Query on Roles and permissions in UCM 11g

Similar Messages

• Create Roles and Permissions using API

  Hello,
  I'm new to Java and I'm trying to create Roles and Permissions in LiveCycle using API's. Can someone please check and correct my code below?
              //Create a ServiceClientFactory object
              ServiceClientFactory myFactory = ServiceClientFactory.createInstance(connectionProps);
              // Create an AuthorizationManagerServiceClient object
              AuthorizationManagerServiceClient amClient = new AuthorizationManagerServiceClient(myFactory);
              RoleImpl ri = new RoleImpl();
              ri.setName("Test ES Role");
              ri.setDescription("Test Role via API");
              ri.setMutableStatus(true);
              amClient.createRole(ri);
  Executing the above code throws exception as below;
  com.adobe.idp.um.api.UMException| [com.adobe.livecycle.usermanager.client.AuthorizationManagerServiceClient] errorCode:16385 errorCodeHEX:0x4001 message:Exception thrown is NOT a DSCException : UnExpected From DSC chainedException:java.lang.IllegalStateExceptionchainedExceptionMessage:null chainedException trace:java.lang.IllegalStateException
            at com.adobe.idp.dsc.clientsdk.ServiceClientFactory$1.handleThrowable(ServiceClientFactory.j ava:72)
            at com.adobe.idp.dsc.clientsdk.ServiceClient.invoke(ServiceClient.java:220)
            at com.adobe.livecycle.usermanager.client.AuthorizationManagerServiceClient.createRole(Autho rizationManagerServiceClient.java:159)
            at com.adobe.lc.ManageRolesAndPermissions.main(ManageRolesAndPermissions.java:70)
  Caused by: java.lang.NoClassDefFoundError: javax.ejb.EJBException
            at com.adobe.idp.dsc.clientsdk.ServiceClientFactory.evaluateMessageDispatcher(ServiceClientF actory.java:595)
            at com.adobe.idp.dsc.clientsdk.ServiceClient.invoke(ServiceClient.java:215)
            ... 2 more
  Caused by: java.lang.ClassNotFoundException: javax.ejb.EJBException
  Thank you,
  Sandeep

  Mahesh,
  Refer to your other thread ..
  API to create new items in inventory
  API to create new items in  inventory
  Regards,
  Hussein

• OBIEE Roles and Permissions

  Hi,
  I am new to OBIEE. I have installed OBIEE 10.1.3.4.1 in Windows Machines.
  I want to create user in OBIEE and i need to give appropriate permissions those users.
  How to give roles and permissions in OBIEE .Please help me
  Thanks,
  Vijay.

  Hi Vijay,
  Please start here; http://gerardnico.com/wiki/dat/obiee/security_10g
  Good Luck,
  Daan Bakboord
  http://obibb.worpdress.com

• Query user roles and access

  hi,
  How can query user roles and access in whole database? I want to list username, status, rights, and role
  thanks
  P

  Hi,
  The data dictionary view dba_users has one row per user.
  The data dictionary view dab_role_privs has one row for every distinct combination of user and role that actually occurs ion your database,
  Are you interested in system privileges? See dba_sys_privs.
  Are you interested in individual grants, like the privilege to UPDATE a given table, or the privilege to execute a given stored procedure? See dba_tab_privs. (Don't be fooled by the name; it's not just for tables.)
  I hope this answers your question.
  If not, post some CREATE statements, that create tables, roles, and whatever else you want, and some GRANT statmeents that grant privileges on those objects. Pos the results that you would want to get from those objects and grants.

• Roles and permissions

  I have a couple of questions.
  1. How would I go about fitting a custom permission resolver for SOA suite ?
  2. Is there a way to print the roles,users and permissions to debug ? My roles could be in LDAP or a database but permissions are in system-jazn-data.xml. Why are these permissions stored in a XML file ?
  Mohan

  Where do the LDAP implementation classes write their logs ?
  My worklist application writes logs to orabpel.log like the following.
  <2009-05-16 16:46:44,954> <DEBUG> <collaxa.cube.services> <LDAPUtil::getJNDIContext> JNDI Connection received
  My bpel console hits openldap but does not write log the same way. It shows that the user does not have enough privileges. So basically I don't see what is being done by my LDAP classes.

• Weblogic and Auth NTLM - UCM 11g

  Hello
  Guys,
  Has anyone set up Auth NTLN on Weblogic?
  We have been upgrading UCM (Universal Content Management) to a new version 11g. We must remain the same setup on UCM 11g. The older version 10g, that we were using a module on Apache mod_ntlm: http://modntlm.sourceforge.net/, but we cant´use this module because the new version runs on Weblogic.
  Any idea will be perfect.

