MDM Portal CUA Security

Similar Messages

• MDM Portal CUA

  Hello Experts:
  We have a scenario as below.
  1) Enterprise portal witn windows NTML and using CUA for user base.
  2) MDM 5.5 SP4 need to be integrated.
  3) The R/3 is 620
  1) How can we authenticate the portal/cua user in MDM
  2) How can we create users in MDM automatically while creating in CUA.
  Please help.
  Please let me know for any more details, I can send.

  As far as I know this is not possible, because CUA requires the use of RFC destinations and logical systems and such, the standard ALE configuration for SAP systems.  Unfortunately since MDM was purchased, and has not been really built into the rest of the netweaver suite, it does not have ALE.  I'm hopeful that in the next life cycle or so of MDM we may see more of a shift towards the traditional architecture of SAP.
  Now, don't quote me on this, as I'm not positive.  This is just what I believe.

• Access denied (Object: com.sap.portal.system/security/no_safety)

  We are implementing EP 6.0, currently with SP11. We have developed some iViews, which are using RFC functions to get information from backend system, in this case SRM.
  Everything worked fine, till the day we’ve transported those developments into other systems (production and testing systems). We are getting the following error Access denied (Object: com.sap.portal.system/security/no_safety). This error only comes out if the iView is called from inside another one, if called isolated it works fine.
  Does any one have any idea about how to solve this?

  Hi AA, you can find in the log file in order to identify what is the object that you need to add in the security zone.
  You can find information for the security zones on:
  http://help.sap.com/saphelp_nw04/helpdata/en/25/85de55a94c4b5fa7a2d74e8ed201b0/content.htm
  Regards.

• Create/Edit relationship tables in MDM Portal

  Hello,
  When we set the Relationships tab and all fields on the tab with 'Updatable' = true in the MDM Portal, the only option is to Delete a relationship in the Portal.  A user cannot create a new relationship in the Portal.
  We are on version 7.0 in portal.
  Is this a limitation in this version and does anyone know if this is corrected in a later new release?
  thanks

  Hmmmm.. as far as I remember the answer is no.
  The way I do it is to drop an empty text box over the file name in the table and make this a hyperlink to the file.
  Some people report that this doesn't work and use a shape with almost zero opacity. I think they have this problem when using internal rather than external links. If you are linking to files in a download folder on your server you will be using external links and the text box is a lot quicker to do.
  The links on this page are done in this fashion....
  http://www.iwebformusicians.com/iWebMusicWebsite/WebsiteMap.html

• Pop ups on Standard MDM Portal iViews throw Portal Runtime Error

  Hi all,
  We are facing some issues with MDM Standard Search iViews in Portal. We have configured MDM standard iViews using MDM Search Texts iView, MDM Result Set iView, MDM Search Picklists iView, MDM Item Details etc. We are facing a problem with the MDM Search Picklists iViews wherein we have to click the ellipses button to open the pop up. Whenever we open the pop up, the pop up shows Portal Runtime Error. Please find the screenshot below:
  http://img209.imageshack.us/img209/1138/portalruntimeerror.jpg
  The MDM System is working fine. The other Standard iViews are also working fine. The surprising thing is that, when the Super Admin role is assigned to the user, the iViews start working perfectly as shown below:
  http://img696.imageshack.us/img696/6808/worksfinethisway.jpg
  I have checked the permissions also on all these iViews as well as the System object and did not find any problem. Moreoever, this was working fine till some days back. All of a sudden these iViews have stopped working. Please guide me as to what can be the reason for this and any possible solutions.
  Thanks in advance.
  Regards,
  Ankur

  I would check the logs but it sounds like a permission error to me.  Can you or your basis resources modify the Security Zones?
  System Administration -> Permissions -> expand Security Zones folder -> right click on com.sap.pct.mdm.appl.masteriviews and select Open Permissions -> in the assign permissions section add read permissions for a particular user, role, or group which the user getting the error is part of, check the End User checkbox -> Save.  Login to the portal and try again.
  -Greg

