Page and Record level Authentication / Access control.

Similar Messages

• Record Level Authentication in ADF Security 11g

  Is it possible to code my application to support record level authentication by using ADF 11g Security?
  For example the CEO Role can read all orders from a view, but other roles can only read the orders by them self.
  Do I have to control this mannually or the ADF Security can handle this for me? Is there any example about this?
  Thanks in advanced,
  Samson Fu

  I can think of three solutions:
  1) Go with the Oracle database Virtual Private Database (VPD) feature. This is the ideal solution as it codes that security logic in the database, and doesn't rely on your program/middletier getting the security correct.
  2) In ADF BC create the custom framework as recommended in the JDev Fusion Guide and then modify the custom ViewObjectImpl executeQuery() method such that it always adds your required predicate (where clause) to each VO query.
  3) Custom code the Where clause into every ADF BC VO query.
  CM.

• Page and filed level security

  Currently we are in the process of developing pages which involve both role based security as well as page level security. For e.g. depending upon a user is Admin or Moderator or guest user, certain pages may/may not be visible to him/her.
  At the same time within a page itself some fields may or may not be editable to them.
  How can u achive both a coarse grained as well as fine grained security mechanism.

  Container security will be able to achieve this.
  In the web.xml you can specify individual pages/folders which require a certain role to access. That should do you well enough for page level security. You need to define <security-role> and <security-constraint> sections in web.xml
  With regards to components on the page, you have to go to the coding level. There are helper methods such as request.isUserInRole() which you can use to include/leave out various bits of a page.
  Hope this helps,
  evnafets

• WRTU54G-TM Slow Setup Page and HTML Error on Access Restrictions Page

  I have a WRTU54G-TM Wireless Router.  It has v1.00.21 firmware and I have done a reset with no solution.  Everything seems to work, except the setup pages load very, very, very slow.  Also in Internet explorer I get an HTML error on the access restrictions page. Resets don't help.  The router did not have this issue until about a month ago that I recall.  I can see on the access restrictions page the gray shading is all lined up except at the bottom on the page, like ther is some sort of issue in the html within the router.
  One more problem, after I reset the router the saved config file I made would not change the default settings back, I had an older saved config file also, it would not work either.
  Is this an issue with this firmware version?   Any one else see this?
  Message Edited by johnsonle9 on 01-24-2010 01:24 PM
  Message Edited by johnsonle9 on 01-24-2010 01:24 PM

  Are you getting the same problem with another computer...?
  Try using different computer and check if you are getting the same problem or not...If yes then,I would suggest you to re-flash/upgrade the router's firmware,reset the router and re-configure it from scratch..Do not use the save config file.

• I keep getting a Yahoo DNS error handler page, and can't even access the add-ons page to disable it because it redirects me to the Yahoo DNS page immediately

  I have already seen some suggested solutions to the problem of this extremely annoying Yahoo DNS error solutions page, but they involve going to the add-ons page of firefox and disabling various add-ons. The issue is that even when I try to go to the add-ons page I get immediately redirected to the Yahoo DNS solutions page again.
  I have cleared my browser history and cache, hoping it would help, but nothing. Extremely annoying as I never installed anything - it simply started after a Firefox upgrade.
  Any help much appreciated.

  Open the Help menu and choose Restart Firefox with Add-ons Disabled. Remove any offending extensions. For details, see the "Uninstall from Firefox Safe Mode" section of the following article.
  * [[Cannot uninstall an add-on]]

• Certificate and Key Expiration information regarding your Access Control Service (ACS) 2.0 Namespace

  I've received an email from Windows Azure Team ([email protected]) with the above title. It suggests
  I 
  We are writing to inform you that certificates or keys related to one or more of your Namespaces are about to expire between July 8, 2012-November 8, 2012.
  Please find below the list of your Namespaces that need Certificate or Key rollover:
  fiftyeggs-cache
  These namespaces can be viewed by signing in to your Windows
  Azure portal subscription. After you have signed in you are redirected to the Management Portal page. On the lower left-hand side of this page, click Service Bus, Access Control & Caching. To see
  the registered namespaces under your subscription, under Services click Access Control/Service Bus/Caching.
  However, this is a cache-namespace which appears to be a Managed Namespace
  http://msdn.microsoft.com/en-us/library/gg185943.aspx and I don't believe there is any way of managing keys. Can anyone help or point me to the relevant article. I don't want the cache keys to expire (the site will die) but there doesn't appear to
  be any actions for me to take.

  Did you add a X509/Symmetric Key/Password based "Service Identities" (Re Carson Wa above). If not, my year
  is up on the 27th so I'll schedule for random failures! That will not keep my clients happy.
  Can you keep us informed of the progress of your ticket here please :-)
  I got an email from MS yesterday...
  We inadvertently sent an email message to you between June 12 and June 18, 2012, that
  described updating expiring certificates and keys in the Access Control Service (ACS) namespaces used by your Service Bus or Cache namespaces. The message referred to the following namespaces:
  fiftyeggs-cache
  The message was sent in error, and we sincerely apologize. No action is required.
  Did you get that?
  Andrew

• Sourcefire access control policy and intrusion policy

  hi.
  i have a question.
  what is the diffrerence between access control policy and intrusion policy.

