PolicyEvaluationException

Hi,
I'm currently working on a project which requires Custom Conditions, which you can plug in, in AM (version 7).
Recently we made a Custom Condition and noticed that it was only consulted one time, at login time. After that, the Policy Decisions were cached. Since the requirement states that the Condition needs to kick in as the user selected another working data set, I've set the 'Subjects Result Time to Live' to '0' (Service Config->Policy Configuration).
After this, everything seemed to works fine, that is, locally. On local pc I have installed an agent which is linked to the AMDomain, no problem.
Now, when I'm testing on a unix domain, with his own agent, connecting to the same AMDomain, same source, same everything, I receive following exception:
com.sun.identity.policy.remote.PolicyEvaluationException: Received expired policy decision from server for resourceName=...
        at com.sun.identity.policy.client.ResourceResultCache.getPolicyDecision(
ResourceResultCache.java:235)
        at com.sun.identity.policy.client.PolicyEvaluator.getPolicyDecision(Poli
cyEvaluator.java:371)
        at com.sun.identity.agents.policy.AmWebPolicy.checkPolicyForResource(AmW
ebPolicy.java:98)
        at com.sun.identity.agents.filter.URLPolicyTaskHandler.process(URLPolicy
TaskHandler.java:105)
        at com.sun.identity.agents.filter.AmFilter.processTaskHandlers(AmFilter.
java:185)
        at com.sun.identity.agents.filter.AmFilter.isAccessAllowed(AmFilter.java
:152)
        at com.sun.identity.agents.filter.AmAgentBaseFilter.doFilter(AmAgentBase
Filter.java:38)
.... Normally, if I would consult the PolicyEvaluator within my own code I would catch this exception and somehow try to deal with it. Now it seems that the agent filter itself is throwing this exception, which makes it more complex...
Does anyone have experience with this??? I would be very grateful.
Many thanks in advance.
Regards,
Philip

Hi,
the system dates on the various unix domains are in sync. Related to this topic, the AMAgentFilter now throws a "session already invalidated" exception:
ERROR: AmFilter: Error while delegating to inbound handler: J2EE Local Auth Task Handler, access will be denied
java.lang.IllegalStateException: invalidate: Session already invalidated
at org.apache.catalina.session.StandardSession.invalidate(StandardSession.java:1258)
at org.apache.catalina.session.StandardSessionFacade.invalidate(StandardSessionFacade.java:164)
at com.sun.identity.agents.filter.LocalAuthTaskHandler.doLocalAuthWithSessionBinding(LocalAuthTaskHandler.java:289)
at com.sun.identity.agents.filter.LocalAuthTaskHandler.authenticate(LocalAuthTaskHandler.java:159)
at com.sun.identity.agents.filter.LocalAuthTaskHandler.process(LocalAuthTaskHandler.java:106)
at com.sun.identity.agents.filter.AmFilter.processTaskHandlers(AmFilter.java:185)
at com.sun.identity.agents.filter.AmFilter.isAccessAllowed
This does not happen in development. Would it be possible that this is related to using a cluster?
Thx for your advice,
Philip

