OIM Read only Admin Role
Hello Everyone
Is there something like read-only OIM Admin role?. My manager wants to just see everything done by a system administrator or xelsysadmin . He doesn't want to modify any date, but he just wants to access everything added by the administrator.
Thank You
Hi,
I hope you are using OIM 11g R2.
If yes, then OOTB OIM provides many Admin Roles under organization section. For example: User Viewer, HelpDesk, Org Admin etc.
You can use any of the OOTB admin roles to fulfill your requirement.
HTH
J
Similar Messages
-
Business Connector - Read only - Administrator role
Hi Community,
We've currently got SAP 4.8 running in our environment.
The situation is that often developers need to check the extended settings, logs, or what jobs are scheduled.
The two main roles are Developer or administrator.
The only way to get access to the web GUI admin page is to assign the administrator role.
Does anyone know how to assign a "read-only" role for the web admin page?
I would then assign this to a developer rather than give them full administrator access on business connector.
Kind Regards,
ChrisTo the best of my knowledge thats not an option.
But like to hear it if otherwise.
Regards
Juan -
Hey,
Has anyone found a way to add further restrictions to users logged in to the Admin Console based on membership to a Group? Restricting them to specific Menu Items is taken care of, but I'd like to be able to prevent them from editing anything in the Manage Users section.
Ideally they would be able to view the user details page and user resources, but not be able to change them in any way. At the same time I'd like to filter out certain user fields from displaying (for instance, the person's SSN).
Is there any way to do this outside of front-end customization? This is using OIM 9.1.0.0.If I understood your qurey correctly... try changing the property of the user filed in FormMetaData.xml to readonly. By this you just display the fileds but are not editable.
-
DB read only access role with properties view of a database
Hi,
We need to access database properties for SQL server 2000/2005/2008. I am pretty sure that 2005/2008 can be accessed with db_datareader role. Not sure whether same can be used with SQL 2000 instances. CAn anyone provide clarity on this?You can use db_datareader on SQL 2000, but as Satish says, you don't need it only to access database properties.
Erland Sommarskog, SQL Server MVP, [email protected] -
SAP R/3 : read only acces role
Hi,
I need to provide full read access to our SAP R/3 system to an auditor. Does R/3 provide any predefined role/set of roles to accomplish this task ?
Kind regards,HI,
These are the sap standard auditor roles.
SAP_AUDITOR_A
SAP_AUDITOR_ADMIN
SAP_AUDITOR_ADMIN_A
SAP_AUDITOR_BA_A
SAP_AUDITOR_BA_CFM
SAP_AUDITOR_BA_CFM_A
SAP_AUDITOR_BA_CO
SAP_AUDITOR_BA_CO_A
SAP_AUDITOR_BA_EC_CS
SAP_AUDITOR_BA_EC_CS_A
SAP_AUDITOR_BA_EC_PCA
SAP_AUDITOR_BA_EC_PCA_A
SAP_AUDITOR_BA_EXPORT_DATA
SAP_AUDITOR_BA_FI_AA
SAP_AUDITOR_BA_FI_AA_A
SAP_AUDITOR_BA_FI_AP
SAP_AUDITOR_BA_FI_APMD
SAP_AUDITOR_BA_FI_APMD_A
SAP_AUDITOR_BA_FI_AR
