J2EE User
Dear All,
I need a J2EE User with all its Authorities in order to test a webservice. Do you know
how can I create a J2EE User.
SAP J2EE Engine/7.00
Regards
sas
Hi Sas,
For j2ee users will create automatically while installaing, if not please follow the below:
If it is ABAP+JAVA:
To create a user in the SAP Web AS ABAP:
1. Log on to the SAP system with an admin user, in the client that is used for the UME authentication.
2. Choose Tools u2192 Administration u2192 User Maintenance u2192 User (transaction SU01).
3. Enter J2ee_admin as user name and choose Create.
4. Choose Dialog user as type for J2ee_admin
5. Add a role SAP_J2EE_ADMIN
6. Save
Login again to change the password. Then use the same for all the times
And also you have to create j2ee_guest and sapjsf users.
Create j2ee_guest with role SAP_J2EE_GUEST
create sapjsf user with role SAP_BC_JSF_COMMUNICATION_RO.
If it is only JAVA:
Use UME console to create:
go to : http:.//<server>:<port>/useradmin. There you can create user with name Administrator. It is case sensitive.
You can also create other users using Visual Administrator with Administrator user: choose User Management (Server u2192 Services u2192 Security Provider u2192 runtime u2192 User
Management).
Hope it resolves your issue. Please let me know if you need more.
Thanks
Kishore
Similar Messages
-
Not able to create J2EE user DDIC in portal
Hi All,
I am trying to configure the BI 7.0 system in EP 7.0. My systems are running on Windows 2003 32 bit edition. SP level is SPS11 & SP10
I have configured the UME where datasource is ABAP system. After using the supportdesk tool I am getting the below three erros in the system.
Import of Web Templates in active version will fail because the J2EE user DDIC is not properly mapped to an ABAP user other than DDIC Maintain a user mapping for J2EE user DDIC - see note 945055 for details
Check could not be executed because retrieval of WebAS ABAP settings failed Check connectivity to WebAS ABAP and make sure the ABAP coding correction from note 937697 is applied in the latest version available
Check could not be executed because retrieval of WebAS ABAP settings failed Check connectivity to WebAS ABAP and make sure the ABAP coding correction from note 937697 is applied in the latest version available
To resolve these issues i tried to create user id DDIC in portal but I am not able to create it. It is giving below error
A user with the specified logon ID already exists; choose a different, unique logon ID
As it is trying to create this user id in ABAP datasource. Please let me know how to create DDIC in J2EE engine where ABAP is the datasource.
Please help me resolve this issue.
Thanks,
ShamboHi,
In defaulttrace.trc I am getting the below errors
#1.5#00055D4A98DC0061000004BC00001610000460FCEAE15F00#1232539295495#com.sap.ip.bi.preexecutionservices.PreexecutionservicesRfcService#sap.com/com.sap.prt.application.rfcframework#com.sap.ip.bi.preexecutionservices.PreexecutionservicesRfcService#Administrator#9873####403302b0e7b311ddbd4500055d4a98dc#SAPEngine_Application_Thread[impl:3]_27##0#0#Fatal#1#/Applications/BI#Plain###Exception caught: com.sap.ip.bi.base.exception.BIBaseRuntimeException: SAX Exception
com.sap.ip.bi.base.exception.BIBaseRuntimeException: SAX Exception
at com.sap.ip.bi.webapplications.runtime.preexecution.impl.PreexecutionDispatcher$DocumentAnalysis.createMutableDocument(PreexecutionDispatcher.java:93)
at com.sap.ip.bi.webapplications.runtime.preexecution.impl.PreexecutionDispatcher.validateDocument(PreexecutionDispatcher.java:571)
at com.sap.ip.bi.preexecutionservices.PreexecutionservicesRfcService.handleRequestForRSWR_PREEXECUTION_PROXY(PreexecutionservicesRfcService.java:109)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at com.sap.ip.bi.portalrfc.dispatcher.services.BIServicesRfcDispatcherService.handleServiceRequestGeneric(BIServicesRfcDispatcherService.java:283)
