Publish Query - Authorization

Hi,
We have two diferrent set of users.
One user should be able to create queries and he can save the queries in his favourites but should not have access to publish Queries across roles.
Other user should be able to publish the queries.
Can any one of you let me know how can i control this.
Thanks
Thejo.

Hi
You need to find the Obj that control the Roles, there is no problem with saving to favorites (meaning it is available to all once they can create and change query's).
To do that you can run a test while setting an Auth trace and then go thru the Obj and figure out which Obj are affected.
Reg's
Edan

Similar Messages

Error publishing Query designer report to Web

Hi all,
I am facing error after executing the query in query designer in BI 7. The query fails to open in web and points to standard url:
http://portal-dmb.wdf.sap.corp:50100/irj/servlet/prt/portal/prtroot/pcd!3aportal_content!2fcom.sap.pct!2fplatform_add_ons!2fcom.sap.ip.bi!2fiViews!2fcom.sap.ip.bi.bex?QUERY=EX4_TBW20&VARIABLE_SCREEN=X&DUMMY=7
"Link appears broken"
Initially I have configured the web connectivity using the How to guide and carried out config in SMICM as well as SICF (activating BW node). If I enter the url from SMICM manually in IE, it would prompt for user/password for BI server and successfully logs on.
The issue only lies when publishing query from Query designer to web. Please advise if I have missed out some config here.
Thanks.

Hi,
check this notes/links if you have done all steps:
SAP NetWeaver 2004s: Setting Up BEx Web
SAP Note Number: [917950|https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.docs/oss_notes/sdn_oss_bw_sys/~form/handler%7b5f4150503d3030323030363832353030303030303031393732265f4556454e543d444953504c4159265f4e4e554d3d393137393530%7d]
[Setting up BEx Web - Short Track|https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/00c4742a-3a4b-2b10-b4ae-b03d08bcde6e]
BI 2004s: Checking Java Connections Web Application Designer
SAP Note Number: [989525|https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.docs/oss_notes/sdn_oss_bw_bex/~form/handler%7b5f4150503d3030323030363832353030303030303031393732265f4556454e543d444953504c4159265f4e4e554d3d393839353235%7d]
Regards
Andreas

Search Help Error while Publishing Query in Explorer

Hi All,
We have upgraded BW from version 3.1 to BI 7.0. SP level is 15. When we publish query in Explorer, selection screen appears, we get error in selecting variable(Fiscal Year/Period) entries from search help. After selecting a value from a list of possible entries, the format is changed on the screen.
For example:
If we select 002.2002 for variable FiscalYear/Period, we get
002 02 i.e. it is truncating 20 from 2002.
Now, we have to manually enter the values.
While executing query in BEx analyser, no such error occurs.
What will be the solution?
Regards,

887188 wrote:
Hi,
I have added the below query in the EBS dataset to retrieve only unique applications as APPLICATION_NAME column has some duplicate data. I imported data to DB.
select distinct(APPLICATION_NAME) as NAME from APPLICATIONIs there any table in OIM schema which you have named APPLICATION? AFAIK, applications from EBS are imported into Lookups in OIM and you will have to query lookup to get the Application name in OIM.
But, when I try to filter on application I get below error
Internal Exception: java.sql.SQLSyntaxErrorException: ORA-00936: missing expression
Error Code: 936
Call: select distinct(APPLICATION_NAME) as NAME from APPLICATION WHERE UPPER ( DISTINCT(APPLICATION_NAME) ) like UPPER('%%') The UPPER ( DISTINCT(APPLICATION_NAME) ) like UPPER('%%') clause here is wrong. What are you trying to achieve through this query?
>
>
-Bikash

Query authorization

Dear All,
Want to set user wise query authorization, is it possible.
Regards
Bharat.

Dear Bharat,
Yes its possible.
Query authorization
Regards
MANGESH PAGDAHRE.

Infoset Query Authorization

Hi guys,
I've created some infoset queries, and assigned those queries to specific user group. My purpose is to let only specific user group (e.g. Accounts User Group, to access only relevant queries)
But later I found out, those users can actually switch to another group (at SQ01 -> Other User Group), and access those queries that they shouldnt be accessing.
May I know if there's any way to prohibit this switch of group? Or is there any authorization that can be set?
All ideas are appreciated. Thanks ^^

Hi TY Ng,
By including the InfoSet query in a role, you ensure that the InfoSet query is started with an InfoSet (and a query), and can therefore be easily used for appropriate reporting within the role.
The basis for this is the assignment of user groups to roles, the option of calling the InfoSet query from different roles, and, in doing so, noting the specified context for this role.
You assign user groups and InfoSets with transaction SQ10. You can also create and manage menu entries for the InfoSet query with this transaction.
In order to include the InfoSet query in a role, you have to assign user groups first to the role and subsequently to one or more InfoSets.
Check
Please check administrator authorization for the SAP Query (authorization object S_Query, field ACTVT, value 23).
Check whether the correct work area is set before you reassign user groups. If you call the role administration by using transaction SQ02 (see above), the work area set in transaction SQ02 is transferred.
Hope you get some help
Atul

