Implement User Authorization to View Dashboard

Similar Messages

• Implement an authorization scheme using to check users

  Hello,
  I want to implement an authorization scheme for my application in which i want to
  give access to only threee users to view my application. Can anyone help me what would be my pl/sql expression.
  something like :APP_USER in ('R123',Y7654','TY7890')
  can anyone help me with what type of scheme I need to create??
  thanks,
  orton

  Hi,
  I have exactly similar application for my organisation with SSO organisation, but the application need to be accessed only by my TEAM members
  What is did is i created a user table.. that will hold the user detail like email id , etc..
  after that i went to shared component -> Security -> authorization scheme
  Clicked on create button to create new authorization scheme..
  Selected From scratch option .
  Give a name to the authorization scheme.. i named is as VALID USERS
  Scheme type - select Exits SQL Query
  then in expression 1 i entered
  select * from user_table where upper(user_email_id) = upper(:APP_USER)
  and in error message enter ...Unauthorized USER.
  Regards,
  Shijesh

• Authorised to User Fro MODIFY,VIEW and INSERT

  Hi,
  i want to authenticate my application .How can i give RIGHTS to User ,How can i authorised to User for MODIFY,VIEW and INSERT.
  How can i implement this.
  Thanks
  Edited by: 805629 on Jan 26, 2011 11:10 PM

  Hi,
  Create authorization scheme for MODIFY, VIEW and INSERT.
  For MODIFY and INSERT edit button and select Authorization Scheme.
  For VIEW on Edit Application properties go to security tab and select Authorization Scheme for VIEW.
  Sample PL/SQL code for authorization(It will return boolen):
  Scheme Type: PL/SQL Function Returning Boolean
  Code:
  Declare
  v_ret number;
  Begin
  v_ret := AUTH_PKG.can_update(:APP_USER,:APP_PAGE_ID);
  IF V_RET =1 THEN
  RETURN true;
  ELSE
  RETURN false;
  END IF;
  End;
  Regards,
  Kartik Patel
  http://patelkartik.blogspot.com/
  http://apex.oracle.com/pls/apex/f?p=9904351712:1

• CRM Analytics - User Authorization Not Suficient

  Hi Guys,
  We have implemented the CRM analytics report, however when I access the menu Sales Pro in CRM and try to open the report Closed Opportunities, I get the error : User Authorization not sufficient.
  If I open the error I get the message :
  Diagnosis
  The user doesnot exist in the BI client or has insufficient authorizations
  Procedure
  Contact system administrator to verify the user is setup properly in both CRM and BI client
  Procedure for System Administration
  Verify that the user exist in BI client with the same user id, if not create it and assign proper authorizations as per the configuration guide.
  When I run the query or the webtemplate in BW I don't have authorization problems, but I can't run from CRM.
  Any suggestion about how to fix it?
  Thanks in advance,
  Fernando

  Hi Fernando,
  The report which you have implemented is doing a RFC call to BI system where some other system program is getting called which have authorization logic check for the RFC user ( or the person who is running the report). here report is terminating with error. I have face the similar issue.
  generally such reports we use to schedule as a background job with batch user which have SAP ALL access but I feel in your case user who runs the report have not sufficent authorization in BI system and also you are not running report as an background job.
  There aretwo tricks to findout the missing authorization which I also have used.
  First option : close all the session except one in CRM and than run the report as soon as the error comes open transaction code SU53 to know the missing authorization - may be you can fail here as the authorization check fail in BI.
  Second option definitely will work. Whenerror is coming double click on the mmessage to know the message detail(class and number) than again run the report in debugging mode (/H- type in address bar to activate debugging) than set breakpoint in the message and press f8( may be system will not set the break point immediately than you need to debug till the RFC calls BI system) . system will take you to the exact authorization code check where the error is coming. there you can find out the missing authorization object which is not included in the user assigned role. than can ask access team to add in the user role.
  I hope this will solve your issue. Please revert with your finding.
  Thanks,
  Prem