at com.sap.ip.bi.portalrfc.dispatcher.services.BIServicesRfcDispatcherService.doHandleRequest(BIServicesRfcDispatcherService.java:177)
at com.sap.ip.bi.portalrfc.services.BIRfcService.handleRequest(BIRfcService.java:235)
at com.sapportals.portal.prt.service.rfc.RFCEngineService.handleEvent(RFCEngineService.java:341)
at com.sapportals.portal.prt.service.rfc.PRTRFCBean.processFunction(PRTRFCBean.java:37)
at com.sapportals.portal.prt.service.rfc.PRTRFCRemoteObjectImpl0_0.processFunction(PRTRFCRemoteObjectImpl0_0.java:118)
at sun.reflect.GeneratedMethodAccessor299.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at com.sap.engine.services.ejb.session.stateless_sp5.ObjectStubProxyImpl.invoke(ObjectStubProxyImpl.java:187)
at $Proxy119.processFunction(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at com.sap.engine.services.rfcengine.RFCDefaultRequestHandler.call(RFCDefaultRequestHandler.java:284)
at com.sap.engine.services.rfcengine.RFCDefaultRequestHandler.handleRequest(RFCDefaultRequestHandler.java:219)
at com.sap.engine.services.rfcengine.RFCJCOServer$J2EEApplicationRunnable.run(RFCJCOServer.java:254)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)
Caused by: com.sap.engine.lib.xml.parser.NestedSAXParserException: Fatal Error: com.sap.engine.lib.xml.parser.ParserException: XMLParser: Bad attribute list. Expected WhiteSpace, / or >:(:main:, row:1, col:59)(:main:, row=1, col=59) -> com.sap.engine.lib.xml.parser.ParserException: XMLParser: Bad attribute list. Expected WhiteSpace, / or >:(:main:, row:1, col:59)
at com.sap.engine.lib.xml.parser.DOMParser.parse(DOMParser.java:139)
at com.sap.engine.lib.jaxp.DocumentBuilderImpl.parse(DocumentBuilderImpl.java:127)
at com.sap.ip.bi.webapplications.runtime.preexecution.impl.PreexecutionDispatcher$DocumentAnalysis.createMutableDocument(PreexecutionDispatcher.java:85)
... 28 more
Caused by: com.sap.engine.lib.xml.parser.ParserException: XMLParser: Bad attribute list. Expected WhiteSpace, / or >:(:main:, row:1, col:59)
at com.sap.engine.lib.xml.parser.XMLParser.scanAttList(XMLParser.java:1590)
at com.sap.engine.lib.xml.parser.XMLParser.scanElement(XMLParser.java:1710)
at com.sap.engine.lib.xml.parser.XMLParser.scanDocument(XMLParser.java:2843)
at com.sap.engine.lib.xml.parser.XMLParser.parse0(XMLParser.java:229)
at com.sap.engine.lib.xml.parser.AbstractXMLParser.parseAndCatchException(AbstractXMLParser.java:145)
at com.sap.engine.lib.xml.parser.AbstractXMLParser.parse(AbstractXMLParser.java:165)
at com.sap.engine.lib.xml.parser.AbstractXMLParser.parse(AbstractXMLParser.java:245)
at com.sap.engine.lib.xml.parser.Parser.parseWithoutSchemaValidationProcessing(Parser.java:280)
at com.sap.engine.lib.xml.parser.Parser.parse(Parser.java:342)
at com.sap.engine.lib.xml.parser.DOMParser.parse(DOMParser.java:101)
... 30 more
#1.5#00055D4A98DC0061000004BF00001610000460FCEAE18738#1232539295511#com.sap.ip.bi.base.application.message.impl.MessageBase#sap.com/com.sap.prt.application.rfcframework#com.sap.ip.bi.base.application.message.impl.MessageBase#Administrator#9873####403302b0e7b311ddbd4500055d4a98dc#SAPEngine_Application_Thread[impl:3]_27##0#0#Error#1#/Applications/BI#Plain###A message was generated:
ERROR
Transformer exception while transforming BEx Web templates
com.sap.ip.bi.deploytime.BISP2Jsp SAPXMLTransformer
SAX Exception
Transformer exception while transforming BEx Web templates
com.sap.ip.bi.deploytime.BISP2Jsp SAPXMLTransformer
SAX Exception# -
Hell all,
This is related to XI3.1, which is J2EE+ABAP system.
I knwo that Roles in ABAP are called Groups in UME (J2EE) because J2EE has their own roles. ABAP roles are assigned in PFCG or SU01 and can only be viewed in UME console. Same users can be assigned to J2EE roles using UME colsole and these roles are maintained using UME console. They are called Roles in UME.
My question is regarding createting a user and resetting a password. Do I have to create a user in ABAP only using SU01 and reset the password in ABAP system only.
