Portal User Login History

Similar Messages

• Terminate Portal User Login with JSessionID or MYSAPSSO2 Cookie

  Dear All,
  I know using Visual Administrator , we can terminate the session.
  Is it possible for the administrator to terminate a logged in portal user with his/her  JsessionID or MYSAPSSO2 cookie value or User Id programmatically.?
  Is it possible for portal admin to forcibly exit (logoutl) an active user login  without logging onto visual administrator?
  Regards,
  Eben Joyson

  The only complete mitigation for session hijacking is to run the entire site as SSL. This is Oracle's recommendation if you need a complete mitigation solution. And example of an ATG site running in full SSL is Dennis Kirk (denniskirk.com).
  The problem with doing so is that SSL (a) takes more processing power in the system running the client's browser and (2) incurs latency that degrades the perceived page performance. This is particularly true for consumers running Internet Explorer, where speed-up measures like SPDY are either incomplete or don't work. And for a hard core eComemrce site, slower page performance means that you make less money.
  Most sites, including those that you mention, use a mixture of SSL and non-SSL pages to overcome this. They use non-SSL for those areas of the site where penetration does not have a material negative impact. Browsing catalog pages as an anonymous user, for example. If someone hijacks my session and I'm browsing the catalog anonymously, they're welcome to it. There's nothing private in my session. Even robots can access that content.
  Once I login or go to pages where private information is being exchanged, then you have to secure the session. That's where the protocol switcher servlet comes in. As you authenticate, you switch the user to SSL.
  I've tried a number of additional mitigation steps. Unfortunately I can't discuss them here at this time.
  And none of the servlets that you mention have any benefit with mitigating session hijacking.

• Same portal user logins when open in new tab/window

  hi all,
  i've any issue, how can i use the portal with different logins (ie) in different tabs or windows. currently i've to logoff everytime to login as a new user, is something to do with ie settings?
  tnx,
  JB

  Hi,
  Yes you cannot login into the portal with two different users in the same browser if you want to use another user you have to use another browser for example:say user1 has logged into the portal using IE in which you cannot login into the portal with another user say user2.
  Hope it helps.......
  Thanks,
  Rahul.

• Portal Users Login Time during a particular interval

  Hello,
  I have gone through many forums and blogs but didn't find any helpful comments on how do I get the list of users and their respective login times during a particular time interval. All my users are stored inside the portal only, I am not using a dual stack system. Please tell me if there is some way to find out the solution to this problem.
  Thanks  & Regards
  Ashish Patel

  Dear Ashish
  Have you checked the Portal DB Tables ?
  For example this table WCR_USERSTAT  might be of use to you (but there are others).
  But you might not find the information for "a particular interval". I believe you will have to do some development for that.
  Kind Regards
  /Ricardo Quintas

• How to know login history/events of  Sap user from server

  how to know login history/events of  Sap user from server without operating users computer.
  Am using B1 2007A PL47 Forthshift(FSE version 8.5 SP03PL05)

  Hi,
  Check the thread
  Re: User login history SAP Business One
  *Close the thread if issue solved.
  Regards
  Jambulingam.P

• How to Restrict same portal user from other node

  Hi
  In my application, we charge customers for each portal user logins. But, i found that, they can share same user logins amongs number of people.
  I don't want to allow the same portal user login into the application if that user is already logged in and it's session is still active.
  Here is the Scenario :
  User A is logged in to the portal from terminal AA. Now, User A agin tries to logg in to the portal from terminal BB. I don't wnat to allow user A to log in from terminal BB bcuz user A has active session from terminal AA.
  Can anyone know how to implement this??
  thanks in advance.
  Srini

  Hi Srini!
  We have solved this problem with our own login portlet. Before the final login we've got to check (from the certain table) how many logins there are currently with that username.
  But there is a problem. If the user closes the browser without logoff, the session remains active. There is a cleanup job, which removes those session in some hours. Still it is not very elegant.
  Regards,
  Jari

• How can  I  restrain the user login portal once, in the same time ???

  Hi
  I need to restrain the user can't repeat to login portal ....
  to reduce portal loading
  How can I restrain the user login portal once, in the same time???
  Which attributs in Identity Manager or amconsole I can do it to restrain the user ??
  tks

  Does your portal support anonymous access? If so, make sure you are using the authlessanonymous mode. This mode only creates one session that is shared for all anonymous users. This is much more efficient than anonymous access, which creates a session for each anonymous user.
  I have no other recommendation for limiting users to a single login. In general, web applications do not behave like this. What if a user closes their browser without logging out? Does the user have to wait until the session times out in order to log back in again?
  The same thing is true for users that are mobile. If a user leaves their office without logging out and then attempts to log in with a laptop in the conference room, then access will be denied in your implementation. Users do not expect this type of limitation being built into the system.
  If you are having problems scaling, then you need to look at your architecture and perhaps add some more resources. Also, make sure you are making efficient use of the authlessanonymous access mode as stated above.
  - Jim

• How to  restrain the user login portal once, in the same time??

