Portal Logon - Restrict Users

I have  SAP Netweaver Portal 7.0 SP 18 on RH Enterprise Linux.
IBM Tivoli Directory Sever is UME DataSource.
The structure of the UME DS is given below ( for example )
dc=apaints,dc=com
-c=India
-c=UAE
In the UME Configuration, we have configured the following property
user path : dc=apaints,dc=com
Due to this, users belonging to both the countries, i.e. India and UAE can access the portal n based on the roles assigned to them get access to the content.
I have configured multiple urls to access our portal. i.e.
http://apindia.apaints.com:50000/
http://apuae.apaints.com:50000/
based on the url, the images on the log on page are displayed....
Now, my requirement is, to restrict the users of uae to access portal using url http://apindia.apaints.com:50000/
How do I go about this ? 
Pls. suggest.

Thanks for your responses.
@Tim
The users will get to see the content based on the roles assigned to them.  This is a post log on activity.  
@Srini
I do not want to prevent users from accessing log on pages. 
My requirement is
any user can access the said urls, i.e. log on pages. 
But, if the user belongs to country UAE, he should be able to log in to
http://apuae.apaints.com:50000/
he can access the url http://apindia.apaints.com:50000/ , he should not be able to log on.

Similar Messages

  • User Agreement in portal logon

    Hi,
    I want a user agreement page to be displayed as a pop up message when the user clicks on submit button on the portal logon page  after entering his credentials....
    then i will have a ok button in the user agreement page which when clicked shoud bedirected to actual portal
    can anyone help how  to do this
    Thanks
    p.navakanth

    Hi,
    can you take a look at this thread: portal initial logon check
    Maybe this helps,
    Holger.

  • Restrict User Connections Using Logon Trigger

    Hi all,
    Now I am restricting user connections from selected terminals, using following logon trigger.
    It allows users with DBA privileged user.
    How to restrict DBA Privileged users users ?
    Note:- As per my application needs DBA privilege.
    CREATE OR REPLACE TRIGGER on_logon
    AFTER LOGON
    ON DATABASE
    DECLARE
    VPROGRAM VARCHAR2(30);
    Vusername VARCHAR2(30);
    VTERMINAL VARCHAR2(30);
    CURSOR user_prog IS
    SELECT UPPER(program),UPPER(username),NVL(TERMINAL,'X') FROM v$session
    WHERE audsid=sys_context('USERENV','SESSIONID');
    BEGIN
    OPEN user_prog;
    FETCH user_prog INTO Vprogram,Vusername,VTERMINAL;
    IF VTERMINAL NOT IN ( 'APP1','APP2','APP3')+
    and Vusername='ABUL'+
    THEN
    RAISE_APPLICATION_ERROR(-20001, 'You are not allowed to login');
    END IF;
    CLOSE user_prog;
    END;
    Thanks i Advance
    Abk

    Your application needs the DBA role? That is a terrible design-- it violates every principle of secure coding.
    Login triggers don't fire for users with the DBA role, so you won't be able to use a login trigger here. You could ditch the login trigger and configure invited and excluded nodes in the listener's sqlnet.ora file, i.e.
    tcp.validnode_checking = yes
    tcp.excluded_nodes = (hostname1,hostname2,hostname3)You'll have to restart the listener after making that change.
    Justin