OR
I can do it in UME as well.
Because I see a create, modify button in UME where I can change the user password and create a new user.
AND if possible in both then whic one is advisable?
Your advice will be greately appreciated.
Thank you very much for the help.
SCNo problem, "hell all" was funny!
Anyway, my experience is that usually User Maintenance is done on the ABAP stack via SU01, which is considered the master, and then an automated mechanism (I couldn't go deeper by now) replicates on J2EE stack.
Obviously if you have to deal with J2EE specific auth, you have two approaches:
- strict: create dummy roles on ABAP, assign them and wait for replication
- easy: modify auth direcly on J2EE via UME (supposing J2EE is not locked on this function 'cause it's aware of being a slave in this process)
Hope this helps you.
Regards,
Alex -
Hi all,
Right now, we are using two users in the java stack, j2ee_admin and user1. We have been using this for a year now. It's just now that we needed to create a new user, user2. Problem is we cannot create user2 in the JAVA stack. It works fine in ABAP stack but it cannot be used in Netweaver login. Is there any problem with the user account creation?
We found out that UME was not updated. Does it have something to do with that? Also, we are not using the default client, 001. We are using 100.
Any help would be greatly appreciated.
Thanks.
Regards,
IXHello IX
Check note #940309 Change PI default client after NW 7.0 Installation - in particular point 6.
Regards
Mark -
Oracle9iAS Containers for J2EE user's guide doc
where can i found it? i need it to know how to config server.xml
and application.xml, the otn dont have it but other pdf refer to
it, it is really sick.Dear SP,
The oc4j docs work on the assumption that you will use the
admin.jar or oem to deploy your applications. When you do this,
the server.xml and application.xml are automatically modified.
You can also look at the docs at orion
http://www.orionserver.com/docs/index.html
There's some bits on the server.xml and orion-application.xml
(the application.xml in the config directory).
These should help you.
The server.xml file is used to point to the enterprise
application ear files. In addition, the *-web-site.xml files are
also pointed to in this file.
The config/applicatiom.xml is also pointed to in the server.xml.
This is the orion-application.xml file for the default
application, the mother of all applications in oc4j/orion. From
this file you point to any web-module's or ejb-modules which are
used by the default application.
If you use the admin.jar or oem or even jdeveloper you won't
have to do this, since these can deploy your enterprise
applications in oc4j for you.
regards,
the elephantwalker
www.elephantwalker.com -
Dear all experts
We are implementing SAP BI 7.0 SP11 and the portal and are trying to get these two 100% connected with the BI template installer etc. But when I run the "BI support tool (com.sap.ip.bi.supportdesk.default) I get an error saying :
"Create the J2EE user DDIC and map it to an ABAP user other than DDIC - see note 945055 for details"
And the note 945055 is saying that:
"To correct the problem, create user DDIC also in J2EE or in the LDAP (Lightweight Directory Access Protocol) connected to WebAS Java. You can create this user as a technical user. User DDIC is only used for SSO (Single Sign-On) communication."
So how do I "create user DDIC also in J2EE" - since we aint using any LDAP ??
Please help us - points will be given to any surgestions
Best regards
LarsHi,
You can create user in J2EE through useradmin application. access user admin through http://<ipaddress:port>/useradmin
ex: http://localhost:50000/useradmin
Log-in to the system as admin and create the user.
Thanks
R.Murali -
Users for the j2ee application
hi friends,
i want to create the users for J2EE applications.
can i create the users only for j2ee engine ?
how can i create these users?
if i want to implement the sap
is it necessary to buy the licence for j2ee users?
thanks®ards,
srinivas.Hi
To create the users in J2EE applications is not an issue, but the licensing is always applicable as it is applicable for ABAP applications.
There are two ways depends on configurations:
1. If the UME store is ABAP, then you can create the users at ABAP side using SU01 and at java side using http://<hostname>:5<Systemnumber>00/useradmin
2. If the UME store is JAVA, then you can only create using http://<hostname>:5<Systemnumber>00/useradmin
The licensing for JAVA applications depends as ABAP is having, if you use it as production you have to pay the charges. Please contact your local SAP representative for further details -
User roles in Integration Repository
Hi everybody,
does anybody have experience with user roles in XI 3.0? We want to limit access to various namespaces in the Integration Repository with use of these roles that can be created in the IR. That way, various XI developers working on the same XI-Repository should not be able to work in the namespaces of other developers.