SAP_AUDITOR_BA_FI_ARMD
SAP_AUDITOR_BA_FI_ARMD_A
SAP_AUDITOR_BA_FI_CJ
SAP_AUDITOR_BA_FI_CJ_A
SAP_AUDITOR_BA_FI_GL
SAP_AUDITOR_BA_FI_SL
SAP_AUDITOR_BA_FI_SL_A
SAP_AUDITOR_BA_HR
SAP_AUDITOR_BA_HR_A
SAP_AUDITOR_BA_MM
SAP_AUDITOR_BA_MM_IM
SAP_AUDITOR_BA_MM_IM_A
SAP_AUDITOR_BA_MM_IV
SAP_AUDITOR_BA_MM_IV_A
SAP_AUDITOR_BA_MM_PUR
SAP_AUDITOR_BA_MM_PUR_A
SAP_AUDITOR_BA_ORGA
SAP_AUDITOR_BA_RE
SAP_AUDITOR_BA_RE_A
SAP_AUDITOR_BA_SD
SAP_AUDITOR_BA_SD_A
SAP_AUDITOR_DS
SAP_AUDITOR_DS_A
SAP_AUDITOR_SA
SAP_AUDITOR_SA_BC
SAP_AUDITOR_SA_BC_CCM_USR
SAP_AUDITOR_SA_BC_CUS_TOL
SAP_AUDITOR_SA_CCM_USR
SAP_AUDITOR_SA_CUS_TOL
SAP_AUDITOR_TAX_A
SAP_AUDITOR_TAX_AA
SAP_AUDITOR_TAX_AA_A
SAP_AUDITOR_TAX_COPS
SAP_AUDITOR_TAX_COPS_A
SAP_AUDITOR_TAX_FI
SAP_AUDITOR_TAX_FI_A
SAP_AUDITOR_TAX_HR
SAP_AUDITOR_TAX_MM
SAP_AUDITOR_TAX_MM_A
SAP_AUDITOR_TAX_SD
SAP_AUDITOR_TAX_SD_A
SAP_AUDITOR_TAX_TR
SAP_AUDITOR_TAX_TR_A -
I'm trying to setup a group that would allow members to search (manage) for users, see the user details, see the associated resources, and the provisioning process details.
I've created a group and added the menu item for manage users, made it an administrative group, and added a ton of permissions to that group. I added a user to this group and when I search for users it returns no users - although it should. I'm sure it's something simple to resolve this. Any insight is appreciated.Think I got it. Xellerate Users are assigned to an Org (not a group). Just went and made my org an administrative group for the Xellerate Users group
-
Read only access to J2EE related tools
Hello,
I would like to help our auditors access everything they need to check in the Java systems, but I am not ready to give them ADMIN accounts. That`s why I need some kind of read only access for them.
So I would like to ask you if there is a SAP Note about the read only access roles for J2EE/ Java AS?
I am afraid there is no such note available, so can anybody share any experience with granting read only access to the Java system? I know how to grant access to the whole NWA, but what about the rest?
Examples:
- is there a way how to grant read only access only to the UME?
- is there a role for read only access to the portal PCD?
- is there something similar for KM access?
Or has anybody ever tried to split the admin roles into smaller pieces? Is there a description/ document how to do such thing?
Thank you for your time and effort,
cheers OttoHi,
thanks for trying, but I can use help.sap.com and was on that page before.
Maybe if there were any examples there or better: if the whole thing would be more granular (I see no point in using roles starting with SUPER, containing ADMIN or ending with ALL). I am looking for roles for surgery or for auditing. I don`t want to give anybody these super/admin/all roles just like that.
If you can suggest how to use that page, that would be cool. Otherwise I see no use.
By the way: another question of mine about surgery: How to restrict access to download/ upload UME configuration file
I would like to know how to controla access to this specific feature, nothing else.