• Need to replicate Portal /irj security setting

  Hi Folks,
  I am working on a Portal 6 - Web AS 6.40 SPS 21
  I have strange proprietary application (I guess aspx) handling user authentication in the production Portal: whenever a user points the browser to the production portal public URL (say https://portal.customer.com), a reverse proxy forward the request to the custom auth app; the user enters his domain credentials and, if successful, he's redirected over the Portal, in an authenticated session (if I look at the browser cookies I can see the SAPSSO2).
  Now the problem: I would like my web module project (I am writing a very simple JSP using Web Module Project and Ent. App. project to deploy) to behave exactly as /irj does from a security perspective.
  Question 1: how do I have to set up security in my xml descriptors (web.xml and web-j2ee-engine.xml) in NWDS to achieve this?
  Question 2: do I need to change the auth template in the Security Provider in Visual Adiministrator for my app, or just leave it with the "basic" auth module it originally comes? I am confused about this because I would expect a "ticket" template with its 5 modules stack to be more appropriate then "basic", but if I look at how irj is configured in the Security Proivider, I see only "basic" used...
  Finally: I am (try to be) a strict-RTFM-observer as much as I can, but I really need your help here guys.
  Hope someone can shed some light on this foggy topic.
  Thanks in advance.
  Cheers,
  Alex

  Ok guys, fixed it myself, luckily.
  See /people/alessandro.guarneri/blog/2010/06/05/http-header-variable-authentication-in-sap-portal

• Question on MDM 2.1 security.

  Hi All,
  We are trying to configure MDM 2.1 for our project and we have a question about security.
  One of our goal is to flter data according to a particular user. For instance, we have a group of users that will be able to see only their own data (so their own interval data, MC, etc). So we need to filter data at the database level.
  Do you know if it is possible to do this in MDM 2.1 ?
  Many thanks.

  It sounds like you're attempting to pass Local EJB objects over a Remote interface, which is not permitted. EJBLocalObjects can not be passed outside the ejb tier. You'll need to either pull their data out into data access object classes (basically structs) or return EJBObjects.
  --ken                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       

• Portal tab security

  I have a page with item level security enabled for the page.
  I have added 5 tabs on one of the sections, and have set security for each of the tabs.
  On one of the tabs I limited the access to 1 group, however anyone that has access to the page group can see that tab. Is there an overriding security for tabs somewhere I do not know about?
  Thanks,
  Peter

  First, check the access for the PAGE GROUP properties since any access granted there will override specific access to a tab on a page in that page group. I've set up all the page groups in our portal to not have any access granted to any groups at the PAGE GROUP level but set it on the Root page of that page group (then sub pages can either inherit that access or I can specify different access at the page, tab, or even item level.)

• CUA Security

  Hi,
  I am working with CUA systems and i want to set a security lock in such a way that,  when i do the transports i don't want the user assignments to transport to get transported to target system and getting replaced.
  Thanks

  Hi,
  I think you can do these settings in the control table PRGN_CUST.
  In this table you must contain the entry USER_REL_IMPORT:=NO.
  Bye

• Crawling iplanet portal server secured content.

  Hi, All,
  I am new on the iplanet portal server. Try to come up a solution to crawling
  the secured content with a valid user name and password. What this the
  authentication mechanism of iplanet portal server keep the user's session?
  is iPlanet Portal server using cookie to store the session id or pass it
  back and forth as a parameter? Where can I find more information about this?
  Any response is appreciated!
  Hao Huang

  currently there is no testing tool available as a part of the product.

• I-Views MDM Portal

  I would like to create i-views in SAP Netweaver Portal for MDM SP5 and Basis Consulatant told to me MDM and Portal connectivity establised.
  Step 1:-Right-click your folder where you want to create your iView and from the context menu, select New  u2192 iView  to launch the iView Wizard. 
  Step 2:-Enter a Name (display name) and an ID for the iView (the ID name must be entered without blank spaces).
  Step 3:-Select Allias for MDM Server from drodown List.
  But instead of getting Step 3 , I got Summary to finished.
  How will configure Step 3.