  • Error on Portal Logon Page

    Hi Experts,
    We are getting exception while calling the Portal URL.
    Recently, we changed the password policy and made some customizations on the com.sap.portal.runtime.logon.par file.
    After that when I tried to access the Logon page, it gave an exception.
    I even replaced the customized logon par file with the original one but it did not help.
    Please note that I deployed the logon par file with the same name, so I did not have to make any changes in the authschemes.xml file.
    So ideally when I replaced the customized PAR file with the original one, it should have worked out.
    Can it be because of some UME property "Password Policy change" or something like that which has been changed by our Basis team  in the Config tool and which is creating issues now.
    Is there any connection between the UME property and the Portal Logon page? I know that UME comes into picture once the user clicks on Login button after entering the login credentials but does it also come in picture at the portal logon page call?
    We are not able to trace out the root cause as both Password Policy Change and deployment of PAR was done parallely due to which we are confused about the cause of the issue.
    Please find below the trace against the exception ID:
    #1.5 #5CF3FC5B7E1C00670000000300001B400004ACA7F25E4315#1315737232519#com.sap.portal.prt.runtime#sap.com/irj#com.sap.portal.prt.runtime#Guest#0##n/a##8b1ef68fdc6111e0a5840000061bff66#SAPEngine_Application_Thread[impl:3]_24##0#0#Error##Java###04:03_11/09/11_102498150 An error occured in iView: N/A in component: N/A##
    #1.5 #5CF3FC5B7E1C00660000000100001B400004ACA7F2896FC1#1315737235348#com.sap.portal.prt.runtime.broker#sap.com/irj#com.sap.portal.prt.runtime.broker#Guest#0##n/a##184d79b1dc6111e087880000061bff66#SAPEngine_Application_Thread[impl:3]_8##0#0#Error##Plain###Shutting down Application Brokerage...#
    #1.5 #5CF3FC5B7E1C00660000000800001B400004ACA7F2940472#1315737236039#com.sap.portal.prt.runtime.broker#sap.com/irj#com.sap.portal.prt.runtime.broker#Guest#0##n/a##184d79b1dc6111e087880000061bff66#SAPEngine_Application_Thread[impl:3]_8##0#0#Error#1#/System/Server#Java###[PortalServiceItem.release] exception caught releasing com.sap.netweaver.coll.appl.rtc|RTCClientPollingService
    [EXCEPTION]
    #1#java.lang.NullPointerException
         at com.sap.ip.collaboration.core.api.rtmf.core.RTMFMessaging.unsubscribe(RTMFMessaging.java:1040)
         at com.sap.ip.collaboration.core.api.rtmf.core.cluster.ClusterSystemManager.unsubscribe(ClusterSystemManager.java:133)
         at com.sap.ip.collaboration.core.api.semantic.services.RTCBaseService.destroy(RTCBaseService.java:146)
         at com.sapportals.portal.prt.core.broker.PortalServiceItem.release(PortalServiceItem.java:389)
         at com.sapportals.portal.prt.core.broker.ApplicationItem.releaseDependents(ApplicationItem.java:223)
         at com.sapportals.portal.prt.core.broker.PortalApplicationItem.releaseDependents(PortalApplicationItem.java:1159)
         at com.sapportals.portal.prt.core.broker.ApplicationItem.release(ApplicationItem.java:476)
         at com.sapportals.portal.prt.core.broker.PortalApplicationItem.release(PortalApplicationItem.java:1194)
         at com.sapportals.portal.prt.core.broker.ApplicationItem.releaseDependents(ApplicationItem.java:223)
         at com.sapportals.portal.prt.core.broker.PortalApplicationItem.releaseDependents(PortalApplicationItem.java:1156)
         at com.sapportals.portal.prt.core.broker.ApplicationItem.release(ApplicationItem.java:476)
         at com.sapportals.portal.prt.core.broker.PortalApplicationItem.release(PortalApplicationItem.java:1194)
         at com.sapportals.portal.prt.core.broker.ApplicationItem.releaseDependents(ApplicationItem.java:223)
         at com.sapportals.portal.prt.core.broker.PortalApplicationItem.releaseDependents(PortalApplicationItem.java:1156)
         at com.sapportals.portal.prt.core.broker.ApplicationItem.release(ApplicationItem.java:476)
         at com.sapportals.portal.prt.core.broker.PortalApplicationItem.release(PortalApplicationItem.java:1194)
         at com.sapportals.portal.prt.core.broker.ApplicationItem.releaseDependents(ApplicationItem.java:223)
         at com.sapportals.portal.prt.core.broker.PortalApplicationItem.releaseDependents(PortalApplicationItem.java:1156)
         at com.sapportals.portal.prt.core.broker.ApplicationItem.release(ApplicationItem.java:476)
         at com.sapportals.portal.prt.core.broker.PortalApplicationItem.release(PortalApplicationItem.java:1194)
         at com.sapportals.portal.prt.core.broker.ApplicationItem.releaseDependents(ApplicationItem.java:223)
         at com.sapportals.portal.prt.core.broker.PortalApplicationItem.releaseDependents(PortalApplicationItem.java:1156)
         at com.sapportals.portal.prt.core.broker.ApplicationItem.release(ApplicationItem.java:476)
         at com.sapportals.portal.prt.core.broker.PortalApplicationItem.release(PortalApplicationItem.java:1194)
         at com.sapportals.portal.prt.core.broker.ApplicationItem.releaseDependents(ApplicationItem.java:223)
         at com.sapportals.portal.prt.core.broker.PortalApplicationItem.releaseDependents(PortalApplicationItem.java:1156)