We created the role in the IR and assigned it to a user in the J2EE Engine. But so far, it doesn't seem to work.
Am I missing something??
Thanks a lot,
Francis WolfHi,
it looks like the integration to the "abap" backend (=IS-Server) is missing.
J2EE-R3 integration regards user management maps R3 roles onto J2EE user groups. Thus, if the term "role" is used in R3 context, it has to be translated to "user group" in J2EE.
Next steps:
1. Create user in "R3", with transaction SU01.
2. In "R3", create a role with transaction PFCG
3. UME Admin WebApp: assign role to user group
4. XI Exchange Profile WebApp: activate data-dependent authorization checks. Put: com.sap.aii.util.server.auth.activation" in section "IntegrationBuilder.Repository" to true
Please check the documentation on Netweaver security and Integration of UME Roles with SAP Roles
Hope that gives an idea!
Good luck
Holger -
Deploy differences between 904 standalone and 903 J2EE and Web cache versio
I am trying to port an application from jboss (3.0.3) to OAS 9iAS rel2. Since the application uses local interfaces in the EJBs, I am using the pre-release versions of OAS. My development environment also include ant and xdoclet. I am not using JDeveloper or TopLink and would prefer not to due to the different targets we are using.
I have successfully portet to the 9.0.4 OC4J (standalone) version. In doing so I have collected all my EJB-class files in one jar, appName-ejb.jar, which along with the war-file and META-INF files go in the ear-file. Attempting to deploy this ear-file directly in 9.0.3 "J2EE and Webcache" version gives me the following error message in the Oracle Enterprise Manager Console: "Deployment failed: Nested exception Root Cause: Syntax error in source. Syntax error in source"
The how-to:Implement Local Interface (cmplocal) also use a single jar-file, cmplocal-ejb.jar. The description is targeted toward OC4J standalone. I have not attempted to deploy this ear-file in the "j2ee and webcache" version.
The Petstore demo ear-file (ref: "O9iAS Containers for J2EE User's Guide (9.0.3)") has all its beans in separate jar-files and deploys without any problems. The documentation also indicate that all beans has to be in separate jar-files in the root of the ear-file i.e this is a requirement. Do I understand the documentation correctly?
Why the difference between the standalone version and the next version? Does not the possibility having to maintain a a large number of bean-jar-files in the root of the ear-file make development/deployment much more difficult than necessary?
Does there exist any batch-workarounds?
DagI am trying to port an application from jboss (3.0.3) to OAS 9iAS rel2. Since the application uses local interfaces in the EJBs, I am using the pre-release versions of OAS. My development environment also include ant and xdoclet. I am not using JDeveloper or TopLink and would prefer not to due to the different targets we are using.
I have successfully portet to the 9.0.4 OC4J (standalone) version. In doing so I have collected all my EJB-class files in one jar, appName-ejb.jar, which along with the war-file and META-INF files go in the ear-file. Attempting to deploy this ear-file directly in 9.0.3 "J2EE and Webcache" version gives me the following error message in the Oracle Enterprise Manager Console: "Deployment failed: Nested exception Root Cause: Syntax error in source. Syntax error in source"
The how-to:Implement Local Interface (cmplocal) also use a single jar-file, cmplocal-ejb.jar. The description is targeted toward OC4J standalone. I have not attempted to deploy this ear-file in the "j2ee and webcache" version.
The Petstore demo ear-file (ref: "O9iAS Containers for J2EE User's Guide (9.0.3)") has all its beans in separate jar-files and deploys without any problems. The documentation also indicate that all beans has to be in separate jar-files in the root of the ear-file i.e this is a requirement. Do I understand the documentation correctly?
Why the difference between the standalone version and the next version? Does not the possibility having to maintain a a large number of bean-jar-files in the root of the ear-file make development/deployment much more difficult than necessary?
Does there exist any batch-workarounds?
Dag -
Do XI service users have to exist in the SLD with the same password?
Hi All,
Do XI service users have to exist in the SLD with the same password?
We have a 3 system(development, QA and production) XI landscape with a single SLD. All systems are NW04s with support stack 9.
We are required to change XI service user passwords. I have found OSS note 936093 for changing these passwords. What I am not sure of is if I can change XI service user passwords one system at a time. I am under the impression that XI service users must exist in the SLD with the same password as the XI system. If this is correct, I have to change service user passwords in all three systems at the same time which is not very feasible.
