HTTPService basic authorization headers...

Similar Messages

• Basic Authorization

  I have been trying to get this to work for 2 days. My app us
  up and running using Basic Authorization. I've used Curl to confirm
  that I can access protected URLs. But from my Flash movie it
  doesn't work. My script is pretty normal, as you can see in the
  attached code.
  If I run it from with Flash CS3 the response is my login
  page. This should not be happening since I am sending the username
  and password in a header. But I am not sure which version of the
  Flash player it is using (it just says version 9 ...) I know that
  version 9.0.115.0 won't allow the Authorization header. Perhaps
  that is the problem.
  So I upgraded my Flash player plugin for Firefox to the
  latest, 9.0.124.0, saved my movie and stuck it in a web page on the
  same server as my application. And there is no response. Not even
  the login page. It's as if the request isn't even being sent. The
  contents of the dynamic text box 'escupe' says 'XML Loaded: false'.
  I am at my wit's end. Can anyone give me a hand with this?
  I've seen this code or variations thereof posted a thousand times
  all over the web and in some places I have read it WON'T work in a
  web browser. Is this true?
  Many thanks!
  Bob

  Well, I’ve kind of figured it out, at least using Flash
  player. I messed up a couple things:
  1. I was missing the space between “Basic” and
  “pass”.
  2. I was missing the Base64 class. I thought Base64 was an
  included library.
  So now it works in Flash Player … but still doesn't
  work in FF or IE7.
  In the article (at the attached link below) the author says
  it will not work in a browser. But that was 2 years ago. Is this
  still true? How absolutely annoying!!
  Using
  HTTP Authorization headers with Flash

• Call secure RestFul WebService with basic authorization via https

  Hi,
  is there a way to call a secure RestFul WebService with basic authorization via https from APEX?
  Database: Oracle 11g XE
  APEX: 4.2.1
  I have a solution by calling the WebService from Java which was called from the database via scheduled job (execute).
  As my hosting partner does not support Java I am looking for another option.
  Regards
  Markus

  Hi,
  I think its not possible, in this link you can find in more detail why.
  Its related with the use of wallets to acess https requests.
  http://www.apexninjas.com/blog/2011/06/https-access-with-utl_http-on-oracle-xe-has-anyone-managed-to-do-this/
  Edit: Because you are using Oracle XE
  Edited by: carlos.pereira on Jan 23, 2013 6:15 PM

• Basic Authorization  concept

  Hi Friends,
  I want to be clear in basic authorization terminologies.
  Can any one give the definition for the each below mentioned basic authorization terminologies with some example?
  1.Object class
  2.Authorization
  3.Authorization Object
  4.Authorization Field
  5.Field Value
  6.Profile
  7.Role
  8.Composite role
  9.Reference role
  10.Derived role
  Thanks in advance.
  Regards,
  Venu

  Hi Venu,
  Lets come from the top to bottom ...
  at the highest level you have the Role. A role can be defined as follows.
  <b>Role</b>
  The collection of activities that a person performs to participate in one or more business scenarios in an organization.
  Access to the transactions, reports, Web-based applications, and other objects contained in roles is through user menus.
  Also in a simple manner can be defined as a set of transaction codes in one bundle.
  Note : when a Tcode is assigned to a Role hte related authorization objects get autmaticaly assigned to the role. I hope its clear until now.
  So every Tcode i sassigned to a specific set pof Authorization objects and every authorization object has a set of Auth fields assigned to it. They can be che3cked in any role in transaction PFCG.
  for better programming SAP has classified a set of authorization objects into OBJECT classess. its not much of importance to you as its a system thing.
  One more thing is every role has a profile assigned to it when its created and Generated. Usually profiles are the concept until 4.0 system of SAP...later the roles concept came into existence and hence they are defunct exept a few standard SAP profiles like SAP_ALL and stuff which can be assigned to Users directlky. Else Profiles are also automatic assignment and get linked to a uswer once a user is assigned a particular properly generated role.
  Coming to other terms, a group of single roles can be bundles into a single <b>composite role</b>. Hence its justa group of single roles.
  In authorization concept, wehave the Parent Child relations hip in roles.
  That is... when a Role is created we call it the master role and its properties can be inherited by a cild role.
  the scenario is if we r having 4 company codes in an org, and i am supposed to create roles for each comp code seperately..so i try to create a master role and create 5 child roles with inheritance properties. this way any change to master role gets drilled down to child roles without having to change all the rolese seperately.
  This is the concept of <b>derived roles</b>.
  i wish this info has helpfed you...
  Br,
  Sri
  Thanks for the points...