         at com.sapportals.portal.prt.core.broker.ApplicationItem.release(ApplicationItem.java:476)
         at com.sapportals.portal.prt.core.broker.PortalApplicationItem.release(PortalApplicationItem.java:1194)
         at com.sapportals.portal.prt.core.broker.PortalAppBroker.releaseAllItems(PortalAppBroker.java:575)
         at com.sapportals.portal.prt.core.broker.PortalAppBroker.shutdown(PortalAppBroker.java:680)
         at com.sapportals.portal.prt.runtime.Portal.shutdown(Portal.java:725)
         at com.sapportals.portal.prt.core.PortalCoreInitializer.shutdown(PortalCoreInitializer.java:111)
         at com.sapportals.portal.prt.dispatcher.PortalInitializer.shutdown(PortalInitializer.java:164)
         at com.sapportals.portal.prt.dispatcher.Dispatcher.destroy(Dispatcher.java:651)
         at com.sap.engine.services.servlets_jsp.server.runtime.context.WebComponents.destroyServlets(WebComponents.java:731)
         at com.sap.engine.services.servlets_jsp.server.container.ApplicationThreadDestroyer.run(ApplicationThreadDestroyer.java:62)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(Native Method)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
    #1.5 #5CF3FC5B7E1C006F00000002000016140004ACA819F31491#1315737896495#com.sap.portal.prt.runtime#sap.com/irj#com.sap.portal.prt.runtime#Guest#0##n/a##1647a148dc6311e0aaaa0000061bff66#SAPEngine_Application_Thread[impl:3]_9##0#0#Error##Java###04:14_11/09/11_102498150 An error occured in iView: N/A in component: N/A##
    #1.5 #5CF3FC5B7E1C007000000000000016140004ACA81A149C1D#1315737898689#com.sap.portal.portal#sap.com/irj#com.sap.portal.portal#Guest#0##n/a##18319b2cdc6311e092af0000061bff66#SAPEngine_Application_Thread[impl:3]_14##0#0#Error#1#/System/Server#Java###An error occured during authscheme computation.
    [EXCEPTION]
    #1#com.sapportals.portal.prt.component.PortalComponentException: Error in init method
    Component : com.sap.portal.runtime.logon.certlogon
         at com.sapportals.portal.prt.component.PortalComponentContext.init(PortalComponentContext.java:251)
         at com.sapportals.portal.prt.core.broker.PortalComponentContextItem.refresh(PortalComponentContextItem.java:271)
         at com.sapportals.portal.prt.core.broker.PortalComponentContextItem.getContext(PortalComponentContextItem.java:316)
         at com.sapportals.portal.prt.component.PortalComponentRequest.getComponentContext(PortalComponentRequest.java:387)
         at com.sapportals.portal.prt.service.authenticationservice.AuthenticationService.getLogonIView(AuthenticationService.java:233)
         at com.sapportals.portal.prt.service.hook.SecurityHookService.doNodeHook(SecurityHookService.java:177)
         at com.sapportals.portal.prt.connection.PortalHook.doNodeHook(PortalHook.java:469)
         at com.sapportals.portal.prt.pom.factory.ComponentNodeFactory.newInstance(ComponentNodeFactory.java:138)
         at com.sapportals.portal.prt.pom.factory.ComponentNodeFactory.newInstance(ComponentNodeFactory.java:50)
         at com.sapportals.portal.prt.pom.PortalNode.createComponentNode(PortalNode.java:275)
         at com.sapportals.portal.prt.core.PortalRequestManager.runRequestCycle(PortalRequestManager.java:617)
         at com.sapportals.portal.prt.connection.ServletConnection.handleRequest(ServletConnection.java:235)
         at com.sapportals.portal.prt.dispatcher.Dispatcher$doService.run(Dispatcher.java:541)
         at java.security.AccessController.doPrivileged(Native Method)
         at com.sapportals.portal.prt.dispatcher.Dispatcher.service(Dispatcher.java:430)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
         at com.sap.portal.navigation.Gateway.service(Gateway.java:117)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1060)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(Native Method)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
    Caused by: com.sapportals.portal.prt.core.broker.PortalComponentInstantiationException: Could not instantiate implementation class com.sapportals.portal.ume.component.logon.SAPMLogonCertComponent of Portal Component com.sap.portal.runtime.logon.certlogon because: Linkage error while loading implementation class
         at com.sapportals.portal.prt.core.broker.PortalComponentItemFacade.getInstanceInternal(PortalComponentItemFacade.java:234)
         at com.sapportals.portal.prt.core.broker.PortalComponentItemFacade.getComponentInstance(PortalComponentItemFacade.java:160)
         at com.sapportals.portal.prt.core.broker.PortalComponentItem.getComponentInstance(PortalComponentItem.java:732)
         at com.sapportals.portal.prt.component.PortalComponentContext.getComponent(PortalComponentContext.java:103)
         at com.sapportals.portal.prt.component.PortalComponentContext.init(PortalComponentContext.java:242)
         ... 33 more
    Caused by: java.lang.NoClassDefFoundError: com/sap/security/core/logonadmin/IAccessToLogic
         at java.lang.Class.forName0(Native Method)
         at java.lang.Class.forName(Class.java:219)
         at com.sapportals.portal.prt.core.broker.PortalComponentItemFacade.getInstanceInternal(PortalComponentItemFacade.java:228)
         ... 37 more
    Thanks & Regards.
    Anurag