Thanks for the time and effort,
cheers Otto -
Create a user with read only access in the weblogic server 10.3.5
Hi Friends,
I am getting the below exception after creating a user (soa_read_only) with read only access in the logs after logging in with this user credentials:
[2011-11-28T13:22:32.781+05:30] [AdminServer] [WARNING] [] [oracle.jps.admin] [tid: [ACTIVE].ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: soa_read_only] [ecid: 49233e31d176bb92:78c87a90:133e90b0482:-8000-00000000000005d2,0] Access denied. Required roles: Operator, Admin, executing subject: principals=[soa_read_only, Monitors][[
java.lang.SecurityException: Access denied. Required roles: Operator, Admin, executing subject: principals=[soa_read_only, Monitors]
at oracle.as.jmx.framework.wls.spi.security.WLSMBeanSecurityHelper.isInWlsGlobalSecurityRoles(WLSMBeanSecurityHelper.java:245)
at oracle.as.jmx.framework.wls.spi.security.WLSMBeanSecurityHelper.checkGlobalSecurityRoleBasedAccess(WLSMBeanSecurityHelper.java:139)
at oracle.as.jmx.framework.wls.spi.security.WLSMBeanAccessControllerSPIImpl.checkLogicGlobalSecurityRoleAccess(WLSMBeanAccessControllerSPIImpl.java:35)
at oracle.as.jmx.framework.MBeanAccessControllerImpl.checkLogicGlobalSecurityRoleAccess(MBeanAccessControllerImpl.java:52)
at oracle.security.jps.mas.mgmt.jmx.policy.JpsAdminRoleImpl.checkRole(JpsAdminRoleImpl.java:182)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at oracle.as.jmx.framework.standardmbeans.spi.OracleStandardEmitterMBean.doInvoke(OracleStandardEmitterMBean.java:973)
at oracle.adf.mbean.share.AdfMBeanInterceptor.internalInvoke(AdfMBeanInterceptor.java:104)
at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doInvoke(AbstractMBeanInterceptor.java:252)
at oracle.as.jmx.framework.generic.spi.security.AbstractMBeanSecurityInterceptor.internalInvoke(AbstractMBeanSecurityInterceptor.java:190)
at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doInvoke(AbstractMBeanInterceptor.java:252)
at oracle.security.jps.ee.jmx.JpsJmxInterceptor$2.run(JpsJmxInterceptor.java:344)
at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:413)
at oracle.security.jps.ee.jmx.JpsJmxInterceptor.internalInvoke(JpsJmxInterceptor.java:360)
at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doInvoke(AbstractMBeanInterceptor.java:252)
at oracle.as.jmx.framework.generic.spi.interceptors.ContextClassLoaderMBeanInterceptor.internalInvoke(ContextClassLoaderMBeanInterceptor.java:103)
at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doInvoke(AbstractMBeanInterceptor.java:252)
at oracle.as.jmx.framework.generic.spi.interceptors.MBeanRestartInterceptor.internalInvoke(MBeanRestartInterceptor.java:116)
at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doInvoke(AbstractMBeanInterceptor.java:252)
at oracle.as.jmx.framework.generic.spi.interceptors.LoggingMBeanInterceptor.internalInvoke(LoggingMBeanInterceptor.java:524)
at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doInvoke(AbstractMBeanInterceptor.java:252)
at oracle.as.jmx.framework.standardmbeans.spi.OracleStandardEmitterMBean.invoke(OracleStandardEmitterMBean.java:887)
at oracle.as.jmx.framework.standardmbeans.spi.OracleStandardEmitterConfigMBean.doInvoke(OracleStandardEmitterConfigMBean.java:398)
at oracle.as.jmx.framework.standardmbeans.spi.OracleStandardEmitterConfigMBean.invoke(OracleStandardEmitterConfigMBean.java:365)
at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:836)
at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:761)
at weblogic.management.mbeanservers.domainruntime.internal.FederatedMBeanServerInterceptor.invoke(FederatedMBeanServerInterceptor.java:349)
at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$16.run(WLSMBeanServerInterceptorBase.java:449)
at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.invoke(WLSMBeanServerInterceptorBase.java:447)
at weblogic.management.mbeanservers.internal.JMXContextInterceptor.invoke(JMXContextInterceptor.java:263)
at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$16.run(WLSMBeanServerInterceptorBase.java:449)
at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.invoke(WLSMBeanServerInterceptorBase.java:447)