• How to pass Basic Authorization without poped dialog

  The following is the actionscript and crossdomain.xml
                  public function init():void{
                        var service:HTTPService=new HTTPService();
                        service.url="http://127.0.0.1:8080/manager/test/tomcat-users.xml";
                        service.method="POST";
                       service.headers["Authorization"]="Basic "+getAuthorization();
                        service.addEventListener(ResultEvent.RESULT,handler);
                        service.addEventListener(FaultEvent.FAULT,handler);
                        service.send();
                    public function handler(e:Event):void{
                        trace(e);
                    public function getAuthorization():String{
                        var encoder:Base64Encoder=new Base64Encoder();
                        encoder.encode("admin:12345");
                        return encoder.toString();
  <cross-domain-policy>
  <site-control permitted-cross-domain-policies="master-only"/>
  <allow-access-from domain="*" secure="false"/>
  <allow-access-from domain="*" to-ports="*"/>
  <allow-http-request-headers-from domain="*" headers="*"/>
  </cross-domain-policy>
  why is there still a dialog poped up for authorization.Anything else need to be done?

  give me the reason is also OK

• SAAJ adding mime headers for server authrorization

  I need to pass login information to server when sending SOAP request. Do I use MimeHeaders to carry username/passwrod pair?
  SOAPMessage message = factory.createMessage();
                 String authorization = Base64.encode("username:password".getBytes());
                 MimeHeaders mimeheaders = message.getMimeHeaders();
                 mimeheaders.addHeader("Authorization", "Basic " + authorization);

  Ok, problem partially solved. I'm using IBM's web service implementation. Mime headers are not set using addHeaders() or message.getMimeHeaders().setHeader() methods. I try same with pure Axis and it worked fine. I think IBM has bug here.

• How to determine role authorization of user in MAM?

  Hi everyone,
  I'm new to SAP and SAP MI, and I am currently implementing (or "enhancing") a MAM.  I have the following question on user authorization:
  In terms of role authorizations, does anyone know how I can determine what roles an authenticated user have from SAP?  For example, if user A logs into the MI Client, and if this user accesses the MAM, is there a way for the MAM to know what kind of user roles he/she has?  Is there a SyncBo that will give me such info?  I checked the JavaDocs for the SyncBo's, but they have NO descriptions.  The closest thing that I found was in MAM090 (Interface com.sap.mbs.mam.bo.MAM090).  There are getter methods for getRoleGen(), getProfileResource(), and getPartnerRole().  Are any of these usable?
  Are there any good documents that I can look at to determine what each SyncBo's does? 
  Many thanks!
  Jeffrey

  Hi Jeffrey!
  Here are the 3 different checks you have to look at"Users & Authorizations" for setting up your MAM Users.
  (1) SAP Backend:
  (1a) The SAP MAM User who synchronizes with the Backend from the MI Client should have all necessary authorizations for Plant Maintenance Components of the SAP System that are associated with your MAM Scenarios.Pl refer to the following SAP Authorization Objects I_ALM_ME ,I_AUART,I_BEGRP,I_BETRVORG,I_CCM_ACT ,I_CCM_STRC,I_ILOA,I_INGRP,I_IWERK,I_KOSTL ,I_QMEL,I_ROUT ,I_ROUT1,I_SOGEN,I_SWERK,I_TCODE ,I_VORG_MEL,I_VORG_MP ,I_VORG_ORD,I_WPS_MEB ,I_WPS_REV in your Backend System and have it assigned to the User Profile, based on your requirement.
  (1b) Service User for setting up the MAM & MI Landscape: This user logon info has to be setup in the RFC Destination that is associated with your MAM25 SyncBOs, to logon to the Backend System and this user should have the basic authorizations required to establish the connection.
  (2) MI Middleware: The SAP MAM User who synchronizes with the Backend from the MI Client should have the following Authorization Objects assigned to his/her profile. S_ME_SYNC, S_RFC, S_TCODE.
  (3) MI Client: Refer to MI Security Guide.Pl note that the MI Client MAM User is same as the Middleware User and the Backend User.You should be taking care of this already.This is just a FYI.
  Let me know, if you are looking for any other additional info.
  Thank You
  Gisk

