Prevent user from setting a parameter in url. Always use http session variable

Similar Messages

• Prevent user from closing the applications

  Hello,
  we would like to deploy to our users web application using Internet Explorer which is published over RemoteApps. Because this application takes long time to load we would like to prevent user from closing application. So we would like that session and application
  stays opened when the user clicks on close button on Internet Explorer that is published over RemoteApps.
  In other words, we would like to disconnect client from RemoteApp session, but stay logged in and keep the application running in the background.
  Is this possible to do?
  Thank you!
  Best wishes,
  Marko

  Hello,
  thank you all for your answer. I guess this is not a good news. Any other idea how to solve this problem - to start Internet Explorer web application as soon as possible.
  Last week I have found a VB script on one forum that would close the RemoteApp Windows without closing the appliaction on server but I can't find it today. Does anybody know something about this script?
  Thank you!
  Best wishes,
  Marko

• How to prevent users from running PRC: Transaction Import from WebADI form?

  Hi,
  We are 12.1.3 and trying to create a workflow to approve Project transactions coming through web ADI before they become effective. To this end, we want to prevent users from running the PRC: Transaction Import from the Web ADI.
  I know that if the checkbox Automatically run transaction import is not checked, the program does not run. But we want to hide this checkbox and not allow the possibility that the program could get triggered.
  To this end, we updated the BNE_INTEGRATORS_B with source='C'. This allows you to edit the integrator from Desktop Integration Manager.
  UPDATE BNE_INTEGRATORS_B SET SOURCE ='C' WHERE  INTEGRATOR_CODE ='PAXTTRXB'
  In the 4th step, where the value for Uploader Parameters is set, we have set boolean value to No. These are the fields on the page:
  Parameter Name: bne:import
  Display Name: Start Transaction Upload
  Data Type: Boolean
  Category: Field
  Default Value: Boolean Flag: No
  Description: start Transaction Import Concurrent Request
  Display Options: Displayed: Unchecked
  Display Options: Enabled: Checked
  Display Options: Required: Checked
  Prompt Left: Automatically submit Transaction import
  Display Type: Check Box
  Maximun Size: 100
  Display Size:100
  Now the checkbox is not appearing for the user to check it, But the program is automatically running when you hit Upload in the WebADI. 

  Hi ,
  Try removing the PRC: Transaction Import Program from the request group for the responsibility used by customers to submit the WebADI and then check if the program launches.
  Regards,
  Raghavan

• How can SAP be configured to prevent users from consuming locks?

  How can SAP be configured to prevent users from consuming locks?
  The issue is that we want to prevent users to use upto maximum locks and so that we will not get lock table overflow issue. I know that we can assign parameter "enque/table_size" a good amount of value. But it is not for any specific user.
  Also want to alert in CCMS if any user reaches to its maximum speficified limit of locks.
  Thanks
  Gopesh

  You cannot set a limit of locks per user. There are two ways to reduce/control the number of locks:
  - change fewer records within one transaction
  - cover more records with one lock using wildcards
  Basically it is an application / development issue.
  Best regards, Michael

• Prevent user from posting invoices

  Hello Profs
  How would one generally/theoritically or practically prevent user from posting invoices >1000 rs (arbitary value), in MM Invoice verification.
  some thoughts please
  Thanks

  Sunil,
  As per my knowledge, there is no option to prevent user posting invoices if the invoice amount exceeds Rs.1000/-. And it can not be possible with standard /default LIV in MM.
  You can do so for the PO's, since there is a procedure called release procedure and for each release code you can set the amount limit and if it falls within that, then he can release the PO (by configuring the release procedure based on total net order value with classification).
  Similar to the above you can not do for the Invoices, but this can be possible to the user through workflow to the logistics inovice verification process. For that you need to activate the workflow concept for the LIV (i.e. you can set the workflow for your invoice verification process, if the invoice verification is done by more than one accounts payable processer (i.e user), like first invoice is parked by user1 and then later the user2 will verify (complete) and post the invoice verification process. And for that you can setup workflow concept, so that the next user gets intimated once the first user is completes his process in the LIV. But i don't think it is possible to stop or prevent if the invoice amount exceeds.
  But, this can be possible to the some extent, that is though the configuration of attributes of system messages in LIV (by that the user will be notified with a text (i.e. error) message on the status bar, when the user is posting the invoice document which exceeds, hence he can not post the inovice in this case and also try by maintaining the user default paramer (i.e.WLC: Workflow -User specific settings (i.e. to be maintained in parameter id in in user master).
  Suggestion:
  Refer useful link for more information on workflow:
  http://help.sap.com/saphelp_47x200/helpdata/en/9b/572614f6ca11d1952e0000e82dec10/frameset.htm
  http://help.sap.com/search/highlightContent.jsp
  Hope this will clarifies you,
  Reward, if it helps,
  Regards,
  Srin.K

• Hi All, We are in to Release 11.5.10.2.There is a specific requirement to Prevent users from creating Manual Sales Orders in oracle and yet users should be able to book the Sales Orders Imported from CRM system into Orcale.Please advise.