Thanks,
Hamid LashgariCreation and Maintain Users
For the transport of Integration Server content, it is a good idea to install CMS on an
existing Integration Server. In this double-stack scenario, where an ABAP and J2EE
stack is used, user management is different from a J2EE only installation.
Note: For more information about using CMS on a J2EE only installation, see the
CMS documentation.
The following section describes the double-stack user management settings required
when CMS is running on the Integration Server in the development environment. See
Figure 2. The description we provide starts with ABAP user management and is followed
by the maintenance in J2EE User Management Engine (UME). You proceed as follows:
Create the service user LSADMIN using transaction SU01.
Assign the ABAP roles SAP_XI_CMS_SERV_USER and
SAP_SLD_ORGANIZER to the LSADMIN service user.
Create the ABAP role SAP_CMS_ADMINISTRATOR and assign this role to the
ABAP dialog user(s) responsible for CMS administration.
In UME, create the role CMSDeveloper with the actions CMS.Display and
CMS.Export.
In UME, create the role CMSAdministrator with the action CMS.Administrate.
In UME, assign the users representing xirepuser and xidiruser to the role
CMSDeveloper.
In UME, assign the group SAP_CMS_ ADMINISTRATOR to the role
CMSAdministrator.
Log on to CMS with the ABAP dialog user responsible for CMS administration.
Maintain the CMS service user (LSADMIN) for the domain.
Task XI Dev
With CMS XI Test XI Prod
Create the service user LSADMIN in TA using transaction
SU01. Yes Yes Yes
Assign the ABAP roles SAP_XI_CMS_SERV_USER and
SAP_SLD_ORGANIZER to the LSADMIN service user. Yes Yes Yes
Create the ABAP role SAP_CMS_ADMINISTRATOR and
assign this role to the ABAP dialog user(s) responsible for
CMS administration.
Yes No No
In UME, create the role CMSDeveloper with the action
CMS.Display and CMS.Export.
Yes No No
In UME, create the role CMSAdministrator with the action
CMS.Administrate.
Yes No No
In UME, assign the group SAP_CMS_ ADMINISTRATOR to
the role CMSAdministrator
Yes No No
Log on to CMS with the ABAP dialog user responsible for
CMS administration.
Yes No No
Maintain the CMS service user (LSADMIN) for the domain. Yes No No
Figure 4: Overview of User Management Tasks in Different Systems -
I want to follow up on a sub-topic that came up in this thread:
Re: Mapping X.509 Cert. info to J2EE user
What concerns us is this:
In a J2EE X509 SSO scenario, we have a few choices to map user IDs to X509 certs. Our PKI is such that when a user logs into their PC, their roaming profile places their X509 certificate in their IE certificate store. This cert then gets used for a variety of enterprise apps, including SAP. It works as long as the user is at a PC they logged into. If they go to a public PC, like in a conference room, then they are aware that they have to log in manually since the conf. room uses a generic login.
For our environment of around 10,000 named users, we have them all mapped in our ABAP system table USREXTID. This is done automatically through a job that populates that table with data from our LDAP. The entry is simply CN=xxxxx and it's mapped to the SAP login ID.
This method is not possible with the J2EE side of things. Instead, the UME admin can manually import a client cert. We did that and it works.
Or, we can have the user map it themselves by clicking the "Certificate Login" link on the initial login screen and then authenticate themselves, which in turn populates their cert info into their UME record.
It is that method that concerns us. What's to stop user A from logging into his PC with his cert and then having user B come over and log into the app, subsequently perform that automatic mapping? User A would have user B's authorizations in future sessions on his own computer. We tested this and it is a technical possibility. Also if a cert is already mapped and a user clicks the "certificate login" button, then a new cert overwrites the old cert.
With our job that automatically maps CN=xxxxx info to SAP Logins in ABAP, this risk is completely eliminated. Only a user logged into their own PC, with their own Windows/XP credentials, can access the SAP app with their cert.
Please help me understand if I am missing something that eliminates the risk I've pointed out.> user A has a cert on his PC and it's mapped to his account.
> user B has a cert on his own PC, but has not mapped to an account yet.
> user A goes to user B's computer and click's the 'certificate login' button.
> he authenticates his account to user B's certificate.
Yes, but that sounds like: user A "donates" his account to user B.
Notice: user B (and only him has access to the private key of his certificate) can then logon (with his X.509 client certificate) under the account of user A.