• Printing gibberish. SOLVED by View , set Headers to Normal

  When I print a message from Thunderbird (37.0.1, W7) I get what looks like machine language; the same thing appears on Print Preview; at the end of the message, the original message is present; I forwarded a message from Comcast.net and AOK; Microsoft feels a hardware problem may be causing this; they did a complete scan of my computer; when I reinstalled TB I did a complete de-install from Control Panel; Please help,
  Rob

  Attached screenshot is totally useless.
  How can I use it to assist you?....this is not a chat forum.
  Version 37.0.1 is not the current release.
  Are you using a Beta version of Thunderbird or are you completely confused and not telling us your Thunderbird version, but instead quoting your Firefox browser version?
  ''re ; I get what looks like machine language; the same thing appears on Print Preview; at the end of the message, the original message is present;''
  Maybe, you are refering to headers?
  An image showing this 'what looks like machine language;' would be useful to help clarify what you are refering to. So, if the next section does not resolve your issue, please post an image of what you see in a Print Preview.
  All emails consist of headers and content.
  Usually, most people only need to see and use the basic normal headers eg: TO FROM, Subject , Date.
  So first check to see if you are seeing All the headers or just the basic.
  Check setting:
  View > Headers > select; Normal
  Select email so it displays in the Message Pane
  File > Print Preview
  does this look better?

• Inserting authorizations from template

  Hi all,
  Does anyone know what are the basic authorizations needed for reporting and planning activities. I do not mean the basic analysis authorizations - I mean the basis authorizations - those you usually insert from a template such as S_RS_TREPU.

  Hi,
  you don't have to use:
  S_RS_ICUBE
  S_RS_ICUBE
  S_RS_ISET
  S_RS_MPRO
  S_RS_ODSO
  Because you have to set at less one authorization with the following authorization IO:
  0TCAACTVT
  0TCAIPROV
  0TCAVALID
  Don't forget:
  S_DEVELOP
  S_RO_BCTRA in ECC side for activate (remote) Datasource
  S_RS_BITM NEW
  S_RS_BTMP NEW
  S_USER_AGR
  S_RS_BC
  S_RS_BCS
  S_RS_AUTH (Data)
  S_RS_IOBJ
  S_GUI
  S_RS_DS: Authorizations for working with the DataSource or its sub-objects (as
  of SAP NetWeaver 2004s)
  &#56256;&#56452; S_RS_ISNEW: Authorizations for working with new InfoSources or their subobjects
  (as of SAP NetWeaver 2004s)
  &#56256;&#56452; S_RS_DTP: Authorizations for working with the data transfer process and its subobjects
  &#56256;&#56452; S_RS_TR: Authorizations for working with transformation rules and their subobjects
  &#56256;&#56452; S_RS_CTT: Authorizations for working with currency translation types
  &#56256;&#56452; S_RS_UOM: Authorizations for working with quantity conversion types
  &#56256;&#56452; S_RS_THJT: Authorizations for working with key date derivation types
  &#56256;&#56452; S_RS_PLENQ: Authorizations for maintaining or displaying the lock settings.
  &#56256;&#56452; S_RS_RST: Authorization object for the RS trace tool
  &#56256;&#56452; S_RS_PC: Authorizations for working with process chains
  &#56256;&#56452; S_RS_OHDEST: Open Hub Destination
  &#56256;&#56452; S_RS_DAS: Authorizations for working with Data Access Services
  &#56256;&#56452; S_RS_BTMP: Authorizations for working with BEx Web templates
  &#56256;&#56452; S_RS_BEXTX: Authorizations for the maintenance of BEx texts
  &#56256;&#56452; Authorization objects for the administration of analysis authorizations:
  &#56256;&#56452; S_RSEC: Authorization for assignment and administration of analysis
  authorizations
  &#56256;&#56452; S_RS_AUTH: Authorization object to include analysis authorizations in
  roles
  &#56256;&#56452; Changed Authorization Objects:
  &#56256;&#56452; S_RS_ADMWB (Data Warehousing Workbench: Objects)
  hope it helps