at weblogic.management.mbeanservers.internal.SecurityMBeanMgmtOpsInterceptor.invoke(SecurityMBeanMgmtOpsInterceptor.java:65)
at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$16.run(WLSMBeanServerInterceptorBase.java:449)
at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.invoke(WLSMBeanServerInterceptorBase.java:447)
at weblogic.management.mbeanservers.internal.SecurityInterceptor.invoke(SecurityInterceptor.java:444)
at weblogic.management.jmx.mbeanserver.WLSMBeanServer.invoke(WLSMBeanServer.java:323)
at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder$11$1.run(JMXConnectorSubjectForwarder.java:663)
at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder$11.run(JMXConnectorSubjectForwarder.java:661)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder.invoke(JMXConnectorSubjectForwarder.java:654)
at javax.management.remote.rmi.RMIConnectionImpl.doOperation(RMIConnectionImpl.java:1427)
at javax.management.remote.rmi.RMIConnectionImpl.access$200(RMIConnectionImpl.java:72)
at javax.management.remote.rmi.RMIConnectionImpl$PrivilegedOperation.run(RMIConnectionImpl.java:1265)
at javax.management.remote.rmi.RMIConnectionImpl.doPrivilegedOperation(RMIConnectionImpl.java:1367)
at javax.management.remote.rmi.RMIConnectionImpl.invoke(RMIConnectionImpl.java:788)
at javax.management.remote.rmi.RMIConnectionImpl_WLSkel.invoke(Unknown Source)
at weblogic.rmi.internal.ServerRequest.sendReceive(ServerRequest.java:174)
at weblogic.rmi.internal.BasicRemoteRef.invoke(BasicRemoteRef.java:222)
at javax.management.remote.rmi.RMIConnectionImpl_1035_WLStub.invoke(Unknown Source)
at javax.management.remote.rmi.RMIConnector$RemoteMBeanServerConnection.invoke(RMIConnector.java:993)
at weblogic.management.remote.wlx.ClientProvider$WLXMBeanServerConnectionWrapper.invoke(ClientProvider.java:291)
at weblogic.management.remote.wlx.ClientProvider$WLXMBeanServerConnectionWrapper.invoke(ClientProvider.java:291)
at oracle.sysman.emSDK.sec.targetauth.emas.EMASConnection.checkTargetRole(EMASConnection.java:222)
at oracle.sysman.emSDK.sec.targetauth.EMTargetAuthService.checkTargetRoleEx(EMTargetAuthService.java:625)
at oracle.sysman.emSDK.sec.targetauth.EMTargetAuthService.checkTargetRoleEx(EMTargetAuthService.java:595)
at oracle.sysman.emSDK.sec.targetauth.EMTargetAuthService.checkTargetRole(EMTargetAuthService.java:577)
at oracle.sysman.emSDK.sec.authz.EMAuthzService.checkPermission(EMAuthzService.java:288)
at oracle.sysman.emSDK.pagemodel.menu.EMMenuCommand.getMenuItem(EMMenuCommand.java:681)
at oracle.sysman.core.app.menu.XMLMenuManager.createEMMenuItem(XMLMenuManager.java:1595)
at oracle.sysman.core.app.menu.XMLMenuManager.createEMMenu(XMLMenuManager.java:1421)
at oracle.sysman.core.app.menu.XMLMenuManager.getTargetMenu(XMLMenuManager.java:529)
at oracle.sysman.core.view.menu.MenuBarUIBean.populateTargetMenu(MenuBarUIBean.java:1023)
at oracle.sysman.core.view.menu.MenuBarUIBean.getFarmMenuComp(MenuBarUIBean.java:696)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at javax.el.BeanELResolver.getValue(BeanELResolver.java:261)
at com.sun.faces.el.DemuxCompositeELResolver._getValue(DemuxCompositeELResolver.java:173)
at com.sun.faces.el.DemuxCompositeELResolver.getValue(DemuxCompositeELResolver.java:200)
at com.sun.el.parser.AstValue.getValue(Unknown Source)
at com.sun.el.ValueExpressionImpl.getValue(Unknown Source)
at com.sun.faces.application.ApplicationImpl.createComponent(ApplicationImpl.java:250)
at javax.faces.webapp.UIComponentELTag.createComponent(UIComponentELTag.java:222)
at javax.faces.webapp.UIComponentClassicTagBase.createChild(UIComponentClassicTagBase.java:513)
at javax.faces.webapp.UIComponentClassicTagBase.findComponent(UIComponentClassicTagBase.java:782)
at javax.faces.webapp.UIComponentClassicTagBase.doStartTag(UIComponentClassicTagBase.java:1354)
at org.apache.myfaces.trinidad.webapp.UIXComponentELTag.doStartTag(UIXComponentELTag.java:75)
at oracle.adfinternal.view.faces.unified.taglib.UnifiedMenuTag.doStartTag(UnifiedMenuTag.java:51)
at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:50)
at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
at oracle.jsp.runtime.tree.OracleJspNode.execute(OracleJspNode.java:89)