Similar Messages

  • OAM-02073 when trying to login with custom login page

    I Created a custom login page, but when I submit it to OIM I get the error on the page "System error. Please re-try your action. If you continue to get this error, please contact the Administrator." with the OAM 11g Page, and in the logs it shows the errors below. Thanks for any ideas on what this issue could be.
    <Oct 29, 2011 11:24:46 PM CDT> <Warning> <oracle.oam.controller> <OAM-02073> <Er
    ror while checking if the resource is protected or not.>
    <Oct 29, 2011 11:24:46 PM CDT> <Warning> <oracle.oam.binding> <BEA-000000> <OAM-
    02073
    oracle.security.am.common.utilities.exception.AmRuntimeException: OAM-02073
    at oracle.security.am.engines.enginecontroller.AuthzEngineController.che
    ckProtected(AuthzEngineController.java:536)
    at oracle.security.am.engines.enginecontroller.AuthzEngineController.pro
    cessEvent(AuthzEngineController.java:159)
    at oracle.security.am.controller.MasterController.processEvent(MasterCon
    troller.java:354)
    at oracle.security.am.controller.MasterController.processRequest(MasterC
    ontroller.java:517)
    at oracle.security.am.controller.MasterController.process(MasterControll
    er.java:457)
    at oracle.security.am.pbl.PBLFlowManager.delegateToMasterController(PBLF
    lowManager.java:209)
    at oracle.security.am.pbl.PBLFlowManager.handleBaseEvent(PBLFlowManager.
    java:147)
    at oracle.security.am.pbl.PBLFlowManager.processRequest(PBLFlowManager.j
    ava:107)
    at oracle.security.am.pbl.transport.http.AMServlet.handleRequest(AMServl
    et.java:168)
    at oracle.security.am.pbl.transport.http.AMServlet.doPost(AMServlet.java
    :133)
    at oracle.security.am.pbl.transport.http.AMServlet.doGet(AMServlet.java:
    673)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
    at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run
    (StubSecurityHelper.java:227)
    at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecuri
    tyHelper.java:125)
    at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.jav
    a:300)
    at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja
    va:56)
    at oracle.security.am.agent.wls.filters.OAMServletAuthenticationFilter.d
    oFilter(OAMServletAuthenticationFilter.java:265)
    at oracle.security.am.agent.wls.filters.OAMValidationSystemFilter.doFilt
    er(OAMValidationSystemFilter.java:133)
    at oracle.security.wls.oamagent.OAMAgentWrapperFilter.doFilter(OAMAgentW
    rapperFilter.java:120)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja
    va:56)
    at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:111)
    at java.security.AccessController.doPrivileged(Native Method)
    at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:31
    3)
    at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUt
    il.java:413)
    at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.jav
    a:94)
    at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:1
    61)
    at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja
    va:56)
    at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:13
    6)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja
    va:56)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationActio
    n.wrapRun(WebAppServletContext.java:3715)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationActio
    n.run(WebAppServletContext.java:3681)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(Authenticate
    dSubject.java:321)
    at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:
    120)
    at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppS
    ervletContext.java:2277)
    at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletC
    ontext.java:2183)
    at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.j
    ava:1454)
    at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
    at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
    Caused By: oracle.security.am.engines.authz.AuthorizationException: OAMSSA-14003
    : Policy runtime failed.
    at oracle.security.am.engines.authz.AuthorizationEngine.isResourceProtec
    ted(AuthorizationEngine.java:183)
    at oracle.security.am.engines.enginecontroller.AuthzEngineController.che
    ckProtected(AuthzEngineController.java:373)
    at oracle.security.am.engines.enginecontroller.AuthzEngineController.pro
    cessEvent(AuthzEngineController.java:159)
    at oracle.security.am.controller.MasterController.processEvent(MasterCon
    troller.java:354)
    at oracle.security.am.controller.MasterController.processRequest(MasterC
    ontroller.java:517)
    at oracle.security.am.controller.MasterController.process(MasterControll
    er.java:457)
    at oracle.security.am.pbl.PBLFlowManager.delegateToMasterController(PBLF
    lowManager.java:209)
    at oracle.security.am.pbl.PBLFlowManager.handleBaseEvent(PBLFlowManager.
    java:147)
    at oracle.security.am.pbl.PBLFlowManager.processRequest(PBLFlowManager.j
    ava:107)
    at oracle.security.am.pbl.transport.http.AMServlet.handleRequest(AMServl
    et.java:168)
    at oracle.security.am.pbl.transport.http.AMServlet.doPost(AMServlet.java
    :133)
    at oracle.security.am.pbl.transport.http.AMServlet.doGet(AMServlet.java:
    673)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
    at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run
    (StubSecurityHelper.java:227)
    at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecuri
    tyHelper.java:125)