  Hi All, We are in to Release 11.5.10.2.There is a specific requirement to Prevent users from creating Manual Sales Orders in Oracle and  yet users should be able to book the Sales Orders Imported from CRM system into Orcale.Please advise.

  Thanks for your advise.
  However, I missed to mention that we have two set of users  One is for Finished Goods and another for Spares.
  Only Spares users need to be prevented from creating Direct/Manual Sales Orders in Oracle.
  As you suggested, if this will be done at Form level, that may Disallow FG users also to create Manula Sales Orders which should not be the case.
  Further, I tried to test one scenario through Processing Constraints but it did not work.
  Application
  OM
  Validation Type
  Entity
  Temp
  Short Name
  TBL
  Validation Semantics
  Created By
  Equal To
  User(Myself)
  Processing Cosntraint
  Application
  OM
  Entity
  Order Header
  Constraint
  Operation
  User Action
  Create
  Not Allowed
  Conditions
  Group
  Scope
  Validation Entity
  Record Set
  Validation Template
  101
  Any
  Order Header
  Order
  Above Created
  Please advise.

• Is there any way to prevent users from ship confirming on a particular date?

  Hello All,
  We have a requirement to prevent users from ship confirming on a particular date. This is due to they are performing Annual Physical Inventory.
  Is it possible to restrict users performing shipping transactions on this particular date?
  I have tried adding exception to the existing Calendar set at org level and there is no customer specific Calendar defined, however it is still allowing me to perform ship confirm.
  Please let me know if you have any suggestion on this requirement.
  Thanks

  Hi,
  Yes is Possible.
  You can add An Exception in Your Shipping Calender.
  So when Some one tries to ship an Order on that date Oracle will automatically select Next possible date.
  Thanks
  Shameer

• To prevent user from droping his own object .

  Dear User
  I have a database user like "aaa" in oracle 7.3.4.0.1 database.i do not want user "aaa" to drop his own schema objects like table and any other objects that he is owner.Do i have any system privilege to stop this user from doing so.User should be able to create objects and modify object but not to drop his own objects.For this purpose i have created a database trigger at database level to stop user "aaa" for doing above action.this trigger is giving me error on creation in oracle 7.3.4.0.1 .But when i tried same trigger in oracle 8i and 9i it work well.In oracle 8i and 9i it is preventing user from droping his own objects but i get other errors also along with raised error in trigger which i want to stop .The error which i am raising in trigger is
  ORA-20001 INVALID COMMAND BUT OTHER TWO ERRORS THAT R RAISED AUTOMATICALLY ARE
  ORA-00604 ERROR OCCURED AT RECURSIVE SQL LEVEL 1
  AND
  ORA-06512 AT LINE 8
  I WANT TO STOP THESE TWO ERRORS .
  PLZ HELP ME IN THIS REGARD AS SOON AS POSSBILE .
  plz tell me is there any system privilege to stop user from droping his own object or any other way along with trigger at database level.
  Thank u.

  Hi
  DBAs can use PRODUCT_USER_PROFILE (in system schema) to disable certain SQL and SQL*Plus commands in the SQL*Plus environment on a per-user basis. SQL*Plus, not Oracle, enforces this security. DBAs can even restrict access to the GRANT, REVOKE, and SET ROLE commands in order to control users' ability to change their database privileges.
  The PRODUCT_USER_PROFILE table enables you to list roles which you do not want users to activate with an application. You can also explicitly disable use of various commands, such as SET ROLE. For example, you could create an entry in the PRODUCT_USER_PROFILE table to:
  read more about this at
  http://download-west.oracle.com/docs/cd/B10501_01/server.920/a90842/ch10.htm#1005648

• How to prevent user from creating jobs

  Hi,
  we need to prevent user from creating jobs on a dev enviorement. It's a 10.2.0.4 database standard on linux 64bits.
  Their schema has only connect and resource roles. Is there a way to prevent them from creating jobs? In 11g it's the CREATE JOB permission, but in 10g i'm not sure how can i do this.
  Thanks for any ideas!

  On 10g it's probably the CREATE JOB as well.
  http://www.oracle.com/pls/db102/homepage
  Alternatively you could:
  alter system set job_queue_processes=0
  http://download.oracle.com/docs/cd/B19306_01/server.102/b14237/initparams089.htm#REFRN10077

• Prevent user from deleting rows from all tables in his own schema

  Hi,
  How can I prevent user from deleting rows in all tables in his own schema.
  I want the user to not able to delete rows from any existing or new tables that might be added in the future.
  The user does not have the "DELETE ANY TABLE" system privilege.
  Please advise.
  Thanks.