    Hi,
    Check if your portalapp.xml has an entry "<property name="ClassName" value="com.sapportals.portal.ume.component.logon.SAPMLogonComponent"/>"
    If it is there, then I feel that this is an issue with jar files not getting imported properly.
    Just try including these two jars (umlogonbase.jar and com.sap.portal.runtime.logon_api.jar) from
    usr\sap\J2E\JC00\j2ee\cluster\server0\apps\sap.com\irj\servlet_jsp\irj\root\WEB-INF\portal\portalapps\com.sap.portal.runtime.logon\lib
    and copy manually to the lib folder under PORTAL-INF in your project.
    Regards,
    Vijay.

  • Portal Logon page repeating/ redirecting to itself on first attempt

    All,
    Apologies in advance if this is not the appropriate forum.  We are in the process of migrating a NW7.0SPS13/EP7.0SPS13 installation from a remote site to a local site with a database only UME and SSO to an ECC6.0 backend.  The new target installation has picked up a rather odd behavior.  When loggin onto the portal, the logon page repeats/refreshes/redirects to itself with valid ID and password with no error message.  The only apparent action is the clearing of the password field.
    My only clue so far is the absence of this script in the http trace on the initial logon attempt which shows up on the second attempt:
    http://<host>:51100/irj/portalapps/com.sap.portal.httpconnectivity.httpauthentication/scripts/CAManagerScript.js
    I did find this related thread and attempted the suggestions with no luck:
    Re: portal logon page coming again
    I felt this might be the best place to post question since this may be an authentication/connectivity issue.
    Thanks in advance,
    Lee

    You are correct, we are not implementing SPNego but at this point I will take any suggestions that might be conceptually related...
    We are attempting to migrate/clone the entire server (OS,J2EE,MSSQL05...) from a remote hosted environment to a local network environment.
    I checked the Everyone, Authenticated, and Anonymous groups for the correct roles/Java permissions and all seems to be in-line with the correctly functioning remote system with correct user assignment.
    With some further log filtering I was able to where find this error:
    The default keystore view [TicketKeystore] does not exist. Authentication stack: [ticket]. The possible reasons for that problem are: keystore does not exist or the user has no permission to read from the keystore view. You can delete the TicketKeystore and restart the engine so that the engine automatically re-creates it.
    I suspect the SAPLogonTicketKeystore was recreated incorrectly...  I will have the migration team recreate it again.  FWIW, I am unfamiliar with the process of assigning user access to this object as the error suggests.
    Thanks for the suggestions...

  • Error when connecting to Portal logon screen...