  Hi
  I need to restrain the user can't repeat to login portal ....
  to reduce portal loading
  How can I restrain the user login portal once, in the same time???
  Which attributs in Identity Manager or amconsole I can do it to restrain the user ??
  tks

  Does your portal support anonymous access? If so, make sure you are using the authlessanonymous mode. This mode only creates one session that is shared for all anonymous users. This is much more efficient than anonymous access, which creates a session for each anonymous user.
  I have no other recommendation for limiting users to a single login. In general, web applications do not behave like this. What if a user closes their browser without logging out? Does the user have to wait until the session times out in order to log back in again?
  The same thing is true for users that are mobile. If a user leaves their office without logging out and then attempts to log in with a laptop in the conference room, then access will be denied in your implementation. Users do not expect this type of limitation being built into the system.
  If you are having problems scaling, then you need to look at your architecture and perhaps add some more resources. Also, make sure you are making efficient use of the authlessanonymous access mode as stated above.
  - Jim

• # How to get the system AD Domain user login name in portal?

  when a system user use AD Domain method login the system.
  and then the user open the portal web application page, but not use AD Domain name login in portal page, that time ,I want to catch the user system login name show in portal page?
  I hava try the sereval method with Java or Jsp, or User Cookies ActiveX pulg,I get only the name of the portal hostname.
  so Anyone will provider me a well method to get the user login name?

  Elobrate more on ur problem

• If user login in portal we need to assign him, the  perticular system

  Hi all,
  i have the requirement
  if user logins in portal, depending on the user we need to assign him a system( bapi or rfc),
  the user database is maintained in a table in MDM. if an user login in portal it should check in MDM to which region(america, asia.europe....) it belog,s to. according to that we need to assign the system(rfc or bapi). if the user belong's to two regions we need to assign the two links(rfc's or bapi's) regions,
  help me in doing step by step
  Thanks in advance
  Best Regards
  charan

  Hi Charan,
  This is same thread as - Depending on the user we need to assign the system
  Regards,
  Sen

• Report of User login details in MII Portal

  Hi,
  Do we have any report in MII portal where we can get the information like User login details( Last login date and time).
  Regards,
  Pradeep
  Edited by: pradeep balam on Jul 27, 2011 4:36 PM
  Edited by: pradeep balam on Jul 27, 2011 4:37 PM

  Hi Pradeep,
  Try using the following URL to the Admin Service:
  http://<Server:Port>/XMII/Illuminator?service=Admin&Mode=modelist
  You can then try the different modes such as:
  http://<Server:Port>/XMII/Illuminator?service=Admin&Mode=SessionList
  This may have the information you are looking for, assuming you have the right permission to access the AdminService.
  Kind Regards,
  Diana Hoppe

• How to create portal user and integrate with external appl login

  How to create portal user and integrate the user with external application for single sign-on ?
  I want to access my external application thru portal user ..?
  Shyam

  Hi Jithin,
  The link that you've shared talks about a different scenario.
  In my case, I want to pass the portal user id when the user clicks on the Help Link present in the header area.
  I am trying to pass it along with the Help Link Url property of a masthead iview but it is not getting passed to the target Url.
  I would like to know if it is possible to pass the Portal User Id in this way or not.
  Though if we create a appintegrator iview and pass the user id <User.UserID> along with the target Url, it reaches there.
  Thanks & Regards,
  Anurag

• Changing the sequence of roles/groups for Portal users after Login

  Hi
  We are at EP 7.0 SP11.
  We have developed custom role for ESS, MSS, EIC and Reports etc.
  Now when all the 3 roles are assigned to any user, the sequence of the display is generally
  Employee Self Service, Manager Self Service and then EIC.
  We need to change this sequence in Dev QA and production environment for some users preferably (or for all portal users), so that the 1st page which loads in portal after user logs in , is not necessary ESS. 
  The requirement can also be considered as, we need to change the default page which displays after user logs in.
  Does someone have any idea how can we achieve this ?
  Looking forward for your response.
  Thanks
  Neha

  Hi Neha,
  Add custom Welcome page/Home page(eu_role) and Sort Priority property as per  Koti Reddy.
  Hope it helps
  Regards
  Arun

• How to find out portal user from sso cookie ?

  Hi,
  I want to find out the portal user id from Portal30_sso cookie. It is required for security in my java servlet.
  Thanks
  Vikas

  First of all, you can't get anything from the portal30_sso cookie or the portal30 cookie or the SSO_ID cookie. These are cookies established for (1) The login server session; (2) The Portal session; (3) The login server single sign-on cookie - visible only to the login server.
  When you want to know who the current user is, you need to establish the context. If your servlet is standalone and not a partner application to the login server and it's not a portlet, etc., then what context does it have? What concept of users does it have? If you are really asking what Portal is currently logged on, that is still a loaded question. The user's browser could be accessing several portal's at the same time, each with a different identity. What I am getting at is that your servlet needs to somehow be associated with a particular portal before it can even think of asking this question.
  The ways to associate your servlet with a portal would be
  [list=1]
  [*]Make it a partner application
  [*]Make it a portlet
  [*]Make it an external application
  [list]
  Hope that helps.

• Portal User details and credentials for a J2EE application?

  Hi,
  I am trying to access a J2EE application which is deployed in  SAP Web Application Server. I want to maintain the security of this application depending the portal user. So I want to get the user id of the portal login to my J2EE application. For Example:
  A user with id "super" is logging into portal I want the userid "super" in my J2EE application how to get the userid to my J2EE application's servlet. Is this possible? If possible please tell how I can acheive it?
  Can I do it by creating HTTP System? If possible can u tell me where can I set the URL?
  Thanks,
  Ashok.

  hi,
  Certainly you can get the user id of the portal login in your J2EE application by using UME api's
  IUserFactory userFact = UMFactory.getUserFactory();
  getUserFactory().getUser(String uniqueID)
  getUserFactory().getUserByLogonID(String logonID)
  Also have a look at this
  http://help.sap.com/saphelp_nw04/helpdata/en/15/abdc3ed98f7650e10000000a114084/frameset.htm
  Instead  of url iview, it would be better to use AppIntegrator
  Also have a look at this
  https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.docs/library/events/webinars/using the user management api with ep applications.pdf
  Hope it helps...
  Regards,
  Ganesh N
  Hope it helps...