    at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.jav
    a:300)
    at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja
    va:56)
    at oracle.security.am.agent.wls.filters.OAMServletAuthenticationFilter.d
    oFilter(OAMServletAuthenticationFilter.java:265)
    at oracle.security.am.agent.wls.filters.OAMValidationSystemFilter.doFilt
    er(OAMValidationSystemFilter.java:133)
    at oracle.security.wls.oamagent.OAMAgentWrapperFilter.doFilter(OAMAgentW
    rapperFilter.java:120)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja
    va:56)
    at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:111)
    at java.security.AccessController.doPrivileged(Native Method)
    at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:31
    3)
    at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUt
    il.java:413)
    at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.jav
    a:94)
    at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:1
    61)
    at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja
    va:56)
    at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:13
    6)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja
    va:56)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationActio
    n.wrapRun(WebAppServletContext.java:3715)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationActio
    n.run(WebAppServletContext.java:3681)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(Authenticate
    dSubject.java:321)
    at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:
    120)
    at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppS
    ervletContext.java:2277)
    at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletC
    ontext.java:2183)
    at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.j
    ava:1454)
    at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
    at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
    Caused By: oracle.security.am.common.policy.runtime.PolicyEvaluationException: O
    AMSSA-06191: The runtime request contains no resource.
    at oracle.security.am.common.policy.runtime.PolicyRuntimeImpl.isResource
    Protected(PolicyRuntimeImpl.java:143)
    at oracle.security.am.engines.authz.AuthorizationEngine.isResourceProtec
    ted(AuthorizationEngine.java:181)
    at oracle.security.am.engines.enginecontroller.AuthzEngineController.che
    ckProtected(AuthzEngineController.java:373)
    at oracle.security.am.engines.enginecontroller.AuthzEngineController.pro
    cessEvent(AuthzEngineController.java:159)
    at oracle.security.am.controller.MasterController.processEvent(MasterCon
    troller.java:354)
    at oracle.security.am.controller.MasterController.processRequest(MasterC
    ontroller.java:517)
    at oracle.security.am.controller.MasterController.process(MasterControll
    er.java:457)
    at oracle.security.am.pbl.PBLFlowManager.delegateToMasterController(PBLF
    lowManager.java:209)
    at oracle.security.am.pbl.PBLFlowManager.handleBaseEvent(PBLFlowManager.
    java:147)
    at oracle.security.am.pbl.PBLFlowManager.processRequest(PBLFlowManager.j
    ava:107)
    at oracle.security.am.pbl.transport.http.AMServlet.handleRequest(AMServl
    et.java:168)
    at oracle.security.am.pbl.transport.http.AMServlet.doPost(AMServlet.java
    :133)
    at oracle.security.am.pbl.transport.http.AMServlet.doGet(AMServlet.java:
    673)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
    at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run
    (StubSecurityHelper.java:227)
    at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecuri
    tyHelper.java:125)
    at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.jav
    a:300)
    at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja
    va:56)
    at oracle.security.am.agent.wls.filters.OAMServletAuthenticationFilter.d
    oFilter(OAMServletAuthenticationFilter.java:265)
    at oracle.security.am.agent.wls.filters.OAMValidationSystemFilter.doFilt
    er(OAMValidationSystemFilter.java:133)
    at oracle.security.wls.oamagent.OAMAgentWrapperFilter.doFilter(OAMAgentW
    rapperFilter.java:120)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja
    va:56)
    at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:111)
    at java.security.AccessController.doPrivileged(Native Method)
    at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:31
    3)
    at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUt
    il.java:413)
    at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.jav
    a:94)
    at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:1
    61)
    at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja
    va:56)
    at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:13
    6)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja
    va:56)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationActio
    n.wrapRun(WebAppServletContext.java:3715)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationActio
    n.run(WebAppServletContext.java:3681)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(Authenticate
    dSubject.java:321)
    at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:
    120)
    at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppS
    ervletContext.java:2277)
    at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletC
    ontext.java:2183)
    at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.j
    ava:1454)
    at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
    at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)