Query authorizations

Hi Experts/Fellow SDNers,
I am currently restricting a BW system and have a few questions/would like some confirmation on a few points to make sure I am understanding things correctly. My understanding of BW is limited so kindly bare with me:
1. Basically, it would appear that query access is restricted by the object S_RS_COMP. In S_RS_COMP, the field RSZCOMPID (Name) allows me to restrict access to queries by name (i.e. Z* will provide access to all queries with name starting with 'Z'). One thing that is confusing me is the 2 additional fields: RSINFOAREA (InfoArea) and RSINFOCUBE (InfoCube). My colleague advised, a BW query basically pulls information from an InfoProvider (such as an InfoCube/ODS Object). So, does this mean that even if I allow access to a query by name through RSZCOMPID, if the InfoCube it requires is not included in the RSINFOCUBE field, then the query will fail?
2. I need help in understanding the differences between S_RS_COMP and S_RS_COMP1. From what I can see, they are very similar. Documentation I have read advises that S_RS_COMP1 allows users to administer certain queries but besides the RSZOWNER (Owner - Person Responsible) field, I don't see what else it offers over S_RS_COMP. If I don't need to restrict by Owner, then I have no need for S_RS_COMP1? Would it make sense for the fields in S_RS_COMP and S_RS_COMP1 to always match (i.e. same values in ACTV, RSZCOMPID, and RSZCOMPTP)?
3. Before, it was my (mistaken) understanding that a query that is published to a role (i.e. exists in a role's role menu) automatically granted the user who was assigned to this role access to that query. I performed a quick test and this seemed not to be the case. I gave the user roles that granted access to queries Z*, but non of the roles had any queries published. I logged in through BEx and sure enough, I could manually type/find the query name and execute the query even though it was not under the Roles list. Therefore, other than making the name of the query appear when you click on the Roles button in BEx, are there any other uses to publishing a query to a certain role?
As always, any help is greatly appreciated!

Are you on BI or old BW, because in BI you also have Analysis Authorization objects which also play a vital role in deciding what can be accesses and what can't be
>
Benjamin Seto wrote:
>
> 1. Basically, it would appear that query access is restricted by the object S_RS_COMP. In S_RS_COMP, the field RSZCOMPID (Name) allows me to restrict access to queries by name (i.e. Z* will provide access to all queries with name starting with 'Z'). One thing that is confusing me is the 2 additional fields: RSINFOAREA (InfoArea) and RSINFOCUBE (InfoCube). My colleague advised, a BW query basically pulls information from an InfoProvider (such as an InfoCube/ODS Object). So, does this mean that even if I allow access to a query by name through RSZCOMPID, if the InfoCube it requires is not included in the RSINFOCUBE field, then the query will fail?
>
Yes, you are right with that. You need to have access to data ( infoproviders) even though you have the queries access. Just like if you have access in SAP to do things and don't have access to the computer itself
>
> 2. I need help in understanding the differences between S_RS_COMP and S_RS_COMP1. From what I can see, they are very similar. Documentation I have read advises that S_RS_COMP1 allows users to administer certain queries but besides the RSZOWNER (Owner - Person Responsible) field, I don't see what else it offers over S_RS_COMP. If I don't need to restrict by Owner, then I have no need for S_RS_COMP1? Would it make sense for the fields in S_RS_COMP and S_RS_COMP1 to always match (i.e. same values in ACTV, RSZCOMPID, and RSZCOMPTP)?
>
If you are not going to restrict by owner then it makes sense to exclude this Authorization Object in the roles.
> 3. Before, it was my (mistaken) understanding that a query that is published to a role (i.e. exists in a role's role menu) automatically granted the user who was assigned to this role access to that query. I performed a quick test and this seemed not to be the case. I gave the user roles that granted access to queries Z*, but non of the roles had any queries published. I logged in through BEx and sure enough, I could manually type/find the query name and execute the query even though it was not under the Roles list. Therefore, other than making the name of the query appear when you click on the Roles button in BEx, are there any other uses to publishing a query to a certain role?
>
You need to save queries on the role, then only they will appear to the user. You can use BEx Query designer to create and save queries on the role. They will appear in the role menu in PFCG also.
We have created a separate reporting role which only has the link to queries.
HAPPY NEW YEAR
Cheers !!
Zaheer

Publishing query in the portal is disbaled in query designer!

Hi,
i had created a new query and now i want to publish this query in the portal!
But the option is grayed out in the query designer.
And my query does not have any role so far! i do not have authorization to create a role either
is it because the query is not included in any role that this option is grayed out? i guess the role relavaent to query will be migrated. ( to Portal and hence publishing the query in the portal option is grayed out )
Even if i could make the role with the authorizations , how could i make the role migrated to Portal
Any suggestions?
Thanks,
Ravi

Hello Arinso,
what stops you of using a <a href="/people/gregor.wolf3/blog/2004/08/25/create-sap-transaction-iview-using-sapgui-for-windows Transaction IView</a> to embedd the SAP GUI into the Portal and do this query?
Regards
Gregor