• Authorizations for View Cluster

  Hello all,
  I need to maintain authorization for View cluster.
  Example : I have a view cluster say 'VC_TEST' , now I should have an authorization where other employees can only display it.
  Steps which I have followed:
  1. Assigned authorization object to the views of view cluster then created role for the object S_TABU_DIS and assigned all the activites (Create,Change,Display)
  2. Assigned user to the role
  But still other people can edit or maintain the view cluster.
  So could you please guide me.
  Thanks and regards,
  Anil

  HI,
  Reg:Authority Check object
  http://www.techrepublic.com/article/comprehend-the-sap-authorization-concept-with-these-code-samples/5110893
  Ram.

• Best practice to set up the user authorization

  Dear expert,
  I have a question regarding the user authorization access. I've attend the BOE training but I'm still blur in term of user authorization planning. Currently, I have around 50 named users that need to access the BOE server. But the certain user will be restricted to access to certain folders or reports.  May I know what is the best practice to set up the user authorization access? Should I set up first in the development machine and once its firm, then I migrate it to production machine..or is there any steps that I need to follow...?
  Really appreciate if you can let me know on what should I look into first before set up the authorization. Is there any doccument that I can referring to..?
  Thanks & Regards,
  -Syahida-

  Create User Group for each folder (for eg. Sales/Marketing etc) and also based on the type of access you want to provide.
  Like Sales VOD/ Sales View/Sales Schedule, and add users to the User Group based on the type of rights you want to provide them. Then add the User Group to respective report folders.
  First deploy it in the Development environment, once you have everything finalized then you can replicate the same to QA and Prod environment by migration. Also make sure that in Development environment developers will have full control to develop/add reports to folders, you have to restrict that in QA & Prod environment.

• Cannot set user query to view "{0}" because it is a destination in a view link

  Hi
  11.1.1.7 - I have 2 programatically view objects. I have created a viewLink between them and I am getting the error:
  Cannot set user query to view "MyView2" because it is a destination in a view link.
  Does anyone know what are the methods I need to implement? I have follow the Frank Nimphius Post: Oracle ADF: Service, Please! and it is working fine. However, after seeing this example: Decompiling ADF Binaries: Building programmatically managed business components - Part 2 - I realised that I am missing some other stuff to make the view link work. There are too many methods and its quite difficult to understand and digest all classes and methods etc.
  Anyone can please point me in the right direction?
  Regards

  Which version are you using? Could you maybe turn on logging (http://blog.goverco.com/p/psmalogging.html) and post content of log file if you still have the issue...
  Also, remember that even though you set credentials in the PARAM section, these values are overwritten by the ones specified on the properties of the MA - so make sure that you specify correct creds on the MA. Specifying creds directly in the script makes
  for an easy way of testing from the PowerShell prompt, but not for running the script from the MA / Run Profiles
  Regards, Soren Granfeldt
  blog is at http://blog.goverco.com | facebook https://www.facebook.com/TheIdentityManagementExplorer | twitter at https://twitter.com/#!/MrGranfeldt

• Authorization in viewing WBS element

  Hi Experts,
  I want a requirement like, a user can only view authorized WBS elements rather all the created  WBS elements in the system.
  Can anybody help in providing the proper user exit or any other development to address this issue.
  Thanx in adv.
  Regards
  Ashis

  Hi.
  Use PFCG transaction. Create new role copying project management authorizations (From Edit --> Insert authorizations --> ...) and then change all "activity" parameters to '03'. Save and generate role and finally assign it to users. They will only display.
  Hope this helps,
  Ivá

• Implementing user exits !!!!

  hi can any body please send me the detailed steps to implement user exits in (ecc 5.0) step by step ....process ....how can we use them  in ABAP .....these enhancements...i.e how can i  configure function exit ,menu exit , field exit ..&...screen exit as well as .....
                    thanks in advance ..........