    Hello, I'm having the same issue. I did check my custom login form and I'm using "post" and fully qualified OAM host name. The behavior and very inconsistent. My integration is OIF-OAM. OIF proxy protected by 11g webgate. If I close the browser or try hitting back button, the login form comes up fine and could able to access the resource. I did look into support site and found this Doc Id: ID 1348419.1 which matches my condition, but couldn't able to figure out if there is a patch out for this bug.
    Has anyone faced this issue?
    Thanks for the help.
    Sunil.

  • OAM11g - How to perform direct login without accessing protected resource?

    Hi,
    I think this should be a common requirement as website needs to provide a direct login page.
    The OAM Documentation seems focus on the flow of starting from accessing protected resource then redirect to login page.
    How can we perform direct login?
    I tried from my custom login page directly, but it always gives me *"PolicyEvaluationException: OAMSSA-06191: The runtime request contains no resource"* once the login form submitted.
    Anyone can advise? Thanks in advance.

    Thanks for the reply.
    We need to cater for both the scenarios:
    Scenario 1: User tries to access a protected page. He/she will be redirected to the login page. Once it is authenticated, he/she will be redirected back to the previously requested protected page
    Scenario 2: User clicks the "Login" link on the homepage where the homepage is definitely unprotected. He/she will be redirected to the login page. Once it is authenticated, he/she will be redirected back to homepage.
    I have tried to the "Success URL" parameter of the Authentication Policy. However, once "Success URL" is defined, Scenario 1 will NOT work...
    Yes. There are some work around solution I can think about.
    Example: use a intermediate page 'rediret.jsp' which is defined as the protected resource.
    The flow is: clicks the "Login" link on the homepage -> a intermediate page 'rediret.jsp' -> login page -> redirect back to 'rediret.jsp' -> 'rediret.jsp' will redirect user to the Homepage...
    But I think Scenario 2 should be very common and it should be a right solution for it. Please advise. Thanks

  • OAM 11g start up error - MicroSMImpl

    All,
    One of our clustered oam members is not starting up cleanly. Get the following exceptions, cleaned up tmp files and restarted several time with no luck. Has anyone seen this error before? Everything was working before for a long time and no change was made to the configuration. Other nodes in the cluster come up just fine.
    Thanks in advance,
    Prasad.
    oracle.security.am.common.policy.runtime.PolicyEvaluationException: OAMSSA-06186: Unable to initialize PolicyRuntimeProviderImpl! : "oracle.security.am.common.policy.runtime.PolicyEvaluationException: oracle.security.am.common.policy.admin.PolicyManagerException: java.lang.RuntimeException: java.lang.ClassNotFoundException: com.bea.security.impl.MicroSMImpl".

    We are not clear the root cause of this yet. We are working with Oracle Support on this and hope that they will be able to help as Oracle development is the only one who can address such blackbox type weblogic issues. We suspect that whenever there is a db table space issue or other lower level stack password expiry issues or policy issues occur environment becomes unstable and doesn't shut down cleanly (ports don't get cleared etc). Even after multiple restarts of OID/OVD/associated weblogic managed servers the issue stays. I also tried to explicitly add the associated jar file to the weblogic class path.
    The way we are currently dealing with is:
    1. Cleanup files under /tmp directory (or wherever your environments temporary files are loaded)
    2. Reboot the host server (linux in our case)
    Hope this works for you as well.
    Prasad.

  • License delivered, screen stays black.