Problem when trying to publish Query through BeX in Portal as iView

Hi ,
We are trying to publish BW 3.5 query in EP 6.0.
when we are trying to publish the query as iView in portal, it gives the error message 'System Error'. The J2EE Error Log contains the following error :
#1.5#001321FC0EDF001D0000000100000AF800042349427FEAFD#1164697462095#com.sap.security.core.server.jaas##com.sap.security.core.server.jaas#J2EE_GUEST#2##BID#AMARNATH_RR                     #6AA3FE0EADF14B2593F0019B1DB52607#SAPEngine_Application_Thread[impl:3]_17##0#0#Error##Java###Authentication stack: [].
[EXCEPTION]
#2#evaluate_assertion_ticket#javax.security.auth.callback.UnsupportedCallbackException: Unsupported callback!
     at com.sap.engine.services.rfcengine.security.impl.RFCCallbackHandlerImpl.handle(RFCCallbackHandlerImpl.java:49)
     at javax.security.auth.login.LoginContext$5.run(LoginContext.java:812)
     at java.security.AccessController.doPrivileged(Native Method)
     at javax.security.auth.login.LoginContext$SecureCallbackHandler.handle(LoginContext.java:808)
     at com.sap.security.core.server.jaas.EvaluateAssertionTicketLoginModule.removeSSOHeader(EvaluateAssertionTicketLoginModule.java:736)
     at com.sap.security.core.server.jaas.EvaluateAssertionTicketLoginModule.login(EvaluateAssertionTicketLoginModule.java:390)
     at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:69)
     at java.security.AccessController.doPrivileged(Native Method)
     at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:154)
     at com.sap.engine.system.SystemLoginModule.login(SystemLoginModule.java:90)
     at sun.reflect.GeneratedMethodAccessor206.invoke(Unknown Source)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
     at java.lang.reflect.Method.invoke(Method.java:324)
     at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
     at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
     at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
     at java.security.AccessController.doPrivileged(Native Method)
     at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
     at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
     at com.sap.engine.services.rfcengine.RFCDefaultRequestHandler.handleRequest(RFCDefaultRequestHandler.java:60)
     at com.sap.engine.services.rfcengine.RFCJCOServer.handleRequestInternal(RFCJCOServer.java:113)
     at com.sap.engine.services.rfcengine.RFCJCOServer$ApplicationRunnable.run(RFCJCOServer.java:171)
     at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
     at java.security.AccessController.doPrivileged(Native Method)
     at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100)
     at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)
#1.5#001321FC0EDF00140000000600000AF800042349427FF32E#1164697462095#com.sap.engine.services.rfcengine##com.sap.engine.services.rfcengine.RFCJCOServer.handleRequestInternal()####BID#AMARNATH_RR                     #6AA3FE0EADF14B2593F0019B1DB52607#Thread[JCO.ServerThread-8,10,SAPEngine_System_Thread[impl:5]_Group]##0#0#Error##Plain###java.lang.RuntimeException: com.sap.engine.services.rfcengine.RFCException: Incoming call is not authorized#
#1.5#001321FC0EDF00140000000700000AF800042349427FF40A#1164697462111#com.sap.engine.services.rfcengine##com.sap.engine.services.rfcengine.RFCJCOServer.handleRequestInternal()####BID#AMARNATH_RR                     #6AA3FE0EADF14B2593F0019B1DB52607#Thread[JCO.ServerThread-8,10,SAPEngine_System_Thread[impl:5]_Group]##0#0#Error##Plain###java.lang.RuntimeException: com.sap.engine.services.rfcengine.RFCException: Incoming call is not authorized
     at com.sap.engine.services.rfcengine.RFCJCOServer$ApplicationRunnable.run(RFCJCOServer.java:188)
     at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
     at java.security.AccessController.doPrivileged(Native Method)
     at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100)
     at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)
Landscape:We have both BW 3.5 and EP 6.0, SP 16 on the same instance in
same physical machine. EP 6.0 works on J2EE engine as an add-in installtion.
Steps we followed for the integration of EP with BW:
1)Create RFC Destination in J2EE Engine:
Parameters:
Program ID: xyz
Gateway host: abc.ad.company.com
Gateway service: sapgw00
Application server host:abc.ad.company.com
System number: 00
Client: BID
Language: EN
User: sapjsf
Password: ********
2)Maintain RFC Destination for SAP EP 6.0
Parameters:
RFC destination: SAP_EP
Connection type: T for TCP/IP connection
Description: SAP EP RFC Destination
Technical Settings:
- Type of activation: Registered server program
- Program ID: xyz
- Gateway host: abc.ad.company.com
- Gateway service: sapgw00
Logon/Security:
- Send SAP Logon Ticket: Activated
Special Options:
Unicode
3)Maintain Portal Server Settings for SAP EP 6.0 in table RSPOR_T_PORTAL
in BW 3.5
RFC destination: SAP_EP
System name: BIDEV
Default: Checked
Portal URL prefix: http://abc.ad.company.com:50000
RM prefix for BW metadata: <empty>
KM service URL: <empty>
P.S.:We have maintained one more dummy entry as per the SAP Note 815044
in the table RSPOR_T_PORTAL.
4)Maintain Single Sign-On in SAP BW
In transaction RZ10, We have maintained following settings:
login/create_sso2_ticket=2
login/accept_sso2_ticket=1
5)Export BW Certificate to SAP BW and
6)Import BW Certificate to SAP EP 6.0
We have followed the above mentioned two steps.
7)Create BW System in SAP EP 6.0
Parameters:
Log on methods: SAPLOGONTICKET
We have created the BW system and the Connection test in WAS Connection
is working fine.
8)Configure User Management in SAP EP 6.0
This step is not maintained as our scenario does not demand it.
9)Export Portal Certificate to SAP EP 6.0 and
10)Import Portal Certificate to SAP BW
This step is also maintained as per Performance Assistant guidelines in
SPRO.
The user that we are trying to log into BeX Web Query Analyzer is
Amarnath_rr who has 'SAP ALL' rights and the same user in EP is assigned'Super Admin' as well as 'Content Admin' role.
Can anyone throw any light on wat the error might be??