  The access control policy is where you'll apply your different intrusion policies to different pieces of your traffic flow. You can also apply "content" filtering, access restrictions, monitoring, and file inspection.
  The intrusion policy is where you configure rules that you will apply to traffic in your access control policy.

• Access control for different user groups in APEX 4.0

  Hi guys,
  in Apex 4.0, is there any way to use the access control page to configure access control for different user groups?
  The access control page currently only has an access control list by users with 3 privileges namely, Administrator, Edit & View where Administrator has the highest access level & View the lowest. Therefore 1 user cannot have more than 1 different privilege, however if the user belongs to 2 or more different groups then we can control what access he can have in a more fine grained manner. We also want to have more than the 3 privileges given.
  Can we assign different groups to different users and let them have different privileges to be configured by page, region, process or item level?
  Now Apex will create 2 tables, Apex_Access_Control & Apex_Access_Setup to store the application access control mode & access control list. It will also create 3 authorization schemes "access control - administrator", "access control - edit" & "access control - view" based on the 2 tables.
  Does this mean we have to change the table structures & edit the authorization schemes to suit our usage? We are reluctant to do this because if we upgrade to a newer version of Apex then we would have to merge our pl/sql coding with Apex's updated code.
  How can we auto-configure more than the 3 authorization schemes in the access control page? Is there any way to achieve a finer grain of access control based on the current access control administration page given by Apex without writing it ourselves?
  We are afraid that we may have missed something on Apex access control & do not want to reinvent the wheel.

  Hi Errol,
  to build your own application authorization scheme around the security model supplied by Apex for administration of the Apex environment would be a bad idea.
  This was never intended for authorization scheme management in custom built Apex applications, it was solely intended to control access in the Apex environment overall. The API for it is not published, and making changes to it, such as adding more roles, would run the risk of breaking the overall Apex security model. It would not be supported by Oracle and Oracle would not guarantee the upwards compatibility of any changes you make in future versions of Apex.
  In short, you should follow Tyson's advice and build your own structure. As he indicated, there are plenty of examples around and provided your requirements are not too complicated, it will be relatively simple.
  Regards
  Andre

• GRC Access Control 5.3 (Links to components)

  Hi all,
  My laptop has just packed up. This to the end of the project.
  Would anyone be so kind and send me the links to access and navigate through the Access control 5.3 modules and technical netweaver platform.
  This will be a huge help, I don't realy have time to go through all the manuals and SAP notes and scout for all of these at this point in time.
  Please HELP !
  Regards, Melvin

  to access CUP:
  http://<hostname>:<portnumber>/AE
  To access RAR:
  http://<hostname>:<portnumber>/webdynpro/dispatcher/sap.com/grc~ccappcomp/ComplianceCalibrator
  to access SPM
  http://<hostname>:<port>/webdynpro/dispatcher/sap.com/grc~ffappcomp/Firefighter
  to access ERM:
  http://<hostname>:<portnumber>/RE
  Launch pad link:
  http://<server name>:5<instance>00/webdynpro/dispatcher/sap.com/grc~acappcomp/AC
  NW start page:
  http://<hostname>:<portnumber>/index.html

• "Enable Access Control" for shared directory is grayed out

  For shared directories in WorkGroup Manager, the checkbox "Enable Access Control" is grayed out. I want to enable ACL on a directory I have moved from another volume. The "Enable disk quotas" is also grayed out.
  How do I turn on Enable ACL?
  Dennis

  ACLs are enabled at the volume level. In the Sharing panel of WGM, you need to click the "All" tab so that you see more than just your sharepoints. Select the disk volume upon which your directory is located and then the "Enable Access Control" option should become available to you.
  Note that enabling the ACLs doesn't apply them. Your directory will continue to use POSIX permissions until you specifically apply ACLs to it.
  Xserve G5   Mac OS X (10.4.5)  

• I cant access control panel of wap4410n

  just i purchase cisco access point and I tried to access control panel to setup wireless security but the page i issued not display 192.168.1.245, there is any wayes to connet device web base ??