> I tested this and it works as i described - what happens is the
> user A cert in user A's account is <b>replaced</b> with the user B cert.
> There isn't even a warning, it just happens.
Well, that's because of being able to update the certificate mapping.
Notice: certificates do have a limited lifetime - they will expire sooner or later. A follow-up certificate is supposed to substitute the previous one. In most cases the subject name will remain unchanged - but that's not guaranteed ... (it might be more than just the sequence number that has changed).
Regards, Wolfgang
PS: "CERTMAP" is just an offer - it might not be suitable in all cases (e.g. in such cases where a PC is not really a "Personal Computer" but used by different users without logoff from the OS level before handing over the PC to the next person - which will also allow that person to gain access to the Outlook inbox, file shares, etc.). -
[ J2EE RI Server ] CORBA NO_PERMISSION 0
Hi,
I was trying to deploy one simple session bean into J2EE RI Server. It works fine. And I wrote one client to access this session bean, it show me
java.rmi.AccessException: CORBA NO_PERMISSION 0 No; nested exception is:
org.omg.CORBA.NO_PERMISSION: minor code: 0 completed: No
Context ic = null;
try
ic = new InitialContext();
catch(Exception e)
System.out.println("1: "+e.toString());
This exception is happend when I try to lookup the jndi name
This error message is happend only on J2EE 1.3 (1.3_01) . If I downgrade to J2EE 1.3Beta or even 1.2, everything would be okay. Any one know how to solve such problem ??Da:Frederik Hansen ([email protected])
Message 2 in thread
Soggetto:Re: J2EE - NO_PERMISSION
Newsgroups:dk.edb.programmering.java
View this article only
Data:2001-11-10 03:32:12 PST
For at svare p� mit eget sp�rgsm�l: Access and Security Issues Q1: Some applications that ran under J2EE SDK 1.3
beta 2 stop running under the 1.3 FCS release with the
following message: java.rmi.AccessException: CORBA
NO_PERMISSION 0 No. Why does this happen and what
can be done about it? When your application ran under the 1.3 beta 2
version of the reference implementation (RI), security permissions may
not have
been checked. For example, the beta 2 RI allowed
calls to enterprise beans that required username-password permission,
even
when the client provided no username-password
information. With 1.3 FCS release, the J2EE SDK became strict
about checking adherence to the security policies of J2EE components. How can you make your application run under the
FCS release? 1.If you don't want security checks, do the
following: Use the deploytool to build a deployment
descriptor that does not require a strict security policy: Under the Security screen of the EJB wizard
or the Security tab of the EJB inspector in deploytool, click
"Deployment
Settings..". Under the box "Client
Authentication", make sure "Support Client Choice" is checked instead of
"Certificate"
or "Password". 2.To require the application pass security
checks to run, do the following: When an enterprise bean specifies
"Certificate" or "Password" as the method of Client Authentication, use
a J2EE
application client, instead of a stand-alone
Java application, to access the bean. You will need to login as a valid
J2EE
user. -
I have setup MI server ABAP + J2EE however I am having issue with synching the user accounts. I can tell the j2ee user accounts are synching with the ABAP stack client 001. How and where do I change J2ee ume to synch with my productive client 500 abap ume.
Thanks
MikieHello Mr. Mikie,
Please follow the following ,To change the J2EE UME to synch with your productive client 500.
Start the config tool .and then goto : Global Server Configuration->Services-> com.sap.security.core.ume.service.
After you select this service Search for the property on the right hand with name ume.r3.connection.master.client.
It should be set to 001( in your case)
change this value to 500.
Save & apply this changes and close the config tool.
After this please restart your j2ee instance.
Please do revert back to me.
Regards,
Premkishan Chourasia -
SAPJSF - no password for user - ECC6 - IDES
Hello Guru's,
Please help! I've read many posts on this issue and none seems to match my problem.
Installing a new ECC6, IDES system in Windows 2003, 64 bit, SQL Server 2005, ABAP and Java with Sun Java version 1.4.2.14 - x64.
During "create java users" step, getting error CJS-30196 User account SAPJSF has no password (USER_HAS_NO_PASSWORD).