  Hi,
  From PP point of view, the following exit is used.
  For MRP run transaction md01 is used. This is for all the material in the plant.Suppose if we need to run mrp for a particular material type(Eg:PD/VB) then we need to create a key. This key is entered in the user exit key filed in the md01 transaction screen.
  With the help of ABAP we need to write a program for this key with the corresponding enhancement.Then mrp run can be carried out for the particular mrp type.
  From SD point of view, While creating sale order using transaction va01. If you want the sold-to-party to be a default value everytime you create a sale order, then you can use the corresponding enhancement & in cmod transaction can write a program telling sold-to-party as "ABC".
  Whenever you create a sale order ABC will appear in the sold-to-party field.
  Regarding menu exit if you want to add an option or hide an option in the menu then if the enhancement is available you can do it.
  Regards,
  Senthilkumar

• Code for user authorization

  Hello All,
  I have to implement a sample code which will filter out activities according to user authorization. Please help me in this regard.
  Thanks in advance.
  Paul.

  Hi,See the below code and write as per your need.
  INITIALIZATION.
    AUTHORITY-CHECK OBJECT 'ZPRCHK_NEW'
             ID 'TCD' FIELD SY-TCODE
             ID 'BUKRS' DUMMY
             ID 'PRCTR' DUMMY
             ID 'SPART' DUMMY
             ID 'WERKS' DUMMY
             ID 'VKORG' DUMMY
             ID 'EKORG' DUMMY.
    IF SY-SUBRC NE 0.
      MESSAGE I000(VZ) WITH TEXT-002 SY-TCODE .
      LEAVE PROGRAM.
    ENDIF.
  Regards
  rajendra

• Always prompted with Save As Dialog when viewing dashboard

  Post Author: jgagarin
  CA Forum: Performance Management and Dashboards
  Hi,
    We are having problem viewing dashboard which contains Xcelsius document. In our development server we were able to view all dashboards with embedded Xcelsius document but when we move it to our production server it shows different output. Everytime we try to view the dashboard it keeps on prompting a "Save As Dialog" instead of showing the Xcelcius file. I really have no idea on what to do next, please help.
  Thanks,
  Jag

  Post Author: amr_foci
  CA Forum: Performance Management and Dashboards
  its an issue of macromedia flash player, if you already installed it on ur machine, remove it and reinstall the last version from the macromedia website thenrestart your mcahine.
  good luck

• Error on load: System.IO.IOException: The process cannot access the file : error in event viewer when users want to view documents from this third party deployed scan solution

  Error on load: System.IO.IOException: The process cannot access the file
  '\\server1\SCANSHARED\.pdf' because it is being used by another process.
     at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
     at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy)
     at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
     at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share)
     at System.IO.File.WriteAllBytes(String path, Byte[] bytes)
     at abc.Scan.Layouts.ICC.Scan.View.Page_Load(Object sender, EventArgs e)
  I faced this  error in event viewer  when users want to view documents from this third party deployed scan solution
  here I have two WFS servers  and they configured with load balancing in F5 .
  when I enable both servers in F5 I receive this error messages in 2nd server,
  when users want to view documents
  adil

  Do you have antiVirus installed on the sharepoint servers?
  These folders may have to be excluded from antivirus scanning when you use file-level antivirus software in SharePoint. If these folders are not excluded, you may see unexpected behavior. For example, you may receive "access denied" error messages when files
  are uploaded.
  Please follow this KB and exclude the folders from Scanning.
  http://support.microsoft.com/kb/952167
  Please remember to mark your question as answered &Vote helpful,if this solves/helps your problem. ****************************************************************************************** Thanks -WS MCITP(SharePoint 2010, 2013) Blog: http://wscheema.com/blog

• Variable value to be populated based on user authorization

  Hi all,
  I want to have a variable with single value on plant.
  when the user executes the report, value of the variable has to be populated automatically based on the authorization of the login user and it has to show the output without displaying the selection screen.
  Kindly guide me of, what type of variable to create and to proceed.
  Thanks.
  I