    Hi,
    We have a problem logging on to our portal system.
    We changed the logon screen par file to add a graphic, this worked ok but we found a cosmetic error.
    We changed the logon screen par file again and now we get the error below.
    We have put back the original par file but are still getting the same error.
    We have changed the par file on other systems without any problem in the past.
    Could anybody point us in the right direction as to what we have done wrong?
    Portal Runtime Error
    An exception occurred while processing a request for :
    iView : uk.gov.manchester.portal.logon.default
    Component Name : uk.gov.manchester.portal.logon.default
    Error occurs during the rendering of jsp component.
    Exception id: 10:22_11/09/08_0018_88399250
    See the details for the exception ID in the log file
    The contents of the log file are as follows:-
    <!LOGHEADER[START]/>
    <!HELP[Manual modification of the header may cause parsing problem!]/>
    <!LOGGINGVERSION[1.5.3.7186 - 630]/>
    <!NAME[./log/defaultTrace.trc]/>
    <!PATTERN[defaultTrace.trc]/>
    <!FORMATTER[com.sap.tc.logging.ListFormatter]/>
    <!ENCODING[UTF8]/>
    <!FILESET[10, 20, 10485760]/>
    <!PREVIOUSFILE[defaultTrace.9.trc]/>
    <!NEXTFILE[defaultTrace.11.trc]/>
    <!LOGHEADER[END]/>
    #1.5 #C0000A70EC200057000000230000630D0004568DD104FFD3#1221067003980#com.sap.portal.portal#sap.com/irj#com.sap.portal.portal#Guest#0####3da7f8807f5c11dda4fad9a60a70ec20#SAPEngine_Application_Thread[impl:3]_8##0#0#Error#1#/System/Server#Java###Exception ID:06:16_10/09/08_0171_88399250
    [EXCEPTION]
    #1#com.sapportals.portal.prt.runtime.PortalRuntimeException: Access is denied: com.sap.portal.heartbeats.PortalHeartbeat - user: Guest,
         at com.sapportals.portal.prt.deployment.DeploymentManager.checkPermissions(DeploymentManager.java:2009)
         at com.sapportals.portal.prt.core.broker.PortalComponentContextItem.refresh(PortalComponentContextItem.java:247)
         at com.sapportals.portal.prt.core.broker.PortalComponentContextItem.getContext(PortalComponentContextItem.java:312)
         at com.sapportals.portal.prt.component.PortalComponentRequest.getComponentContext(PortalComponentRequest.java:385)
         at com.sapportals.portal.prt.connection.PortalRequest.getRootContext(PortalRequest.java:435)
         at com.sapportals.portal.prt.core.PortalRequestManager.runRequestCycle(PortalRequestManager.java:607)
         at com.sapportals.portal.prt.connection.ServletConnection.handleRequest(ServletConnection.java:240)
         at com.sapportals.portal.prt.dispatcher.Dispatcher$doService.run(Dispatcher.java:545)
         at java.security.AccessController.doPrivileged(Native Method)
         at com.sapportals.portal.prt.dispatcher.Dispatcher.service(Dispatcher.java:405)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.servlet.InvokerServlet.service(InvokerServlet.java:156)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:387)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:365)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:944)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:266)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(Native Method)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
    Caused by: com.sapportals.portal.pcd.gl.PermissionControlException: Access denied (Object(s): com.sap.portal.system/security/sap.com/NetWeaver.Portal/high_safety/com.sap.portal.heartbeats/components/PortalHeartbeat)
         at com.sapportals.portal.pcd.gl.PcdFilterContext.filterLookup(PcdFilterContext.java:417)
         at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1227)
         at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1233)
         at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1233)
         at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1233)
         at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1233)
         at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1233)
         at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1233)
         at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1233)
         at com.sapportals.portal.pcd.gl.PcdProxyContext.proxyLookupLink(PcdProxyContext.java:1332)
         at com.sapportals.portal.pcd.gl.PcdProxyContext.proxyLookup(PcdProxyContext.java:1279)
         at com.sapportals.portal.pcd.gl.PcdProxyContext.lookup(PcdProxyContext.java:1046)
         at com.sapportals.portal.pcd.gl.PcdGlContext.lookup(PcdGlContext.java:68)
         at com.sapportals.portal.pcd.gl.PcdURLContext.lookup(PcdURLContext.java:238)
         at javax.naming.InitialContext.lookup(InitialContext.java:347)
         at com.sapportals.portal.prt.deployment.DeploymentManager.checkPermissions(DeploymentManager.java:2004)
         ... 26 more

    Memory problems on the Server.
    Closed a spare system and all ok.

  • Adding a button/link in the portal logon page

    Hi,
    I am new to the portal related things. I am a web dynpro developer and familiar with the Java coding.
    Now, i got a requirement to modify the portal logon page as below:
    Need to insert one extra button/hyper link to reset the password.
    when user clicks on this button, i need to call an RFC in R/3 by passing the entered user name. That RFC will generate a new password and send a mail to the respective email address(maintained in a custom table in R/3 itself).
    If the user-id is wrong i need to show the error message returned from the RFC.
    If the return-code of RFC is success, then need to show an information message conveying that the password reset was successful and refer to your mail inbox.
    Please suggest me the best approach on this scenario.
    I already imported the PAR file for logon page and can see the project in NWDS.
    Note: we are using EP 7, NW2004s and R/3 is ECC 5.0
    Thanks & Regards,
    Kiran Chennapai

    The Funktion Prem is suggesting can be turned on/off through the UME Properties which can be changed through the Config Tool.
    More help under : http://help.sap.com/saphelp_nw04/helpdata/en/0b/50ad3e1d1edc61e10000000a114084/content.htm
    Regards,
    Kai

  • NW 73 Portal logon by use of email insted of UID?