I've looked at note 956921 and downloaded the DOC file. Per the instructions, i tried to log on as IDADMIN, but the password ides123 does not work. Logging on as DDIC (client 001), I cannot see a user SAPJSF or any J2EE users...
sapinst.log:
INFO 2007-05-31 16:18:31
An error occured and the user decided to retry the current step: "|NW_Onehost|ind|ind|ind|ind|0|0|NW_Onehost_System|ind|ind|ind|ind|1|0|NW_CI_Instance|ind|ind|ind|ind|11|0|NW_CI_Instance_Doublestack|ind|ind|ind|ind|2|0|createJSF".
INFO 2007-05-31 16:18:32
Removing file C:\Program Files\sapinst_instdir\ERP\SYSTEM\MSS\CENTRAL\AS\UserCheck.message.
INFO 2007-05-31 16:18:32
Removing file C:\Program Files\sapinst_instdir\ERP\SYSTEM\MSS\CENTRAL\AS\UserCheck.jlaunch.
INFO 2007-05-31 16:18:32
Creating file C:\Program Files\sapinst_instdir\ERP\SYSTEM\MSS\CENTRAL\AS\UserCheck.jlaunch.
INFO 2007-05-31 16:18:32
Creating file C:\Program Files\sapinst_instdir\ERP\SYSTEM\MSS\CENTRAL\AS\UserCheck.log.
INFO 2007-05-31 16:18:33
Working directory changed to C:\Program Files\sapinst_instdir\ERP\SYSTEM\MSS\CENTRAL\AS.
INFO 2007-05-31 16:18:33
Working directory changed to C:\Program Files\sapinst_instdir\ERP\SYSTEM\MSS\CENTRAL\AS.
INFO 2007-05-31 16:18:33
Output of D:\usr\sap\EC6\DVEBMGS01\exe\jlaunch.exe UserCheck.jlaunch com.sap.security.tools.UserCheck "C:\Program Files\sapinst_instdir\ERP\SYSTEM\MSS\CENTRAL\AS\install\lib;C:\Program Files\sapinst_instdir\ERP\SYSTEM\MSS\CENTRAL\AS\install\sharedlib;C:\Program Files\sapinst_instdir\ERP\SYSTEM\MSS\CENTRAL\AS\install" -c sysnr=01 -c ashost=TITANSAP -c client=001 -c user=DDIC -c XXXXXX -a checkCreate -u SAPJSF -p XXXXXX -r SAP_BC_JSF_COMMUNICATION_RO -message_file UserCheck.message is written to the logfile C:/Program Files/sapinst_instdir/ERP/SYSTEM/MSS/CENTRAL/AS/UserCheck.log.
WARNING 2007-05-31 16:18:37
Execution of the command "D:\usr\sap\EC6\DVEBMGS01\exe\jlaunch.exe UserCheck.jlaunch com.sap.security.tools.UserCheck "C:\Program Files\sapinst_instdir\ERP\SYSTEM\MSS\CENTRAL\AS\install\lib;C:\Program Files\sapinst_instdir\ERP\SYSTEM\MSS\CENTRAL\AS\install\sharedlib;C:\Program Files\sapinst_instdir\ERP\SYSTEM\MSS\CENTRAL\AS\install" -c sysnr=01 -c ashost=TITANSAP -c client=001 -c user=DDIC -c XXXXXX -a checkCreate -u SAPJSF -p XXXXXX -r SAP_BC_JSF_COMMUNICATION_RO -message_file UserCheck.message" finished with return code 2. Output:
May 31, 2007 4:18:35 PM Info: User management tool (com.sap.security.tools.UserCheck) called for action "checkCreate"
May 31, 2007 4:18:36 PM Info: Connected to backend system EC6 client 001 as user DDIC
May 31, 2007 4:18:36 PM Info: Called for user SAPJSF
May 31, 2007 4:18:37 PM Info: User SAPJSF exists
May 31, 2007 4:18:37 PM Error: Exception during execution of the operation
[EXCEPTION]
com.sap.security.tools.UserCheck$UserLogonException: User account SAPJSF has no password (USER_HAS_NO_PASSWORD)
at com.sap.security.tools.UserCheck.checkUser(UserCheck.java:833)
at com.sap.security.tools.UserCheck.main(UserCheck.java:268)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at com.sap.engine.offline.OfflineToolStart.main(OfflineToolStart.java:81)
May 31, 2007 4:18:37 PM Info: Leaving with return code 2
INFO 2007-05-31 16:18:37
Removing file C:\Program Files\sapinst_instdir\ERP\SYSTEM\MSS\CENTRAL\AS\dev_UserCheck.