at oracle.jsp.runtimev2.ShortCutServlet._jspService(ShortCutServlet.java:89)
at oracle.jsp.runtime.OracleJspBase.service(OracleJspBase.java:30)
at oracle.jsp.runtimev2.JspPageTable.compileAndServe(JspPageTable.java:665)
at oracle.jsp.runtimev2.JspPageTable.service(JspPageTable.java:387)
at oracle.jsp.runtimev2.JspServlet.internalService(JspServlet.java:802)
at oracle.jsp.runtimev2.JspServlet.service(JspServlet.java:726)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:821)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:27)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.sysman.eml.app.JSPFilter.doFilter(JSPFilter.java:93)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at weblogic.servlet.internal.RequestDispatcherImpl.invokeServlet(RequestDispatcherImpl.java:524)
at weblogic.servlet.internal.RequestDispatcherImpl.include(RequestDispatcherImpl.java:444)
at weblogic.servlet.jsp.PageContextImpl.include(PageContextImpl.java:164)
at weblogic.servlet.jsp.PageContextImpl.include(PageContextImpl.java:185)
at oracle.jsp.runtime.tree.OracleJspIncludeNode.execute(OracleJspIncludeNode.java:49)
at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
at oracle.jsp.runtime.tree.OracleJspIterationTagNode.executeHandler(OracleJspIterationTagNode.java:45)
at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
at oracle.jsp.runtime.tree.OracleJspIterationTagNode.executeHandler(OracleJspIterationTagNode.java:45)
at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
at oracle.jsp.runtime.tree.OracleJspNode.execute(OracleJspNode.java:89)
at oracle.jsp.runtimev2.ShortCutServlet._jspService(ShortCutServlet.java:89)
at oracle.jsp.runtime.OracleJspBase.service(OracleJspBase.java:30)
at oracle.jsp.runtimev2.JspPageTable.compileAndServe(JspPageTable.java:665)
at oracle.jsp.runtimev2.JspPageTable.service(JspPageTable.java:387)
at oracle.jsp.runtimev2.JspServlet.internalService(JspServlet.java:802)
at oracle.jsp.runtimev2.JspServlet.service(JspServlet.java:726)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:821)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:27)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.sysman.eml.app.JSPFilter.doFilter(JSPFilter.java:93)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at weblogic.servlet.internal.RequestDispatcherImpl.invokeServlet(RequestDispatcherImpl.java:524)
at weblogic.servlet.internal.RequestDispatcherImpl.include(RequestDispatcherImpl.java:444)
at weblogic.servlet.jsp.PageContextImpl.include(PageContextImpl.java:164)
at weblogic.servlet.jsp.PageContextImpl.include(PageContextImpl.java:185)
at oracle.adfinternal.view.faces.taglib.region.IncludeTag.__include(IncludeTag.java:442)
at oracle.adfinternal.view.faces.taglib.region.IncludeTag.doEndTag(IncludeTag.java:232)
at oracle.adfinternal.view.faces.taglib.region.PageTemplateTag.doEndTag(PageTemplateTag.java:162)
at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:63)
at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
at oracle.jsp.runtime.tree.OracleJspNode.execute(OracleJspNode.java:89)
at oracle.jsp.runtimev2.ShortCutServlet._jspService(ShortCutServlet.java:89)
at oracle.jsp.runtime.OracleJspBase.service(OracleJspBase.java:30)
at oracle.jsp.runtimev2.JspPageTable.compileAndServe(JspPageTable.java:665)
at oracle.jsp.runtimev2.JspPageTable.service(JspPageTable.java:387)
at oracle.jsp.runtimev2.JspServlet.internalService(JspServlet.java:802)
at oracle.jsp.runtimev2.JspServlet.service(JspServlet.java:726)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:821)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:27)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.adf.library.webapp.LibraryFilter.doFilter(LibraryFilter.java:176)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.sysman.eml.app.JSPFilter.doFilter(JSPFilter.java:93)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.sysman.core.model.targetauth.EMLangPrefFilter.doFilter(EMLangPrefFilter.java:158)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at weblogic.servlet.internal.RequestDispatcherImpl.invokeServlet(RequestDispatcherImpl.java:524)
at weblogic.servlet.internal.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:253)