  Hi
  Restriction Plant from user authorization can be achieved by the following steps
  1. Plant infoobject should be authorization relevant.
  2. make authorization object including plant and restrict to the plant u needed and assign the profile to the user
  3. in BEX create variable of authorization type on plant. this variable will get the default values for the plant from the user authorization on the selection screen of the query.
  4. if you dont want to display the variable on the selection screen then remove the chek box in variable that " variable is not ready for input"
  thanks
  radhika

• Display active/implemented user exits in R/3 system

  Hi Guys,
  Here is a small report that I wrote to display all active and implemented user exits in R/3 system. It gives a snapshot of all the user exits being used and also takes to the follow-on screen on double click.
  Regards,
  Madhur
  *& Report ZMS_ACTIVE_EXITS
  *& This report displays all the active customer enhancements in the
  *& system and also displays whether they are active or implemented
  REPORT ZMS_ACTIVE_EXITS.
  * Data decleration
  types: begin of s_function,
  fname like MOD0-FUNCNAME,
  ftext like tftit-stext,
  impl,
  active,
  example,
  end of s_function.
  TYPEs : BEGIN OF display_str,
  project type modact-name,
  enhancement type modact-member,
  fm type modsap-member,
  status type char20,
  END OF display_str.
  data : lt_member type table of modact-member,
  ls_member like LINE OF lt_member,
  lt_fm type table of modsap-member,
  ls_fm like LINE OF lt_fm,
  lt_modname type table of modact-name,
  ls_modname like line of lt_modname,
  lt_display type TABLE OF display_str,
  ls_display like LINE OF lt_display,
  ls_function type s_function,
  field1(30).
  START-OF-SELECTION.
  * Select active customer enhancement.
  select name from modattr into ls_modname
  where status = 'A'.
  append ls_modname to lt_modname.
  CLEAR ls_modname.
  ENDSELECT.
  if lt_modname is INITIAL.
  WRITE / 'no active enhancements'.
  endif.
  * Determine the details about the customer enhancement.
  LOOP AT lt_modname INTO ls_modname.
  CLEAR : ls_display.
  SELECT member from modact into ls_member where name = ls_modname.
  select member from modsap into ls_fm where name = ls_member and typ = 'E'.
  ls_display-project = ls_modname.
  ls_display-enhancement = ls_member.
  ls_display-fm = ls_fm.
  clear : ls_function.
  ls_function-fname = ls_fm.
  perform get_impl_status USING ls_function.
  if ls_function-impl = 'X'.
  ls_display-status = 'Implemented'.
  ELSE.
  ls_display-status = 'Active'.
  endif.
  APPEND ls_display to lt_display.
  endselect.
  ENDSELECT.
  ENDLOOP.
  * Displaying results
  format color = 1.
  write : 'Please double-click on the object for follow-on action'.
  new-LINE. uline.
  write : 'Customer Project', at 30 'SAP Enhancement', at 60 'Exit Function Modul
  e', at 100 'Active/Implemented'.
  ULINE.
  format color = 0.
  loop at lt_display into ls_display.
  new-LINE.
  write : ls_display-project, at 30 ls_display-enhancement, at 60 ls_displayfm,
  at 100 ls_display-status.
  ENDLOOP.
  * For calling transaction CMOD / SMOD / SE37.
  at line-selection.
  get cursor field field1.
  CASE field1.
  WHEN 'LS_DISPLAY-PROJECT'.
  set parameter id 'MON_KUN' field sy-lisel(10).
  call transaction 'CMOD' and skip first screen.
  WHEN 'LS_DISPLAY-ENHANCEMENT'.
  set parameter id 'MON' field sy-lisel+29(10).
  call transaction 'SMOD' and skip first screen.
  WHEN 'LS_DISPLAY-FM'.
  set parameter id 'LIB' field sy-lisel+59(30).
  call transaction 'SE37' and skip first screen.
  WHEN OTHERS.
  message 'Click on the right place.' TYPE 'I'.
  ENDCASE.
  *& Form get_impl_status
  * This FORM checks whether an EXIT FM is implemented or not
  form get_impl_status using p_function type s_function.
  data : l_mand LIKE tfdir-mand,
  l_incl_names TYPE smod_names OCCURS 1 WITH HEADER LINE.
  l_incl_names-itype = 'C'.
  APPEND l_incl_names.
  CLEAR l_mand.
  SELECT SINGLE mand FROM tfdir INTO l_mand WHERE funcname = p_function-fname.
  IF sy-subrc = 0 AND l_mand(1) = 'C'.
  p_function-active = 'X'.
  * l_status-active = c_true.
  ELSE.
  p_function-active = ' '.
  * l_status-inactive = c_true.
  ENDIF.
  CALL FUNCTION 'MOD_FUNCTION_INCLUDE'
  EXPORTING
  funcname = p_function-fname
  TABLES
  incl_names = l_incl_names
  EXCEPTIONS
  OTHERS = 4.
  IF sy-subrc = 0.
  LOOP AT l_incl_names.
  SELECT SINGLE name FROM trdir INTO l_incl_names-iname
  WHERE name = l_incl_names-iname.
  IF sy-subrc = 0.
  p_function-impl = 'X'.
  ELSE.
  p_function-impl = ' '.
  ENDIF.
  ENDLOOP.
  ENDIF.
  endform. "get_impl_status

