" in "page processing" block, named "get_fetch_data"
  when click IR column , call "openModal", and call  "apex.server.process ( "get_fetch_data", {}, { success: function( pData ) { }  } );"  , I tried to call above ajax process to refresh form. It is failed.
  Second method:
  add one process of  "automated row fetch" in "page rendering" block, named "get_fetch_data"
  when click IR column, call javascript api "apex.submit" to submit current page , then call "openModal".
  such as :  javascript:apex.submit({request:'MODIFY',set:{'P7_ID': #ID#}}); openModal('trade');
  But it is failed also. the modal page is showed firstly. then page refresh. but modal window will not open again.
  I am not sure if my thinking is right. Could you please provide any suggestion?
  Thanks in advance,
  Ping

  Hi Ping,
  You can try to set the session state of your modal page's primary key before opening the modal page. Use one dynamic action (on click of IR row) with two true actions. First one to set session state of modal page pk, second on to open modal page.
  Or you can add the modal page url as link in your report by extending your query:
  select ...
  ,         apex_util.prepare_url( 'f?p='||:APP_ID||':7:'||:APP_SESSION||'::'||:DEBUG||':7:P7_ID'||COLUMN_VALUE ) as link
  from ...
  This will give you the url of the modal page, with set primary key.
  Regards,
  Vincent Deelen
  http://vincentdeelen.blogspot.com

• How to retrieve SOAP Original Header from request and response

  Hi,
  Does anyone know how to retrieve SOAP original header from SOAP request and response? I surfed but I'm able to see only the retrieval of SOAP custom headers via BPM mediator. Can anyone please help me regarding this? Also Please tell me how to check the headers in the Enterprise Manager.

  HI Chandra,
  Thanks for your suggestions.
  But i think in my case we do not want to get the complete list. We still want to get only 100 items initially and then if the user would scroll down he/she would see more items. But we already need to know the total number of items for the purpose of showing a message to the user. For e.g. Total issues (515),  but the table would initially show only 100 and then another 100 after scroll. So setting the size litmit to max would not help.
  And to be able to use the $count you mentioned, we have to still make another oData service call which we do not want.
  But as i mentioned there is already a property named "__count" in the response of the bindItems() method call and i see that it has correct count but not sure how to retrieve it inside the controller. Thanks.
  Regards,
  Ashish

• How to get the values and attributes of Longlived processes by using ProcessID.

  Hi Experts,
  For  every process we creates, LC ES2 creates processID.
  we know that if you creates  a long lived process, all  the  values which are in proces will be stored some where  in DB.
  Here my requirement is by using  processID I need to get all/some values/variables stored in database.
  I am not able to get values using processID. Here I don't have clue on  how to get the values.
  Please tell me  how to get the same by using  Process Management. Link/guide would be helpful
  Thanks
  Praveen.

  Searchable means you can put a filter criteria on it (e.g. where amount > 50000)
  Visible means you can add have this column returned as an output (and therefore you can add it as column in listview and see it in Task Details).
  These two attributes were provided so that queries could be done against the process variables, but the exact contents of the variables are not allowed to be seen.

• How to restrict the quantity & rate of MIRO with MIGO and PO

  Hi friends,
  Can any body tell me how to restrict the quantity & rate of MIRO with MIGO and PO.
  e.g. if we have done MIGO for quantity 10 and the rate maintained in the PO is Rs.100.Then at the time of MIRO system should not allow to change the quantity and rate.
  How we can do this?
  Regards  
  Purnesh Sharma

  Hi,
  You are misunderstanding the use of MIRO.
  If you change the details in MIRO you are NOT changing anything. You are just entering the price and quantity from the Invoice.
  If this price and or qty is different from the GR aqty and PO price then the system will block the invoice for payment (and it can issue messages toinform the buyer if configured correctly).
  The whole design of MIRO is based on the principle that you enter EXACTLY what the vendor has put on the invoice. By preventing the users from changing anything you will get NO mismatched invoices, but you will not be paying the vendor the amount specified on their invoice. This will surely cause problems.
  If you do want to ensure that ONLY the GR qty and the PO price are used and cannot be changed then why not consider using ERS (Eveluated Receipt Settlement. this is basically self billing.
  Effectively you will be paying the vendor based on what you have received in MIGO multiplied by the price from the PO. (which is what you would be doing if you stop any changes in MIRO)
  Steve B

• How to restrict the last record and not moving to next reocrd

  1) how to restrict the last record and not moving to next reocrd.
  2) Also for the F6 key(for new record).

  When you are on the last record, next-record will create a new one, so that my question is do you want to forbid new record creation.
  Francois