ERROR 2007-05-31 16:18:37
CJS-30196 User account SAPJSF has no password (USER_HAS_NO_PASSWORD)
ERROR 2007-05-31 16:18:37
FCO-00011 The step createJSF with step key |NW_Onehost|ind|ind|ind|ind|0|0|NW_Onehost_System|ind|ind|ind|ind|1|0|NW_CI_Instance|ind|ind|ind|ind|11|0|NW_CI_Instance_Doublestack|ind|ind|ind|ind|2|0|createJSF was executed with status ERROR .
UserCheck.jlaunch:
UserCheck.Name = UserCheck
UserCheck.ClassPath = C:\Program Files\sapinst_instdir\ERP\SYSTEM\MSS\CENTRAL\AS\install\sharedlib\launcher.jar
UserCheck.mainclass = com.sap.engine.offline.OfflineToolStart
UserCheck.rootPath = C:\Program Files/sapinst_instdir/ERP/SYSTEM/MSS/CENTRAL/AS
UserCheck.JavaPath = D:/j2sdk1.4.2_14-x64
Please provide some pointers before I start banking my head on the desk!
Thank you...Hello Chet,
It has been a while you got this error.
I am getting exact same error in Installation of Solman with Ehp1.
Logically I tried to create the user manually.I did it Client 001 - that didnt help,created in 000 aswell...didnt help.
Still getting error
TRACE 2009-11-20 22:04:49.188 [iaxxejsbas.hpp:483]
EJS_Base::dispatchFunctionCall()
JS Callback has thrown unknown exception. Rethrowing.
ERROR 2009-11-20 22:04:49.218 [sixxcstepexecute.cpp:950]
FCO-00011 The step createJSF with step key |NW_Onehost|ind|ind|ind|ind|0|0|NW_Onehost_System|ind|ind|ind|ind|2|0|NW_CI_Instance|ind|ind|ind|ind|11|0|NW_CI_Instance_Doublestack|ind|ind|ind|ind|4|0|createJSF was executed with status ERROR .
TRACE 2009-11-20 22:04:49.295 [iaxxgenimp.cpp:752]
CGuiEngineImp::showMessageBox
<html> <head> </head> <body> <p> An error occurred while processing option SAP Solution Manager 7.0 EhP1 > SAP Systems > IBM DB2 for Linux, UNIX, and Windows > Central System > Central System. You can now: </p> <ul> <li> Choose <i>Retry</i> to repeat the current step. </li> <li> Choose <i>View Log</i> to get more information about the error. </li> <li> Stop the option and continue with it later. </li> </ul> <p> Log files are written to C:\Program Files/sapinst_instdir/SOLMAN/SYSTEM/DB6/CENTRAL/AS. </p> </body></html>
I seached SDN and thats how I got to your message then.
Did you do anything additional such us change the status in Keydb ??
Kindly Suggest
Best WIshes
Laxtot -
User cannot connect to backend system with user J2EE_ADMIN.
I am using Rapid Installer to initiate the second part of the installtion "ERP 6.0 EhP 3 Self-Service Scenarios and Automatic Roles". When I get to the J2EE User section to enter the parameters, the user is defaulted to "Administrator" and I enter my password. I click next and get this message "User cannot connect to backend system with user J2EE_ADMIN." Any ideas?
If this is a double stack installation, you need to enter J2EE_ADMIN as user, NOT administrator.
Markus
Maybe you are looking for
-
I need to reset my password but i no longer have access to the email
I need to restore my iPhone but it wont let me until i turn off the find my phone feature but the icloud account it makes me enter a password in i no longer ahve access to. So i need a way to either turn the feature off aother way or to reset that pa
-
Report for employees net and gross pay for a pay period
Hi Gurus How should I approach to write a report which gives employees net pay, gross pay and cost center for a pay period? Do i have to use cluster tables? As I am new to this module any help will be appreciated. Thanks in Advance
-
Hi everyone ! Since I've installed SL I've noticed that there's a bug when I move files from one folder to another. Normally, when you move the file with the mouse and you drag it to a folder and stay on it, the folder should open in a new window, bu
-
What is isd root process and where does it go?
I used activity monitor to stop a process and accidentally moved it to the trash. In what folder does it belong? I temporarily relocated i to the desktop
-
How do I access and transfer files on my iMac to my MacBook using bluetooth?
Hi there, I would like to know how to access files on my iMac and transfer them to my Mac Book Pro using Bluetooth, if this is possible?