Ricky,
a couple of clarifications :
1. Does the report execute independently on the web - when you execute in Query view over IE or through a web template
2. Check if SSO is properly configured - you can check if SSO is enabled by using TCode STRUST in BW. - the status of PSE should be Green.
Arun
Assign points if useful

Java number format exception for BI Publisher query

I have a data model thats working using one rtf template. Then I created a cross tab query rtf template and when the same data model is executed with the same parameter value, it errors out.
here is my simple rtf template that I defined:
     for: ITEM_KEY end -->1
for: ITEM_KEY-->2 for: ITEM_KEY end end --> 3
For better understanding, 1 is defined as columns of my cross tab, 2 as rows of my cross tab and 3 is the data. I am using version 10.1.3.4ver BIP
Any help regarding the error is appreciated..
Thanks in advance
[011410_035941034][][STATEMENT] Skip migration for cookie (ORA_XDO) is not found
[011410_035941034][][STATEMENT] /Configuration/xdo.cfg not found.
[011410_035941064][][STATEMENT] /Configuration/xdo.cfg not found.
[011410_035941120][][STATEMENT] Logger.init(): *** DEBUG MODE IS ON. ***
[011410_035941120][][STATEMENT] Logger.init(): LogDir=C:\OracleBI\xmlp\xmlplogs
[011410_035941430][][STATEMENT] [ PDF GENERATOR ]---------------------------------------------
[011410_035941430][][STATEMENT] XDO version = Oracle BI Publisher 10.1.3.4.1
[011410_035941430][][STATEMENT] java.home = C:\Program Files\Java\jdk1.6.0_12\jre
[011410_035941431][][STATEMENT] XDO_TOP = null
[011410_035941431][][STATEMENT] Config Path = null
[011410_035941431][][STATEMENT] Debug Cfg Path= C:\Program Files\Java\jdk1.6.0_12\jre\lib\xdodebug.cfg
[011410_035941431][][STATEMENT] Font dir = C:\Program Files\Java\jdk1.6.0_12\jre\lib\fonts\
[011410_035941432][][STATEMENT] Locale = en-US
[011410_035941432][][STATEMENT] Fallback font = type1.Helvetica
[011410_035941432][][STATEMENT] [ PDF GENERATOR PROPERTIES ]----------------------------------
[011410_035941432][][STATEMENT] digit-substitution=null(not set)
[011410_035941433][][STATEMENT] font.ALBANY WT J.normal.normal=truetype.C:\Program Files\Java\jdk1.6.0_12\jre\lib\fonts\ALBANWTJ.ttf
[011410_035941433][][STATEMENT] font.ALBANY WT K.normal.normal=truetype.C:\Program Files\Java\jdk1.6.0_12\jre\lib\fonts\ALBANWTK.ttf
[011410_035941433][][STATEMENT] font.ALBANY WT SC.normal.normal=truetype.C:\Program Files\Java\jdk1.6.0_12\jre\lib\fonts\ALBANWTS.ttf
[011410_035941434][][STATEMENT] font.ALBANY WT TC.normal.normal=truetype.C:\Program Files\Java\jdk1.6.0_12\jre\lib\fonts\ALBANWTT.ttf
[011410_035941434][][STATEMENT] font.ALBANY WT.normal.normal=truetype.C:\Program Files\Java\jdk1.6.0_12\jre\lib\fonts\ALBANYWT.ttf
[011410_035941434][][STATEMENT] font.ANDALE DUOSPACE WT J.normal.bold=truetype.C:\Program Files\Java\jdk1.6.0_12\jre\lib\fonts\ADUOJB.ttf
[011410_035941434][][STATEMENT] font.ANDALE DUOSPACE WT J.normal.normal=truetype.C:\Program Files\Java\jdk1.6.0_12\jre\lib\fonts\ADUOJ.ttf
[011410_035941435][][STATEMENT] font.ANDALE DUOSPACE WT K.normal.bold=truetype.C:\Program Files\Java\jdk1.6.0_12\jre\lib\fonts\ADUOKB.ttf
[011410_035941435][][STATEMENT] font.ANDALE DUOSPACE WT K.normal.normal=truetype.C:\Program Files\Java\jdk1.6.0_12\jre\lib\fonts\ADUOK.ttf
[011410_035941435][][STATEMENT] font.ANDALE DUOSPACE WT SC.normal.bold=truetype.C:\Program Files\Java\jdk1.6.0_12\jre\lib\fonts\ADUOSCB.ttf
[011410_035941435][][STATEMENT] font.ANDALE DUOSPACE WT SC.normal.normal=truetype.C:\Program Files\Java\jdk1.6.0_12\jre\lib\fonts\ADUOSC.ttf
[011410_035941436][][STATEMENT] font.ANDALE DUOSPACE WT TC.normal.bold=truetype.C:\Program Files\Java\jdk1.6.0_12\jre\lib\fonts\ADUOTCB.ttf