  Hi Sergio,
  Have you checked that the basis guys have actually plugged in the SAP system. The guys I've been working with have sworn that the portal can connect to SAP but actually they have no connectivity at all. It has meant that my collegue has spent the last 2 days pulling his hair out trying to work out why his code doesn't work and in fact it will never work as the portal cant even see SAP.
  Cheers
  Richard

• The best way to implement user's access level via Servlet & JSP (or more)?

  Hi all,
  I am trying to implement user's access level in an application to allow certain access to certain page or components within a page (buttons, etc.). From my experience with JSP, Java, servlet, I am think of having the jsp/servlet to check for user's access level to decide what jsp components or forward page to go to next but that doesn't seem clean or elegant way to handle it.
  Any suggestions of how to do this? Are there other technologies (Struts) out there that can handle this?
  Thanks so much in advance for your feedback or suggestion,
  Thong Bui

  I haven't experienced a lot in defining security roles before, and there is probably a lot to learn about this area. However I might be able to assist you in some way. Whenever I have 2 or more objects that need to be stored in the session, I create a class called UserContainer. Say you have three properties:
  empSsn (String) , isAdmin (Boolean), isAgent (Boolean), then:
  public class UserContainer implements Serializable  {
  private String empSsn = null;
  private Boolean isAdmin = null;
  private Boolean isAgent = null;
  public UserContainer() {
  super();
  public void setIsAdmin(Boolean isAdmin) {
  this.isAdmin = isAdmin;
  public Boolean getIsAdmin() {
  return this.isAdmin;
  // getters and setters for the other properties
  Of course after you decide (in your sevlet) whether the app user is an administrator or an agent, you can set the corresponding property in the user container, and then save it in the session. Afterwords, in any jsp, you can decide to display a certain element (e.g a button) after you check the user's role. Example:
  // Welcome.jsp
  <% UserContainer userContainer = (UserContainer) session.getAttribute("userContainer");
  boolean isAdmin = userContainer.getIsAdmin().booleanValue();
  boolean isAgent = userContainer.getIsAgent.booleanValue();
  if(isAdmin) { %>
  <!-- HTML/Code corresponding to an administrator -->
  <% } if(isAgent) { %>
  <!-- HTML /Code corresponding to an agent -->
  <% } >Of course, this is a very simple way of doing such a task, you will find more secure ways if you look at LDAP or something of that matter.
  Cheers