    Hi UME Mapping Experts
    I am trying to change the logon of a NW73 Portal to use email as logon ID instead of the default uniquie ID. I am using the portals dB as user storage.
    I have tried to make a property mapping as below in the UME configuration file but it doesnu2019t work. Any idea which property name for logonid I should use as mapping?
    <attributeMapping>
    <principal type="user">
    <nameSpace name="com.sap.security.core.usermanagement">
    <attribute name="j_user">
    <physicalAttribute name="email"/>*
    </attribute>
    </nameSpace>
    </principal>
    </attributeMapping>
    I have tested the physical attribute u201Cemailu201D by mapping it to u201Cfirstnameu201D which works fine. I have also tried the following attributes: u201Clogonidu201D, u201Cj_usernameu201D, u201Clogonaliasu201D but none of them seems to work.
    I guess it should be possible but any idea on how the mappings should be performed?
    I have read a guide where it worked by using an LDAP but hopefully it should be able as well by use of the local dB as storage.
    Thanks in advance
    BR
    John Stubbe

    Hi John & Kumar,
    First, Kumar's answer simply was wrong. The logical attribute is j_user, not j_username. Don't mix up the http parameter name with the logical attribute name...
    Second, j_user is a logical attribute of the user account, not of the user itself. See http://help.sap.com/saphelp_nw73/helpdata/en/48/564dfe5c3e58d7e10000000a421937/frameset.htm for further details.
    Third, in theory the mapping would have to be something like this:
    <attributeMapping>
      <principal type="account">
        <nameSpace name="com.sap.security.core.usermanagement">
          <attribute name="j_user">
            <physicalAttribute name="email"/>
          </attribute>
          <attribute name="logonalias">
            <physicalAttribute name="email"/>
          </attribute>
        </nameSpace>
      </principal>
    </attributeMapping>
    If you compare this to other datasource xml's, you will see that one could think of additional mappings for userid (null) or loginid (pincipal type user, value null).
    Anyhow, these changes - at least as far as I have checked it - lead to an invalid configuration: "Check as first Guest user id is not found No object found for first guest user id Guest". This happens while saving the config. If you upload the config via the config tool, similar errors appear during startup, which fails in the end ("User account for logonid "Guest" not found!").
    I expect this to be a small limitation in the UME implementation. The guest user of the UME is accessed (and must be accessed) via it's ID, not via the mapping. So even if you give the guest user an email address and use this instead of "Guest" for ume.login.guest_user.uniqueids, it does not work.
    I'm not 100% sure, but for me it seems that this does not work for the given reason for UME only. Of course this works for LDAP datasources, as the UME guest user is not affected by such settings.
    Anyhow, alternatively, you could implement an additional login module which tries to look up the user id given as the mail address and searches for such users, if finding exactly one, checking the given password for this user. This I have done several years ago, it is not /that/ hard if you have some basic JAAS & UME develeopment knowledge.
    Hope it helps
    Detlev

  • Different portal logon pages with same url.

    Hi all,
    Im doing portal logon page customization . My requirement is when a user give the portal link in his browser he should get the portal logon page according to the country language..for example if he opens the portal from india he should get English text and if he opens the portal from japan he should get the japanese text in the portal logon page.
    thanks
    Rajeev B

    Rajeev,
    Its possible to have the different logon pages for the same portal.
    Its also possible for the same ulr but different parameters.
    You can do customization on portal logon page.
    For example:
    Consider that the url http://myep:50000/irj/portal is currently using to access the portal.
    You can pass addintional parameter on this url and fetch them into logon page, display the pages based on the values that you have fetched.
    for example http://myep:50000/irj/portal/myparam
    Have a lot at this link,
    Displaying Different Login Pages Based On The Sales Organization
    Ram

  • Restrict users to change value in user id field in SM36

    Hi,
    Our users are currently given authorization objects S_BTCH_NAM, S_BTCH_ADM and S_TCH_JOB in order to be able create background jobs and execute using batch admin userid, and not under their own userid.
    I like to know is there way to restrict users to execute transaction SM35, SM36, SM37 to create a job under another person's userid.
    I am looking at grey off the userid field in SM35, SM36, SM37 when users execute these t-code in online mode. I want to restrict them from schedule job to run under another person userid.
    However, if users perform a transaction and call a customised program to create a batch job in background to be executed under batch_admin userid, without failing the job.
    How can it be achieved? Does SAP allows configuration to grey off userid field?