  Nowadays, I'd also avoid triggers (if possible).
  Sometimes, when I daydream, I'm rewriting a few applications that I've contributed to as a newbie, and I'm very ashamed of it nowadays.
  From what I've experienced, in retrospective, the emphasis on teaching 'Oracle stuff' has been lying far too much on PL/SQL row-by-row oriented processing instead of letting Oracle 'crunch' sets at once.
  Most of my debugging hours ended up in discovering one or more database triggers 'doing stuff automagically'.
  Another nice blogpost: http://rwijk.blogspot.com/2007/09/database-triggers-are-evil.html
  Regarding OP's question:
  I would just rethink/reconsider this requirement completely.
  Correctly implementing privileges and roles seems the best way to go, yes.
  Triggers? Nah...
  pre-post-edit, noticed thread got updated just before posting
  Don't know what you mean with 'namedropping', but I think it's legitimate to point other readers to interesting Oracle related opinions/articles that do have a technical background and lots of interesting examples.
  post dreaded OTN outage edit (from here)
  Again: I would just rethink/reconsider this requirement completely.
  Both trigger/vpd are being used to hide a design flaw here.

• Prevent user from changing calendar permission

  Hi team,
  How to prevent users from changing calendar permission in outlook. When user open calendar option in Outlook he should either he should able to view the calendar sharing tab or he should not able to make modification in calendar permission by assigning permission
  to others.

  Hi,
  Agree with Andy. Exchange has no built-in feature to prevent mailbox owner to modify their calendar permissions. Since they are owners, they can set their calendar permissions.
  Thanks for your understanding.
  Best regards,
  If you have feedback for TechNet Subscriber Support, contact
  [email protected]
  Amy Wang
  TechNet Community Support

• Prevent user from making to many requests...

  Hallo everybody,
  We are using Tomcat 5.0 and have some large jsp's (reports) that consume large memory.
  1. Is there an easy way to prevent a user from making to many requests (eg. if he refreshes the page too many times, Tomcat gets an Out-of-memory error).
  Of cource increasing the memory is not the answer I'm looking for (already did that).
  2. Or may be a way to retrict a user to a certain maximum of memory
  This seems like a common problem; anyone have good advice?
  Thanks in advance.
  Marcus

  The main reason for multiple refreshes is the report taking too long to run and users getting impatient? Or is there another reason.
  1 - Give the users fair warning. Put a message on the page saying "this report takes time to run. do NOT refresh this page as then the report will take even longer"
  2 - You might set it up as a two stage process. Generate the report to a file. Then give them a link to check the progress of the report or load it if it is finished.
  That way when they refresh, they don't regenerate the report, but just get back a immediate response that tells them "come back later"
  3 - Perhaps you might consider the synchronizer token pattern.
  http://www.javaworld.com/javaworld/javatips/jw-javatip136.html
  4 - restricting users to max amount of memory would be difficult. How do you tell it is the same user? You could use a session variable, and record how many reports they have currently running, and reject any more then 3-4 requests at one time. But that could be worked around quite easily - just open up a new browser and its a new session.

• Prevent user from doing device transfer using desktop manager

  Hi everyone,
  My company would like to prevent user from using the Blackberry desktop manager to perform the device transfer. The reason is we do not want the user to have company data stored on privately-owned device. Is there a way to do that?
  Thanks.

  Do you want to prevent them from using the program all together, or just from using the Device Switch Wizard? If not, then what do you mean by device transfer?
  If it's the Device Switch Wizard then the BES admin can set an IT Policy - http://www.blackberry.com/btsc/KB18290
  If someone has been helpful please consider giving them kudos by clicking the star to the left of their post.
  Remember to resolve your thread by clicking Accepted Solution.

• How do I prevent users from being able to update Firmware

  I have several users (14) with iPad 2 and they rely on an in-house developed App. we have yet to test this App on iOS 5.1 and therefore want to avoid any of the users updating the iPads at all cost!
  this question is in two parts:
  How can I prevent users from upgrading firmware themselves short of just asking nicely?
  How can I stop the iPad from automatically downloading the Upgrade when I deploy a Policy using the iPhone Configuration Utility?
  Any advice would be great!

  We've been looking at the AirWatch mdm and have been told it has this capability.  Not sure if it would be justified from an economic standpoint for you, however. 

• How to prevent users from saving and emailing intranet documents externally

  Someone in our company needs to upload a pdf to our sharepoint intranet site for internal-only use. How can I prevent users from downloading it and emailing it externally?
  I mean, a user could screenshot it I guess, but I need to give management a due diligence answer.

  You would need to look into a reverse proxy/firewall that had the ability to block access based on content. This isn't something you can accomplish out of the box with SharePoint (even with AD RMS).
  Trevor Seward
  Follow or contact me at...
  &nbsp&nbsp
  This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.