at com.sun.faces.context.ExternalContextImpl.dispatch(ExternalContextImpl.java:410)
at org.apache.myfaces.trinidad.context.ExternalContextDecorator.dispatch(ExternalContextDecorator.java:45)
at org.apache.myfaces.trinidad.context.ExternalContextDecorator.dispatch(ExternalContextDecorator.java:45)
at org.apache.myfaces.trinidad.context.ExternalContextDecorator.dispatch(ExternalContextDecorator.java:45)
at org.apache.myfaces.trinidad.context.ExternalContextDecorator.dispatch(ExternalContextDecorator.java:45)
at org.apache.myfaces.trinidadinternal.context.FacesContextFactoryImpl$OverrideDispatch.dispatch(FacesContextFactoryImpl.java:268)
at com.sun.faces.application.ViewHandlerImpl.executePageToBuildView(ViewHandlerImpl.java:471)
at com.sun.faces.application.ViewHandlerImpl.renderView(ViewHandlerImpl.java:140)
at javax.faces.application.ViewHandlerWrapper.renderView(ViewHandlerWrapper.java:191)
at org.apache.myfaces.trinidadinternal.application.ViewHandlerImpl.renderView(ViewHandlerImpl.java:193)
at oracle.sysman.emSDK.adfext.ctlr.EMViewHandlerImpl.renderView(EMViewHandlerImpl.java:150)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._renderResponse(LifecycleImpl.java:800)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:294)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:214)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:266)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:27)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.help.web.rich.OHWFilter.doFilter(Unknown Source)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.sysman.emSDK.license.LicenseFilter.doFilter(LicenseFilter.java:166)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:205)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:106)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:447)
at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:447)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:271)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:177)
at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.sysman.emas.fwk.MASConnectionFilter.doFilter(MASConnectionFilter.java:41)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.adf.library.webapp.LibraryFilter.doFilter(LibraryFilter.java:176)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.sysman.eml.app.AuditServletFilter.doFilter(AuditServletFilter.java:183)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.sysman.eml.app.EMRepLoginFilter.doFilter(EMRepLoginFilter.java:203)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.sysman.core.model.targetauth.EMLangPrefFilter.doFilter(EMLangPrefFilter.java:158)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.sysman.core.app.perf.PerfFilter.doFilter(PerfFilter.java:141)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.sysman.eml.app.ContextInitFilter.doFilter(ContextInitFilter.java:542)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:111)
at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:413)
at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:94)
at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:161)
at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:136)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
Why this exception is occurring? Kindly help me with this, its a bit urgent!!!!Hi
1. First create a user like readonlyweblogic using some password in Weblogic Console. In Weblogic Console itself, select this new user and go to his Group Memberships and add a Group named Monitors. This means this user has Monitor role for Weblogic Console. Monitor is a Read Only access role to the weblogic console.
2. NOW, with full admin privileges user, login into EM Console. Select soa_infra, right click mouse -> Security -> Application Roles. On right side, click green arrow and see list of Roles shown. Select the role named SOAMonitors, click on this. And add a User to this that is created above like "readonlyweblogic".
3. Close all the browsers. Open a new browser and test weblogic console and em console with this new user.
I have this setup like this in many envs and they all work fine. They are read only access users for admin console and em console.