    The problem is that our customized program will first create a job under user "X" userid for audit trail purpose. Because user "X"does not have necessary authorization to perform full update of all other transactions or tables update, in the job, the program will indicate a non-user account with SAP_ALL authorization to perform the update.
    Since your custom program check for S_BTCH_ADM and S_BTCH_NAM from User's authorization we cannot put S_BTCH_ADM=N there and in that case, users would be able to create jobs with other user ID by executing SM36 directly.
    Option 1: Discuss with your developer if it is possible to create a custom exit in the Sm36 program to perform the above authorization check in your Batch user ID's authorization instead of your dialog users. In that case your custom program would run as expected as long as your Batch user ID has proper authorizations for S_BTCH_ADM and S_BTCH_NAM and your dialog users can be restricted to S_BTCH_ADM= N
    Option2: Create a transaction variant for SM36 in tcode SHD0 and make field "User" invisible and then link the transaction variant to a custom tcode which is to be created with start type "Transaction with Variant (variant transaction)".
    Please refer to an SDN article for process of [creation of a transaction variant and linking it to a variant transaction|http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/40d1443e-0184-2c10-c68d-c612f771fe6f?quicklink=index&overridelayout=true]
    Then have your custom program updated to call the custom tcode instead of SM36 and modify your user's roles to replace SM36 authorization with ZSM36 (Check indicator values of SM36 are pulled into the role). This will ensure your custom program can create jobs under a different user whereas when your user executes SM36 online, the field to change 'user' will not be visible and by default they would be forced to create jobs under their own IDs inspite of having S_BTCH_ADM=Y and S_BTCH_NAM= <your Batch user ID>
    Hope this helps!
    Sandipan

  • Any parameters can restrict user ID to log-on application server

    Dear All,
    I had configured the login group (/nSMLG) as following:
    Logon Group  Instance
    TEST            app1
    TEST            app2
                        app3
                        app4
    However, app3 and app4 still have illegal user log-on.
    Did any profile parameters can restrict user ID to log-on application
    server?
    BR,
    Well

    Hello Well Well,
    I could clearly understand what you mean. From what you have stated I am able to understand that:
    1. You have 4 application servers.
    2. You have included 2 of them in Logon group TEST.
    3.  The remaining two are not part of logon group.
    4. You want users not to login into app3 and app4 but to TEST only.
    There is no profile paramter for this. At the max you can close the dispatcher port for these 2 servers but then no one would be able to login into  them.
    Best is to include all of them in to SMLG.
    Regards.
    Ruchit.

  • How can I disable portal logon by portal group

    Hi,
    I know it is possible to disable logon to the portal by individual users. However I would like to disable the logon for an entire portal group. This would allow members of other portal groups to continue using the portal.
    Simply removing the role from the group/user(s) is not an option.
    Has anyone successfully done something like that?
    Lets see if we can award some points

    Hi Darren,
    thanks for the quick reply. I guess I should qualify my requirement a bit more on what I want to achieve.
    There are a number of applications in use and accessible through the portal, amongst them also ESS / MSS. We have assigned the portal roles to the portal groups. The users are assigned to the groups in the Corporate LDAP which is used by the portal to authenticate the users. I can't remove the users from the group(s) because the user/group assignment is done in the Corporate LDAP through an IDM system which prevents me from making changes to the user/group assignments through the portal.
    So as an example this is what we want to achieve:
    1. Disable the logon for users that are in the ESS group and let them know something like "ESS is currently in maintenance - come back later". Meanwhile, users belonging to the MSS group can still continue to log on.
    2. After the maintenance was done, the logon for the ESS group is enabled again and the users that are in the ESS group can log on again.
    I am not quite familiar with JAAS, but how would it help me with this example? I don't want to remove the user(s) from the group but simply prevent a specific group of users to  logon for a chosen period of time or as an alternative disable on the fly the ability to perform certain actions (role based) within the portal short of re-assigning roles to groups?
    Thanks muchly.