[011410_035941436][][STATEMENT] font.ANDALE DUOSPACE WT TC.normal.normal=truetype.C:\Program Files\Java\jdk1.6.0_12\jre\lib\fonts\ADUOTC.ttf
[011410_035941436][][STATEMENT] font.ANDALE DUOSPACE WT.normal.bold=truetype.C:\Program Files\Java\jdk1.6.0_12\jre\lib\fonts\ADUOB.ttf
[011410_035941436][][STATEMENT] font.ANDALE DUOSPACE WT.normal.normal=truetype.C:\Program Files\Java\jdk1.6.0_12\jre\lib\fonts\ADUO.ttf
[011410_035941437][][STATEMENT] font.CG TIMES.italic.bold=type1.Times-BoldItalic
[011410_035941437][][STATEMENT] font.CG TIMES.italic.normal=type1.Times-Italic
[011410_035941437][][STATEMENT] font.CG TIMES.normal.bold=type1.Times-Bold
[011410_035941437][][STATEMENT] font.CG TIMES.normal.normal=type1.Times-Roman
[011410_035941438][][STATEMENT] font.COURIER NEW.italic.bold=type1.Courier-BoldOblique
[011410_035941438][][STATEMENT] font.COURIER NEW.italic.normal=type1.Courier-Oblique
[011410_035941438][][STATEMENT] font.COURIER NEW.normal.bold=type1.Courier-Bold
[011410_035941438][][STATEMENT] font.COURIER NEW.normal.normal=type1.Courier
[011410_035941439][][STATEMENT] font.COURIER.italic.bold=type1.Courier-BoldOblique
[011410_035941439][][STATEMENT] font.COURIER.italic.normal=type1.Courier-Oblique
[011410_035941439][][STATEMENT] font.COURIER.normal.bold=type1.Courier-Bold
[011410_035941439][][STATEMENT] font.COURIER.normal.normal=type1.Courier
[011410_035941440][][STATEMENT] font.DEFAULT.italic.bold=type1.Helvetica-BoldOblique
[011410_035941440][][STATEMENT] font.DEFAULT.italic.normal=type1.Helvetica-Oblique
[011410_035941440][][STATEMENT] font.DEFAULT.normal.bold=type1.Helvetica-Bold
[011410_035941440][][STATEMENT] font.DEFAULT.normal.normal=type1.Helvetica
[011410_035941441][][STATEMENT] font.GLFALLBACK.normal.normal=truetype.C:\Program Files\Java\jdk1.6.0_12\jre\lib\fonts\ALBANWTJ.ttf
[011410_035941441][][STATEMENT] font.HELVETICA.italic.bold=type1.Helvetica-BoldOblique
[011410_035941441][][STATEMENT] font.HELVETICA.italic.normal=type1.Helvetica-Oblique
[011410_035941441][][STATEMENT] font.HELVETICA.normal.bold=type1.Helvetica-Bold
[011410_035941442][][STATEMENT] font.HELVETICA.normal.normal=type1.Helvetica
[011410_035941442][][STATEMENT] font.MONOSPACE.italic.bold=type1.Courier-BoldOblique
[011410_035941442][][STATEMENT] font.MONOSPACE.italic.normal=type1.Courier-Oblique
[011410_035941443][][STATEMENT] font.MONOSPACE.normal.bold=type1.Courier-Bold
[011410_035941443][][STATEMENT] font.MONOSPACE.normal.normal=type1.Courier
[011410_035941443][][STATEMENT] font.SANS-SERIF.italic.bold=type1.Helvetica-BoldOblique
[011410_035941443][][STATEMENT] font.SANS-SERIF.italic.normal=type1.Helvetica-Oblique
[011410_035941444][][STATEMENT] font.SANS-SERIF.normal.bold=type1.Helvetica-Bold
[011410_035941444][][STATEMENT] font.SANS-SERIF.normal.normal=type1.Helvetica
[011410_035941444][][STATEMENT] font.SERIF.italic.bold=type1.Times-BoldItalic
[011410_035941444][][STATEMENT] font.SERIF.italic.normal=type1.Times-Italic
[011410_035941445][][STATEMENT] font.SERIF.normal.bold=type1.Times-Bold
[011410_035941445][][STATEMENT] font.SERIF.normal.normal=type1.Times-Roman
[011410_035941445][][STATEMENT] font.SYMBOL.normal.normal=type1.Symbol
[011410_035941445][][STATEMENT] font.TIMES NEW ROMAN.italic.bold=type1.Times-BoldItalic
[011410_035941446][][STATEMENT] font.TIMES NEW ROMAN.italic.normal=type1.Times-Italic
[011410_035941446][][STATEMENT] font.TIMES NEW ROMAN.normal.bold=type1.Times-Bold
[011410_035941446][][STATEMENT] font.TIMES NEW ROMAN.normal.normal=type1.Times-Roman
[011410_035941446][][STATEMENT] font.TIMES.italic.bold=type1.Times-BoldItalic
[011410_035941447][][STATEMENT] font.TIMES.italic.normal=type1.Times-Italic