Thanks
Ravi Jegga -
Creating user as good as sysadmin but with read only privs
Hi Folks I want to
creating user as good as sysadmin but having only read only privs
how can we do this.Hi
1. First create a user like readonlyweblogic using some password in Weblogic Console. In Weblogic Console itself, select this new user and go to his Group Memberships and add a Group named Monitors. This means this user has Monitor role for Weblogic Console. Monitor is a Read Only access role to the weblogic console.
2. NOW, with full admin privileges user, login into EM Console. Select soa_infra, right click mouse -> Security -> Application Roles. On right side, click green arrow and see list of Roles shown. Select the role named SOAMonitors, click on this. And add a User to this that is created above like "readonlyweblogic".
3. Close all the browsers. Open a new browser and test weblogic console and em console with this new user.
I have this setup like this in many envs and they all work fine. They are read only access users for admin console and em console.
Thanks
Ravi Jegga -
Problem with Read-only user being able to add and delete files and folders.
The setup:
Computer #1
iMac (intel) running 10.5.5
File sharing ON
Sharing folder on external USB drive called 'iTunes' (but not the drive volume itself)
Users:
- Everyone = Read Only
- Admin(me) = Read/write
- UserA = Read Only (with account PW and username identical to local login for computer below)
Computer #2
UserA's iBook G4 running 10.4.11
When I go to finder>network>iMac>connect it prompts me to login which I do and then select 'iTunes' folder which is visible and mounts successfully. I can see all files, access them all. Life seems great. Then I discover that I can also modify and delete files from the iBook, and create and delete directories.
I'm new to networking and although I've setup and managed minimal networking tasks on PCs before, this is my first foray into the Mac networking world. Please help.
What am I doing wrong? What haven't I set?
Thanks in advance.Sorry, I should have clarified this in the first email.
When I login from the iBook, I am logging in under a read-only user (not as myself, who is admin on the iMac). The user on the iBook has only been given read-only permissions on the iMac yet is able to add and delete files.
This read-only login/PW however, is the admin account on the iBook, but that shouldn't allow this person to write on the iMac so far as I understand things...right? -
Hi, I am trying to implement a role that would enable a user to have the same functionality as the out-of-the-box User Admin role, but that this user would not be able to actually create or modify users, roles assignments, etc.
The idea is to have a 'Display' role - with read-only access.
The solution we are comtemplating right now involves getting the source code from SAP, copying it, and modifying it - disabling any interaction. We would then create new iviews, pages, etc from there only for this role. This is a tedious task.
Any ideas on how else this can be done?
ThanksI have only managed to do this by creating a role and assigning the relevant User Admin iViews to the role and then changing the End User Permissions on the role.
I assigned the ReadAll Premission. That did the trick for me.
Groups unfortunately require the manage_groups Permission, so we do not allow the viewing of groups. -
Is there any way to create admin role only for one resource.
Hi all,
I am trying to create an admin role with 'update user' capability. But I want to restrict the user(with the admin role) to be able to update a user's attribute only for one resource, The user(with the admin role) should not be able to update the attributes of the other resources which a user have.
Is there any way to create admin role only for one resource?
I customized the tabbed user form to show only one resource attribute (deleting the missing fields and adding my tab for the resource) and then assigned this new User Form to the user(with the admin role) in security tab.
It works fine. But the problem is that if any user(with the admin role) is also admin of some other resource then he/she will not be able to view the other resource attributes.
Please suggest,
thanksThe loop function always repeats the same region so of course the fade is also copied. So option+drag the original region to make a (non clone) copy, fade the first region and loop the second one (which you just copied).
-
Read only access to Admin Console in WL 6.1
Hi,
I've seen a couple of questions already posted about this... but so far no answers!
Does anyone know how to grant read only access to the WL 6.1 Admin Console? The
supplied user "guest" doesn't seem to have any access, so I was wondering what
needs to be edited to enable this.... I've tried adding ACL's with "read" permission,
but that doesn't seem ot help.