• PI  Developer Authorizations for ABAP and Netweaver

  Hello,
  I was wondering if anyone had the basic authorizations for a developer in PI? I also need to know what they need access to in the Configuration Tool? I have the Security Guide but I was looking for a little more specifics? Anyone that could help would be fantastic.
  James

  Hi James,
  I find this one useful
  http://www.erpgenie.com/sap/netweaver/xi/xiauthorizations.htm
  As for the Config tool, i don't think developer should have access to it. It should be restricted to BASIS Team only
  Cheers !!
  Zaheer

• Precompiled headers and SunStudio 12

  Hi, I am newbie to this forums and I hope I've picked up correct subforum to post this.
  I'd like to know how to utilize precompiled headers (-xpch) feature in SunStudio 12 project.
  I understand that set of #include directives should be combined into common header (let's call it precomp.h e.g. on Windows/MSVC it is usually StdAfx.h)
  then precomp.h included in precomp.cpp and precomp.cpp should be provided to compiler with -xpch option.
  I've checked out docs but find it pretty confusing and instructions I've found there are
  not working for me.
  Can someone briefly describe necessary steps to incorporate precompiled headers in SunStudio project.
  Any help/info/suggestion is welcome and appreciated.
  Regards

  If you are using precompiled headers with Microsoft or Gnu compilers, you can use the same techniques with Sun Studio. Whatever you do with those compilers should just work with Sun Studio.
  Putting all the headers into precomp.h is a reasonable way to organize your code, but is not required.
  You don't need to create a special precomp.cc to generate the precompiled headers, but you can do that if you want.
  Let's suppose you have precomp.h, and a precomp.cc that only includes precomp.h. File precomp.h should include the headers that are used by all the .cc files in your application. Each of the other .cc files will include precomp.h as the first non-comment line in the file. These other .cc files can include additional headers after precomp.h if you want.
  Example: A project will usually use a set of standard headers, plus some basic project headers almost everywhere. The pecomp.h file will include these headers. Headers that are used less often can be omitted from precomp.h and included only in the files that need them.
  Now you can create the precompiled header, and give it a name. Following the example in the manual, let's call it "myheaders".
  CC -c precomp.cc -xpch=collect:myheaders ...where "*...*" represents the other options you use on all command lines. This command will generate precomp.o, which you will not want to use in building your project. (That's why creating precomp.cc is not necessarily the best approach.)
  When compiling the rest of the .cc files, add -xpch=use:myheaders to each command line. And that's it.
  The rest of the options and pragmas are to handle more complicated cases or to deal with special issues.

• SRT : Authorization Error

  Hi Experts,
  I have SAP_All authoriztion in my ECC user ID.
  If i test my Webservices using that ID it is working.
  But I am trying to access the same webservices from another ECC user ID which doesn't have SAP_All authoriztaion.
  It has the basic authorization.
  I am getting this error -
     An error has occurred. Maybe the request is not accepted by the server:
  'SRT Authorization Error'.
  What is the type of authorization should that ECC user ID must have to access the web Services?
  If it is not related with authorization issue. What settings needs to be done while creation of Web Services?
  Kindly help me to resolve the Issue.
  Regards,
  Ragunathan.R

  Hi,
  Search for "SAP_BC_WEBSERVICE*" roles and give appropriate roles to your user (i.e. SAP_BC_WEBSERVICE_ADMIN etc)
  Regards,
  Gourav

• IT0008 Authorization

  Hi Experts,
  Is there a provision for providing authorization for entering salary details IT0008. How to provide autorization ,If so what are the ways to define the levels of authorization?
  Request if anyone can help me out with this.
  Have a nice day.
  Regards,
  Sriram