  To help answer your question the device only has the ip address of: 192.168.1.245 if it is unable to get an address DHCP. If you connect your device to a router or switch and power the device on if there is a DHCP server on the network it will assign the wap4410n an IP Address. The easiest way to configure the device is to power the device on connect to nothing. After the device has power on change you laptop or PC to an IP Address on the same subnet so for example 192.168.1.11. and subnet mask of 255.255.255.0 and you do not need to put a gateway.
  After this is done connect the wap4410 directly to your pc or laptop with an ethernet cable. Next got to Internet explorer or Firefox and pull in the address bar put in the ip address of the wap4410n 192.168.1.245 and hit enter. This will allow you access to the device and you can change it to a static ip address that is on your network. After changing it to an IP address on your network you can now go back and plug the device in to your network and it will stay on the ip address that you set for the device.
  Change your laptop or pc back to dhcp after changing it back plug it back into your network and you will be able to access and setup the wireless and security setting on the wap4410n. Just by going to the ip address that you setup static for the device. The other way if you just plug it directly to your network some router have the option so you are able to see the dhcp client address. If your router has this function you can look there and will be able to see what ip address the wap4410n has if you choose not to connect directly to the device and set a static ip address. Hopefully this has been helpful for you.
  Thanks
  Quendale Martin

• Composition of business team in GRC Access control project

  Hi
  Can I get any information about the composition of business team in a GRC access control project?
  What type of people form this team?
  Please provide some clarity on the role of business people in this type of projects.
  Regards
  Abhijeet

  Hi,
  Idealy the team should comprise of
  1] A representative of the IT Governance team -he ensures that the IT delivers value to the business,the risks have been analysed and fully addressed to.
  2] The Buiness process owners -these people only define the access restrictions for various activities like purchase,payment,etc.
  3] Application specialist -in charge of SOD-he defines the roles and profiles for the access control.
  4] If required a member from "Assurance" - these will be auditing the "access control " on a regular basis after the implementation.
  5] The configuration team.-they configure the controls in the Appln.sysytem
  Regards.
  Ramesh.

• Configure Access Control Owner screen

  Hi All,
  I am working on SAP GRC project and it's very new to me. I have one user and that user has Access control owners screen.
  This role displaying all the Central Owner in the table. When I click one role than Open button gets activated. When i click open button it's navigating to Owner assignment screen in Central Owner Administration. In here i am having two doubts,
  1. Is this possible to create duplicate screen of Owner assignment screen
  2. If possible how to configure that in Access Control Owners screen.
  Your valuable answers will be appreciated.
  Thanks in advance.
  Regards,
  Kathiresan R

  Hi Kathiresan,
  its not possible for creating duplicate entries for one user with similar owner administration in Access Control Owners tab.
  and it is possible, for one user we can able to assign multiple responsibilities.
  Once we are in to Access control Owners screen
  -> select the user id which you want assign additional responsibility like Risk Owner, MC owner and FF role owner etc.
  -->Click on open button and select multiple responsibilities and save the data.
  And make sure that user should have the required roles before assigning the responsibilities in access control owners.
  Thanks,
  Siva

• Integrating SAP HCM with third party Access Control System

  Hi Experts,
  We have client using SAP HCM and intend procuring an Access Control Solution to manage her people.
  What the client wants to avoid though is having to create a new employee in SAP HCM and manually creating same in the Access Control Software. Is there a way this can be automated such that upon recruitment of new staff, the data is updated in the Access Control DB which uses MS SQL? If this is possible, what is required to get this working well.
  Thanks for your support in this regard.
  Regards
  John

  For time management with the help of transaction pt80 you can download the information about employees with the help of idoc. And there are some programs a.k.a connectors that link access control systems and SAP so that you do not hire the same employee in the access control problem. You hire the employee in SAP and SAP sends the information (HR Minimaster DATA) to the related program.
  It is also do the same thing for the employees who resign. I mean if an employee is fired or resigned from the company than it is sent to the related system.
  These can be found under PDC integrated systems. You can find information about the systems from Ecohub. http://ecohub.sap.com/
  I hope this answer will help.

• I have Firefox 3.6 if I upgrade will I still be able to get to my IGoogle page and will I loose my Bookmarks

  I have Firefox 3.6 and although and although it works beautifully I am know being told if I dont upgrade it is going to upgrade automatically. I know I will loose the google toolbar but will there still be a button were i can access my Igoogle page and I have everything stored in my bookmarks drop down so I dont have to type it in I just click bookmarks pick which bill I want to pay it takes me to the page and thats it, even access to my bank accounts are stored in bookmarks so I dont want to loose that feature, its quick simple and easy. right know I have my AT&T homepage with Firefox and there is a IGoogle icon I can click on in the toolbar that will take me to my IGoogle home page which I use all the time . Is there a version other than 3.6 were I wont loose these things since I am going to be forced to upgrade from 3.6? Thanks

  If you want to set iGoogle as your home page, you can read [[How to set the home page]], tell it to use igoogle, then you should be all set!
  Now, are your bookmarks google bookmarks or Firefox bookmarks? firefox bookmarks will still be there, but for Google bookmarks, you have to do a workaround to use them. [https://support.mozilla.org/en-US/kb/google-toolbar-not-compatible-firefox https://support.mozilla.org/en-US/kb/google-toolbar-not-compatible-firefox] explains it all.