    I've a compiled the sample player, have a 'working' license server , packaging looks to be working as well, but playing scrambled content goes wrong.
    1.       If using the policy made by CreatePolicyWithOutputProtection, I get “NoDigitalProtectionAvail” as error message in the client, tomcat says :
    a.       2010-08-16 15:24:36.0300 INFO http-8080-1 com.adobe.flashaccess.refimpl.web.RefImplLicenseReqHandler.REQUESTS . Response: License Id:{30BA0F80-F885-3CBF-8546-1AB339E81834} Policy Id:{44FAE9D2-3170-3797-B290-93665F8C398F} Root License Id:{null} License Start Date:{null} License End Date:{null} License License Caching End Date:{null} License Type:{Leaf}
    2.       If using a normal policy with authentication, the player stays black, returns the following and the server throws a PolicyEvaluationException: (Error Code: 306): Authentication required.  fails at : licenseReq.generateLicense(desiredLicenseType); where the type is leaf.
              3. Another strange this is that the documention referrers to the tenant-configuration setup, while the application still seems to use the oldfashioned flashaccess-refimpl.properties
    Thanks,
    Maarten

    Hi Maarten,
    1. If you are using a policy that contains output protection, please ensure you are using a Windows Vista or higher OS.  The OSX and Linux OS's currently do not expose mechanisms to enable Output Protection, so content packaged with that restriction will fail to play on those OS's to an external monitor.  If you are using a Windows machine, please make sure the external monitor you are using is HDCP compliant, and that your cable is also compliant.  Another test you can run to verify Output Protection is working is to use a laptop (or any other device with an internal screen) to play the content.  As the laptop screen isn't considered an "external screen", content with Output Protection turned on should still play.
    2. If you use a policy with authentication turned on, your video player must first authenticate with the license server before acquiring a license.  You haven't authenticated yet, which is why you're seeing your error.  Authentication can be done via the DRMManager.authenticate() method.  You can find a coding sample by referring to the "Sample Video Players" directory on your Flash Access DVD (or your electronic copy, if you acquired Flash Access via ESD).  Of particular interest is the "TestVideoControl_WI.mxml" file - take a look at the method "loadVoucherFR()" for sample code.
    3. There are 2 server implementations that ship with Flash Access.
    a. Flash Access Server for Protected Streaming
    b. Flash Access Reference Implementation
    Solution "a" is a ready-to-deploy servlet that has minimal functionality and is geared towards the HTTP Protected Streaming use case.  No source code included.
    Solution "b" is a complete reference implementation with almost all capabilities of the Flash Access SDK.  Source code is included for the customer to build and deploy their own server solution.
    * You are reading the section of the documentation which describes the "Protected Streaming" servlet, which utilizes the concept of "tenants".  In section 9 of our documentation (http://help.adobe.com/en_US/flashaccess/2.0/protecting_content.pdf), you'll see a section for "License Server and Watched Folder Packager", which describes the Reference Implementation (the server you seem to currently be using).
    cheers,
    /Eric.

Maybe you are looking for

  • I have a problem 4GS w/IOS 6

    I was recently using the photo app.  It has locked up with the shutter closed and the flash permanently on.  I have turned off the app but the flash stayers on.  I have powered down but the flash stays on.  I have tried a hard off holding down the ho

  • It it possible to have info on the left and right sides of iweb templates?

    When I look at my iweb website there is empty space on the left and right sides of my screen. I was wondering if this space could be used at all?

  • Bulk collect & forall error in script

    hi, i am having senerio as below in my code.but i am getting error "too many values for emp1". i know why i m getting error but i need to insert emp column " EMPNO, ENAME" value in emp1 table & emp column " EMPNO, ENAME,sal" value in emp2 table . how

  • Web forms mouse navigation

    Hello all I'm running forms 6i. I have a problem with web forms not allowing focus to a text field when using the mouse to click on the text field. if i call form individual like this http://myhost:myport/dev60cgi/ifcgi60.exe? form=formname.fmx&confi

  • IBAN access via ad-hoc queries

    Hi I cant access IBAN number from ad-hoc queries(via PA20 is fine). I guess the reason is table TIBAN is not in the authorizations groups. In my understansing if i include the value &NC& in object S_TABU_DIS, the user will be able to access all such