  • Activating Security Policy at Portal Logon Page

    Hi @ll,
    Iu2019m not able to activate the password security policy check at portal logon page. For this purpose, I have already checked the Enforce Password Security Policy at Logon (System Administration->System Configuration->UME Configuration->Security Policy) and restarted the server too. But it is failed to appear at logon page.
    Plesae suggest me to resolve this problem.
    Thanks
    Gautam Singh

    Hi Gautam Singh,
    You say you are customizing the portal logon screen. Are you doing a simple modification by just changing UME properties as described in [Logon Screen Customization|http://help.sap.com/saphelp_nw70ehp1/helpdata/en/43/fc3ae22adb025fe10000000a1553f7/frameset.htm] or are you actually changing .par files and creating your own logon application?
    Are you using config tool, the user management configuration Web Dynpro UI, or visual admin  to change the properties?
    Have you assigned the UME actions Logon_Help and Selfregister_User to the Anonymous Users group?
    -Michael

  • Portal logon home page GET SUPPORT PASSWORD RESET

    Hi ,
    Urgently Needed help,
    In portal logon welcome home page.
    1) Welcome page appears
    2) There is a link get Support.
    3)In get support: How we can help drop down.
    4)I selected Password Reset.
    5)Entered the portal passwd,userid,last name ,frst name
    6)details submitted
    ==============================
    1)then a message comes : New passwd has assigned and sent by mail in Red color warning.
    2)Where i need to configure  Email-functionality so that i can receive the mail.
    3) or user will get the mail.
    please help it's Urgent
    Regards
    Vikas

    Hi;
    System Administration -> System Configuration
    ->UM Configuration
    TAB: Notification E-Mails
    Here you can configure the SMTP Server used by the
    portal.
    Hope this helps.

  • Portal Logon

    Hi, Everyone,
    I have a few questions. We are starting a pilot for an externally facing portal, and we want to know if it is possible to have a logon box in an asp.net page that will authenticate a user against the portal and then take you to the portal?  If so, how?  We understand that it is possible to use portal technology for the entire pilot, but we would like to see if it is possible to use a mix of html, asp.net or java, and portal technology seamlessly.  Thanks.
    Regards,
    Peter

    The IIS Proxy Module might be an option for you. This ISAPI filter works the IIS to be able to establish connections to the SAP J2EE Engine by setting a header variable for the portal logon after the user has successfully authenticated against the IIS.
    http://help.sap.com/saphelp_nw04/helpdata/en/51/64083f56e4d861e10000000a114084/content.htm
    If you want to integrate ASP.NET technology seamless into the portal you should take a look at the PDK.NET that allows for the development of iViews using Microsoft Visual Studio.
    If you want to integrate ASP.NET based applications into the portal as backend systems the SSO22KerbMap Module or the webserver filter for the IIS can be used for SSO to IIS using SAP Logon Tickets.

Maybe you are looking for

  • Can you tell if it is a display problem or logic board problem

    I have a 17 inch aluminum mac book pro. I bought it from a reseller on ebay in February. Recently I have been having some display issues. It has taken it longer and longer for screen to come back on from sleeping and the other day it did not come bac

  • Printer problem with Tiger in Core Duo Mac

    Having problem with HP Deskjet 5650 using this setup. 1)Prints extremly slowly - maybe 3 minutes a page of print. 2)Prints color when set for black. The cartridge is o.k. in an other mac with Panther. I have installed the most recent printer driver.

  • Confirmations in Purchase order

    Hi all, In confirmations tab (in purchase order, item details), i can put: a) Confirmation Control Key --> if i set this one, i can't enter goods receipt if i haven't received confirmation from vendor and insert this in PO. b)flag of Confirmation Req

  • None of my prior purchases are showing in my Adobe Digital Editions!!!.  I am running Windows 7, ADE version 1.7.2.1131.

    None of my prior purchases are showing in my Adobe Digital Editions!!!. What can I do? I am running Windows 7, ADE version 1.7.2.1131.I just checked my computer is activated I keep accounting reference material from the AICPA that I need.

  • RMAN  - Last Successful backup

    Dear Experts, RDBMS - 11.1.0.7 I would like to know if anyone of you have experienced this issue. Below is my backup report (queried from recovery catalog) and see DB1 database, I see Last successful Incremental backup date showing 01/01/0001 while t