[011410_035941447][][STATEMENT] font.TIMES.normal.bold=type1.Times-Bold
[011410_035941448][][STATEMENT] font.TIMES.normal.normal=type1.Times-Roman
[011410_035941448][][STATEMENT] font.ZAPFDINGBATS.normal.normal=type1.ZapfDingbats
[011410_035941449][][STATEMENT] pdf-changes-allowed=0
[011410_035941450][][STATEMENT] pdf-compression=true
[011410_035941450][][STATEMENT] pdf-enable-accessibility=true
[011410_035941451][][STATEMENT] pdf-enable-copying=false
[011410_035941451][][STATEMENT] pdf-encryption-level=0
[011410_035941452][][STATEMENT] pdf-font-embedding=true
[011410_035941452][][STATEMENT] pdf-hide-menubar=false
[011410_035941453][][STATEMENT] pdf-hide-toolbar=false
[011410_035941453][][STATEMENT] pdf-no-accff=false
[011410_035941454][][STATEMENT] pdf-no-cceda=false
[011410_035941454][][STATEMENT] pdf-no-changing-the-document=false
[011410_035941454][][STATEMENT] pdf-no-printing=false
[011410_035941455][][STATEMENT] pdf-open-password=
[011410_035941456][][STATEMENT] pdf-permissions=0
[011410_035941456][][STATEMENT] pdf-permissions-password=
[011410_035941457][][STATEMENT] pdf-printing-allowed=0
[011410_035941457][][STATEMENT] pdf-replace-smartquotes=true
[011410_035941458][][STATEMENT] pdf-security=false
[011410_035941458][][STATEMENT] ------------------------------------------------------
[011410_035941462][][STATEMENT] WARNING: Old RTF version detected, nested table disabled
[011410_035941466][oracle.apps.xdo.common.font.FontFactory$FontDef][STATEMENT] Type1 font created: Helvetica
[011410_035941468][oracle.apps.xdo.common.font.FontFactory$FontDef][STATEMENT] TrueType font created: C:\Program Files\Java\jdk1.6.0_12\jre\lib\fonts\ALBANWTJ.ttf(0)
[011410_035941469][oracle.apps.xdo.common.font.FontFactory$FontDef][STATEMENT] Type1 font created: Times-Roman
[011410_035941481][][ERROR] java.lang.NumberFormatException: For input string: ""
     at java.lang.NumberFormatException.forInputString(NumberFormatException.java:48)
     at java.lang.Integer.parseInt(Integer.java:468)
     at java.lang.Integer.parseInt(Integer.java:497)
     at oracle.apps.xdo.template.rtf.table.RTFTable.parseColumnContext(Unknown Source)
     at oracle.apps.xdo.template.rtf.table.RTFTable.getTransformedFO(Unknown Source)
     at oracle.apps.xdo.template.rtf.RTF2XSLParser.closeTable(Unknown Source)
     at oracle.apps.xdo.template.rtf.RTF2XSLParser.publishText(Unknown Source)
     at oracle.apps.xdo.template.rtf.RTF2XSLParser.begingroup(Unknown Source)
     at oracle.apps.xdo.template.rtf.io.RTFFilter.write(Unknown Source)
     at oracle.apps.xdo.template.rtf.io.Filter.write(Unknown Source)
     at oracle.apps.xdo.template.rtf.RTF2XSLParser.write(Unknown Source)
     at oracle.apps.xdo.template.rtf.io.Filter.readFromStream(Unknown Source)
     at oracle.apps.xdo.template.rtf.RTFParser.generate(Unknown Source)
     at oracle.apps.xdo.template.rtf.RTF2XSLParser.generateXSL(Unknown Source)
     at oracle.apps.xdo.template.RTFProcessor.process(Unknown Source)
     at oracle.apps.xdo.servlet.RTFCoreProcessor.getXSLFOFile(RTFCoreProcessor.java:155)
     at oracle.apps.xdo.servlet.RTFCoreProcessor.transform(RTFCoreProcessor.java:65)
     at oracle.apps.xdo.servlet.CoreProcessor.process(CoreProcessor.java:276)
     at oracle.apps.xdo.servlet.CoreProcessor.generateDocument(CoreProcessor.java:82)
     at oracle.apps.xdo.servlet.ReportImpl.renderBodyHTTP(ReportImpl.java:552)
     at oracle.apps.xdo.servlet.ReportImpl.renderReportBodyHTTP(ReportImpl.java:255)
     at oracle.apps.xdo.servlet.XDOServlet.writeReport(XDOServlet.java:270)
     at oracle.apps.xdo.servlet.XDOServlet.writeReport(XDOServlet.java:250)