Any thoughts would be most appreciated.
JimBrown,
This functionality is not available in 6.1. The newest version of wls
8.1 has this feature depending on the role that the user is in.
~satya
Mr. Brown wrote:
Is there a way to restrict a user to read-only priv. on the weblogic
console? Either by using acl's or other means.
Thanks in advance,
Brown -
Visual Admin tool in Read only mode?
HI
is it possible to access the Visual Admin tool in Read only mode. if Yes then How? if No then why?
Regards
Shridhar GowdaHi,
check with links, you may get some info, but i am not sure.
Check some VC roles and assign those roles for perticular users for full and read only.
1. http://help.sap.com/saphelp_nw70/helpdata/EN/7a/a0e84240857076e10000000a1550b0/content.htm
2. https://admin.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/659c082e-0c01-0010-2e9f-ac674cfff2d2
3. https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/b0bf413a-66a6-2a10-8eb7-91b9e99c4a97
Regards,
Srini Nookala
Edited by: Srini Nookala on Aug 26, 2008 4:02 PM -
Workflow Admin read only responsibility in EBS 11.5.10.2
Hi All,
I have a requirement to create a read only workflow administrator. For that I have done the below steps.
1. Created one permission set with Monitor Data.
2. Created one role and one grant for that role with the above selected permission set.
3. Then I have assigned the responsibility Workflow Administrator Web (New) to a user.
4. Assigned the above created role to to that user.
Then I tried to access the WF pages from that user, but still he is able to do all the activities that is possible by the Workflow Administrator Web Applications responsibility.
When I navigated to Workflow Administrator Web Applications-->Administration, Workflow System Administrator LOV is having value '*'. I changed that to 'Workflow Administrator Web Applications', and tried to access Workflow Administrator Web (New) from the above user.
Now no buttons are enabled for him. But in the Status Monitor, the user will be able to view only the Workflows owned by him.
But my requirement is to view all users workflow.
Can anyone guide me on how to achieve that.?
Also, I found that there is no significance for assigning Monitor Data permission. Please suggest me on that aspect also.
Hoping for youe valuable comments.
Thanks in advance.
Regards,
Charls K VHi Charls,
The note is also telling the same thing.:(
Then is there anyway to achieve my requirement.
Should be able to query everything as the admin does. But won't be able to perform any actions.
Looking forward for your valuable comments.I did manage to create the same using (How to Restrict Access to Data in the Workflow Monitor based on Item Types? [ID 559072.1]) but for specific item type (omit this step if you want to have access to all item types).
If you could share the steps you followed (in details) to implement the above, it would be helpful.
Please also review (How to enable Workflow Owned By LOV in Workflow Status Monitor for a User other than SYSADMIN [ID 1328447.1]) and see if it helps.
Thanks,
Hussein
Maybe you are looking for
-
Set curser in a VI which frontpanel is not opend
Hi, I've the following problem: A Sub-VI which has several initialisation routines while start-up (takes about ~10sec). I want to set the cursor to 'busy' for this time. The sub VI sets the cursor to 'busy' while start up, and after finishing the ini
-
I am a new IMac user trying to do Software Update but it just say (waiting) but nothing happen! I try to restart and shutdown the computer but it won't let me by leting me know that I can't shutdown or restart the computer while software updating is
-
Trying to add itunes account for new phone, sharing existing music folder
My wife's phone is already linked to the admin user account on my imac. I have created another account to use for linking my own iphone 4 to. I have tried the directions I have found so far for making the folder of our current music available to the
-
PRs not finding a release strategy
Hi All, I am having a issue with creating PRs, when i create PR with one line item, it is finding the release strategy but when i create PR for more than one line item SAP can't find the release strategy. The only common factor for the problem would
-
Negative stock ('moving average price for material is negative')
Dear all, I have a question with regards to negative stock. Does it means if I configure my system (i.e. OMJ1) by allowing the negative stock for a particular plant, the problem of Invoice bumping the error (i.e. 'moving average price for material is