  Hi,
  Usually we have basis team to handle this, but after a while even you can do it. the important tcode is pfcg and su01.
  The most basic authorization you can set up is restriction to infotype, operation,  personnel area, personnel sub area. For example you can only view basic pay for employee group x, but you can edit basic pay for employee group y. if you need further restriction then you have to add authorization object. There are also different type of authorization like, you can create 0008 (system wont use this record though) but you need other people to save it (so the system can start using the new record). Please let me know if you need anything else.
  Regards

• Nexus 5K and 7K RADIUS Authorization with Steel Belted RADIUS

  I am attempting to provide very basic authorization via Steel Belted RADIUS for a Nexus deployment.
  Here is the code from the Nexus:
  radius-server host [server]  key [key]
  radius-server host [server]  key [key]
  ip radius source-interface mgmt0
  aaa group server radius GEN_AAA
      server [server]
      server [server]
      use-vrf management
      source-interface mgmt0
  aaa authentication login default group GEN_AAA
  aaa authentication login console group GEN_AAA
  aaa accounting default group GEN_AAA
  aaa authentication login error-enable
  On the Steel Belted RADIUS server the client is setup as a basic IOS 11.1 or later (Nexus is not an option).  The group setup for the relevant user group has a return code of:
  shell:roles*"network-admin"
  shell:priv-lvl=15
  When I authenticate from a Catalyst 6509 with IOS 12.2 the authorization based on the shell:priv-lvl works fine.  Only those users in the 'special' group have admin (lvl 15) access.
  With the Nexus gear I authenticate fine but the RADIUS user is always put in the network-operator role (default) regardless of the 'special' group shell:roles*"network-admin" return code defined.
  In other words it seems to work fine for IOS devices (Catalyst 6500 and 3750E so far) but not at all for Nexus gear.  Unfortunately I am not in a position to suggest and implement ACS or another AAA server that supports TACACS.
  Is there any way to pull this off with SBR?
  Any help is much appreciated.

  Hello Nusrat,
  I appreciate the pointer.  If I was using TACACS for AAA, authorization sets would be a consideration.  However, authorization is not permitted when using RADIUS for AAA on the Nexus platform.
  In any case I was able to resolve the issue with the assistance of the customer and their support contact at Juniper.  For the VSA feature to begin working a change to the INI file and a restart of the SBR services was required.  Placing the desired group of users in the network-admin group is functioning as desired.
  NOTE:
  In addition to the configuration in the original post the following should be added to stop any 'standard' users defined on the SBR server from logging in with network-operator privileges:
  no aaa user default-role
  If no role is provided from the RADIUS server via the Cisco-AVPAIR VSA (ex. Cisco-AVPAIR = shell:roles*network-admin) by default a Nexus box places the user in the network-operator role.  This role has complete read access on the system allowing, among other things, a read view of the configuration.  The above command stops any role mapping resulting in non-configured users / groups on the RADIUS box not being able to log in period.

• Necessary Authorizations for BI Consultant

  Dear All,
      What are the necessary Authorizations for BI 7.0 Consultant to work on a BI development system ?
       I have created source system (ECC Dev system), installed Bex analyser and I would like to verify if there are any standard tasks to be performed to make the system ready for BI consultant and required authorizations to perform all the activities.
  Thanks,
  Nick.

  Hi,
  The basic authorizations you need are RSA1, then you need to have access to all the infoareas, objects. You need access to modify, create, activate objects. In addition you'll need access to maintain master data for master data objects, monitor job loads, process chain access, query creation and change access. Query execute access. Authorizations to replicate datasources, activate them and access for creation, change and activation of DTPs, Infopackages and Transformations is also needed.
  These are some of the basic authorizations you need in the development system.
  For all other systems, you only need display authorizations for all objects.For data viewing, it'll be based on what security you get. Based on the client strategy in some places, you might get authorization to create, change and activate infopackages and DTPs. But to maintain the integrity of the Process chains and the environments, the best practice would be create these objects in dev and then transport them.
  Cheers,
  Kedar