     at oracle.apps.xdo.servlet.XDOServlet.doGet(XDOServlet.java:178)
     at oracle.apps.xdo.servlet.XDOServlet.doPost(XDOServlet.java:201)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
     at com.evermind.server.http.ResourceFilterChain.doFilter(ResourceFilterChain.java:64)
     at oracle.apps.xdo.servlet.security.SecurityFilter.doFilter(SecurityFilter.java:94)
     at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:621)
     at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:368)
     at com.evermind.server.http.HttpRequestHandler.doProcessRequest(HttpRequestHandler.java:866)
     at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:448)
     at com.evermind.server.http.HttpRequestHandler.serveOneRequest(HttpRequestHandler.java:216)
     at com.evermind.server.http.HttpRequestHandler.run(HttpRequestHandler.java:117)
     at com.evermind.server.http.HttpRequestHandler.run(HttpRequestHandler.java:110)
     at oracle.oc4j.network.ServerSocketReadHandler$SafeRunnable.run(ServerSocketReadHandler.java:260)
     at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:303)
     at java.lang.Thread.run(Thread.java:619)
[011410_035941485][][ERROR] [Line 41.172] Internal exception
[011410_035941486][oracle.apps.xdo.common.font.FontFactory][STATEMENT] type1.Helvetica closed.
[011410_035941487][oracle.apps.xdo.common.font.FontFactory][STATEMENT] type1.Times-Roman closed.
[011410_035941487][oracle.apps.xdo.common.font.FontFactory][STATEMENT] truetype.C:\Program Files\Java\jdk1.6.0_12\jre\lib\fonts\ALBANWTJ.ttf closed.
[011410_035941491][][EXCEPTION] oracle.apps.xdo.XDOException: For input string: ""
     at oracle.apps.xdo.template.rtf.RTFParser.generate(Unknown Source)
     at oracle.apps.xdo.template.rtf.RTF2XSLParser.generateXSL(Unknown Source)
     at oracle.apps.xdo.template.RTFProcessor.process(Unknown Source)
     at oracle.apps.xdo.servlet.RTFCoreProcessor.getXSLFOFile(RTFCoreProcessor.java:155)
     at oracle.apps.xdo.servlet.RTFCoreProcessor.transform(RTFCoreProcessor.java:65)
     at oracle.apps.xdo.servlet.CoreProcessor.process(CoreProcessor.java:276)
     at oracle.apps.xdo.servlet.CoreProcessor.generateDocument(CoreProcessor.java:82)
     at oracle.apps.xdo.servlet.ReportImpl.renderBodyHTTP(ReportImpl.java:552)
     at oracle.apps.xdo.servlet.ReportImpl.renderReportBodyHTTP(ReportImpl.java:255)
     at oracle.apps.xdo.servlet.XDOServlet.writeReport(XDOServlet.java:270)
     at oracle.apps.xdo.servlet.XDOServlet.writeReport(XDOServlet.java:250)
     at oracle.apps.xdo.servlet.XDOServlet.doGet(XDOServlet.java:178)
     at oracle.apps.xdo.servlet.XDOServlet.doPost(XDOServlet.java:201)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
     at com.evermind.server.http.ResourceFilterChain.doFilter(ResourceFilterChain.java:64)
     at oracle.apps.xdo.servlet.security.SecurityFilter.doFilter(SecurityFilter.java:94)
     at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:621)
     at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:368)
     at com.evermind.server.http.HttpRequestHandler.doProcessRequest(HttpRequestHandler.java:866)
     at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:448)
     at com.evermind.server.http.HttpRequestHandler.serveOneRequest(HttpRequestHandler.java:216)
     at com.evermind.server.http.HttpRequestHandler.run(HttpRequestHandler.java:117)
     at com.evermind.server.http.HttpRequestHandler.run(HttpRequestHandler.java:110)
     at oracle.oc4j.network.ServerSocketReadHandler$SafeRunnable.run(ServerSocketReadHandler.java:260)
     at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:303)
     at java.lang.Thread.run(Thread.java:619)
Edited by: user566193 on Jan 14, 2010 2:10 PM