  Hi Jitesh
  I have do exact same way and list of i-view are following .
  Tell MDM relevant i-views exist or not ,If not what we need to do...
  BEx Web Application iView
  Col Room Navigation iView
  Collaboration Configuration Template
  CRM BW iView
  CRM E-Commerce Document Overview
  CRM Fact Sheet BW iView
  CRM Fact Sheet Form iView
  CRM Fact Sheet List iView
  CRM Generic Internet Sales
  CRM PCUI BSP iView
  CRM Telephony
  CRM Value Help iView
  Crystal Enterprise Report
  JDBC Stored Procedure iView
  KM Application Log iView
  KM Cache Monitor iView
  KM Classification Inbox iView
  KM Configuration iView
  KM Content Exchange Subscriber iView
  KM Content Exchange Syndicator iView
  KM Content Exchange Syndicator Offers iView
  KM Content Exchange Syndicator Subscriber iView
  KM Crawler Monitor iView
  KM Crawler Monitor iView (Legacy)
  KM Discussion Group Admin iView
  KM Discussion Group Contributors iView
  KM Discussions iView
  KM Document iView
  KM Document iView Without Content Filter
  KM Folder Settings Admin iView
  KM Folder Settings Admin iView
  KM Index Administration iView
  KM Indexing Monitor iView
  KM Navigation iView
  KM Quick Poll Administration
  KM Quick Poll iView
  KM Recent Notifications iView
  KM Search iView
  KM Subscription iView
  KM Taxonomy Query Builder
  KM Taxonomy Trainer iView
  KM Taxonomy Update Log iView
  KM Trex Monitor iView
  KM Upload iView
  KM XML Forms Builder Check iView
  KM XML Forms Builder iView
  Navigation Destination
  Object-Based Navigation
  Page Navigation
  Personalized SAP Web Dynpro iView
  Portal Activity Report iView
  Proxy-to-Portlet iView (WSRP)
  Proxy-to-Remote iView
  Related Services iView
  SAP BSP iView
  SAP CRM R/3 Transaction iView
  SAP IAC iView
  SAP MiniApp iView
  SAP RFC iView
  SAP Transaction iView
  SAP Web Dynpro iView
  Search
  Service Map iView
  URL iView
  User Management
  Web Service iView
  Web Target iView
  WorkProtect Mode
  Workset Map iView
  XML iView

• CUA security question

  Hi,
  My company has decided to use only one cua for both productive and non productive systems (dev. , test, ...). What are the security issues or risks of this kind of set up? Same question for SAP SolMan for both production and non productive systems.
  Thanks.
  Regards.
  Philippe.

  Hi
  From a security point of view Julius is quite right, furthermore, by creating one CUA for Test and Developemnt, and another for productive use, you will also gain the option to test changes to your CUA landscape before migrating them to production.
  From a more pragmatic point of view I must admit that I have created many "only-one-CUA-Solutions". This will give you the advantage of a Single point of user maintenance, but if you do so, make sure that your master system is installed on a system with the highest possible security level, and that is I guess your productive system, or dedicated CUA System.
  And remember, a new client on test, development or solman, will not provide that level of security, unless your can ensure that level of security on all clients on the system.
  Regards
  Morten Nielsen

• MDM Portal Consultant Requirements

  Hi All,
  I would be entering into the field of MDM, and being from the Java and EP side, i would be working on the portal (Custom and Customizing) side of it.
  Please enlighten me with the best practices available in this stream.
  Some common and important things that i should be careful about while implementing MDM on EP.
  I have read most of the documents and posts available on SDN.
  Thanks in Advance...
  ~Nitin

  Nitin,
  You can find documentation EP-MDM integration, We can integrate MDM with any other SAP NetWeaver Co ponent,
  Help.sap.com MDM Documenation section IT Scenarios MDM-EP integration available......
  You can refer the doc....
  Regards,
  Raj

• MDM Portal configurations.

  Hi,
  Very recently we have integrated MDM 5.5 SP4 with our portal server EP6 WAS 6.40 SP16, i also have created the MDM system to connect to MDM repository. But i am totally unaware what could be the next thing? I assigned the std. roles to one user id but i am getting the error. Can anyone please give me or provide any link to document that discribes how we can create applications, how we can use MDM APIs?
  Also in my NWDS, i am unable to locate the MDM Perspective. How can i get rid of all these issues?
  Please help as i am a newbie for MDM.
  Regards,
  Ameya

  Hi,
  Steps for using standard MDM iViews:
  1. Deploy the MDM SCAs on your portal
  2. Restart the Portal Server
  3. Create the MDM System and System Alias
  4. Assign the System Alias to the user and complete the user mapping
  5. Check the connection of the system with the repository
  After the above steps you will be able to use the standard MDM iViews available like Item Details, ResultSet etc.
  JAVA APIs
  Java APIs are basically used when you want some customization i.e. the functionality required that standard iViews cannot provide and there is no MDM Perspective in NWDS you can either use WebDynpro or Java Perspective and you have to use the APIs available for various operations like Connection with the repository,Session establishment,Workflows etc.
  Please refer the Java Doc shipped with the MDM Installation for more information about the classes and methods available for MDM operations.
  Hope you will get some idea.
  Regards,
  Jitesh Talreja

• In which place the  MDM Iviews resides in portal

  help me understand the MDM Java architecture and In which place the  MDM Iviews resides in portal. Can any one Help me on this

  Hi Pandian,
  please follow the below useful links about MDM ivews.
  http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/bebdb8c4-0801-0010-aa81-a9b8d14e8415?QuickLink=events…
  Creating and Managing iViews (SAP Library - MDM Portal Content Development Guide)
  https://scn.sap.com/thread/968936
  Thank you
  Rahul