Drop me the template , 2 templates and xml.. to FUSIONdotOBJECTatGMAILdotCOM
Something wrong in template or data

ADHOC Query Authorization

Hi Experts,
How authorization can be assigned to a query created by PAAH transaction (adhoc query).
If a query is created by particular user/user group, it should not be altered by other user / user group.
Please advice.Thanks in Advance.
Regards,
IFF

Hello,
Through P_PERNR we could restrict the authorisations for adhoc query for a particular user.
Using the employee sbu group field value found under the P_ORGINCON authorisation object we could restrict the authorisations for a particular group of users.
Hope this answers your query.
Kindly let me know if you need any further help in this regards.
Pramathesh.

BI Query Authorization issue

Hi,
When a test user execute a query he is getting Insuffucient athorization
In RSECADMIN i executed as a test user and got the log
Please update me how to resolve the issue
No Sufficient Authorization for This Subselection (SUBNR)
Following CHANMIDs Are Affected:
17 ( 0TCAKYFNM )
Thanks

Hi there,
Regarding the 0TCAKYFNM "containing" information of all key figures, that's why I put the "", because this object doesn't contain anything, it is simply an InfoObject standard that SAP has with the flag marked in authorization relevant in transaction RSD1. This object exists for assigning key figures authorization used through the transaction RSECADMIN.
Even without the user notice, this object is checked against all the queries over all the InfoProviders.
If you go to transaction RSD1 for the InfoObject 0TCAKYFNM click on display on the Business Explorer tab you'll see the option AuthorizationRelevant marked. This will force the check for key figures assignment for all the queries against the authorization grnated through this object assigned to the user.
So if in this transaction RSD1 you change on the tab Business Explorer for this object 0TCAKYFNM and uncheck the AuthorizationRelevant, none of the key figures will be checked against the authorizations the users have to the InfoObject 0TCAKYFNM (since this InfoObject will no longer be authorization relevant).
If you leave the flag AuthorizationRelevant for the InfoObject 0TCAKYFNM as it is (marked), then in RSECADMIN as you did before, instead of granting * values (all values, all key figures) for the 0TCAKYFNM, you granted for instance the value 0QUANTITY and assign this authorization to the users, if this user executed a query with only the 0AMOUNT key figure he/she would receive lack of authorization, since he/she was only authorized to see values for 0QUANTITY key figure. So resuming, the values you assign for the InfoObject 0TCAKYFNM will be the key figures the user is authorized to see the query, and if you assing * it will be all the key figures (all values)
Hope this helps,
Regards,
Diogo.

Infoset query authorization problem

Hi All,
We created one Infoset(used PNP Logical database) - SQ02 in DEV system and transported to PRD system. Users are creating their own queries and check the data. Actually this is Cluster system. Three or more different hospitals clubbed together so company codes are different for each hospital.
Doubts are
1. Is it possible to restrict own hospital users to execute the query created by one user ?
2. Whether other hospital user can run the query created by one hospital and see all hospitals information?
Please let me know if I am not clear .
Regards,
Venkat.O

If I understood your question correctly, you want certain infoset to be used by specific users and not all. You can do it by defining an "Authorization Group" and assigning it to desired users.
To do so, select your infoset >> choose change >> select 'Global Properties' from the menu bar >> specify a group name in Authorization Group field.
Later you can update your user role with S_PROGRAM authorization object.
Hope it helps...

BEx query Authorization works in BW but fails in WebI

Have a BEx query which has 5 fields marked as authorization relevent. Some of the fields use BW Auth variable in the BEx query, although not all fields do. The BEx query runs fine and does not throw any authorization failures. One of the fields is Org Unit, which uses hierarchy node variable. This field and its user variable exist in two different queries, using different multiprovider.
One BEx query and its corresponding universe and WebI report fails when user tries to refresh Org Unit prompt values in WebI, however a secondar query with identical field and variable does not fail. A trace on BW side does not reveal any authorization failures. We tried refreshing the universe and even creating a whole new universe, refreshing it, etc.. however the issue is not resolved.
Has anyone seen this problem before? If so, how did you resolve it.

Hi,
You need Single sign-on (SSO).
Regards

Query authorization problem

Hi,
I had an old query on a multiprovider (two infocubes were added in multiprovider). The report was running fine. Then according to new requirement i added one more infocube to the multiprovider and added related key figures in the query.
But after that the query is not running properly. The new cube added to multiprovider has a authorization object "z:indauth" which has restriction on character "ci_dipind" which was not present in the previous cubes. I added this character (ci_dipind) in free characteristics. But then also report is not showing any data and the message given is "No applicable data found". Actually before this modification, query was running fine.
Please guide me for the same.
Regards,
Pravin.

Hi
You can check the values for which the authorization is not there using the transaction st01. There switch on the authorization trace and then run the query with your parameters. Then switch off the trace and analyse the values.
There you can find what authorizations you are lacking and then can act accordingly.
Cheers
Vishal Vashishta

Query authorizations and the result in Bex Analyzer

Hi,
Is the following possible to achieve by nesting authorizations?
User X has the following 2 authorization roles:
role 1 (description: FIGL)
|--- Query 1
role 2 (description: FIGL)
|--- Query 2
Visualisation in BEx:
Folder FIGL
|--- Query 1
|--- Query 2
At the moment I see
FIGL
|--- Query 1
FIGL
|--- Query 2
I hope the ASCII art is a little bit clear
As you can see, both roles are technical 2 different objects, so they are split. Any possibility to let the queries from role 1 to appear in role 2 (merge them in the visualisation)? I already played with the "derive from role" option, but this totally replaced the menu from the receiving role...
kr,
Rutger Hennico

Hi.
'ZCDAY' = User date Variable on 0CALDAY. (If User will give date).
'ZDYS'   = Formula Variable with Customer Exit, Dimension ID = Number.
DATA: DY TYPE SY-DATUM.
WHEN 'ZDYS'.
      LOOP AT i_t_var_range INTO loc_var_range WHERE vnam = 'ZCDAY'.
        CLEAR l_s_range.
        DY = loc_var_range-low+6(2).
        l_s_range-low = DY.
        l_s_range-sign = 'I'.
        l_s_range-opt = 'EQ'.
        APPEND l_s_range TO e_t_range.
        CLEAR l_s_range.
      ENDLOOP.
if there is no User Input then use..**
WHEN 'ZDYS'.
      LOOP AT i_t_var_range INTO loc_var_range.
        CLEAR l_s_range.
        DY = loc_var_range-low+6(2).
        l_s_range-low = DY.
        l_s_range-sign = 'I'.
        l_s_range-opt = 'EQ'.
        APPEND l_s_range TO e_t_range.
        CLEAR l_s_range.
      ENDLOOP.
Thanks
Reddy

Publish Query - Authorization

Similar Messages

Maybe you are looking for