  Hi
  Srinath
  I am looking for NTLM´s Auth on the UCM 11g. The idea is: the Weblogic gets and authenticates the credentials of the user and passes to the UCM.
  I found this article in the metalink: Step-by-Step Instructions to Configure Single Sign-On with Microsoft Clients [ID 1401327.1], but kerberos is much better than NTLM because the protocol is more secure and softer.
  By the way what´s meaning of WNA ?
  Thanks
  Raphael
  Edited by: raphael.milani on Jan 15, 2013 4:53 AM

• Associate roles and permissions to users that existe on a database

  Hi,
  i want realise a secure authentification i used ADF Configuration but i found out that i cant bring my users from my database. i can just create new users with roles in Jdeveloper.
  do you how we can bring users to Jdeveloper and associate to them roles and permission ?

  i found this tutorial that is that what i did :
  1. Start up weblogic server (Run .. Start Server Instance)
  2. Log on to weblogic console ( http://localhost:7101/console/ )
  3. Use default username/password weblogic/weblogic1
  4. Create a datasource to connect to the schema where the authenticating database tables are (Services .. JDBC .. Data Sources)
  5. Use unique name for datasource. Use JINDI name of jdbc/
  6. Enter database name, schema name and password and test
  7. Add new Authentication provider (Security Realms .. myrealm .. Providers .. New)
  8. Enter datasource name, type SQLAuthenticator click Ok
  9. Going back into provider, change control flag to Sufficient
  10. Select Provider Specific tab and choose Plaintext passwords, password algorithm SHA-1
  11. Shut down weblogic
  12. Edit config.xml file in JDEV_DIR/system11.1.1.2.36.55.36/DefaultDomain/config and replace sql authenticator sql statements with those from web blog
  13. Restart weblogic.
  14. Go to users/groups tab in securty realm and view users and groups imported from database
  15. Set control flag for other providers to "Sufficient"
  source : http://brent.hmdclinical.com/2010/03/using-database-tables-as-weblogic.html
  but the step 12 i dont know what i need to change and with what ?

• Roles and Permissions in Oracle BI Publisher

  Hi,
  I am trying to do Role based access in the Oracle BI reporting.The roles will be in the OVD/OID and OBIR reports access should be controlled as per those roles.
  The document I refered is
  http://docs.oracle.com/cd/E14571_01/bi.1111/e13880/T539768T526688.htm#xdosa_und_users.
  When I clicked on Permissions and added some permissions like Read,Write etc..and clicked Ok,"Failed" message is displaying.
  Any idea why this error is coming?
  Thanks in advance.
  Edited by: Subin Cheruvath on Feb 17, 2013 11:00 PM

  DiscoUser.
  Skulls lays it out well in that a database user has a database name (ie: rproudman). Then they can have a role (ie: cost manager).
  Similarly in Oracle Apps, there is an Oracle Apps user (ie: could be the same - rproudman). And they can have one or many responsibilities (ie: cost manager).
  Where Disco is concerned, is that if you create an Apps mode EUL, when you log in with your Oracle Apps username and password, you are presented with a list of Oracle Apps responsibilities that have been assigned to you in Oracle Apps (unless you only have 1 responsibility where the list won't be presented, but you'll be using that responsibility by default). As security, workbooks, etc. can - AND SHOULD - only be shared with responsibilities, when you log in to Disco as one responsibility, you might see a number of reports you're allowed to run. Go back in with a new responsibility and you may see a different set of reports. Works just like switching responsibility in Oracle Apps.
  Russ

• How to control the download permissions in UCM.11g

  In UCM ,About the download file permissions.
  For example,project manager can download ,Ordinary employees can't download.
  How to realize the function.

  If I got you requirement, I think you are looking for something outside a DMS system (like UCM).
  DMS, as backend systems, can only control access to the file. Once a user has at least 'R'(Read) access, the file is provided to a front-end client application, being it a web browser for web-viewable files, or desktop apps for native files. There, the backend systems have no controls. Oracle has a solution to provide security control over content also at client machines. It is called Information Rights Management (IRM). However, see this support note concerning this product: https://support.oracle.com/epmos/faces/DocumentDisplay?id=1407453.1

• How to create a report of users in ucm about their roles and permission

  Hi All ,
  I need to create a report and it should contain all the users in ucm as well as their roles and permissions. Basically the report would be for the admin who can see all the users in a single report and can know about the roles and access of each and every users.
  How to create such report ?? I have tried from web layuot editor but the default report template i.e stdUserReport in user datasource does not contain more than three fields..Is there any method to get such kind of report???
  Please suggest!!

  There was an example component to demonstrate this kind of function. Under Stellent in version 7.5
  I do not know if they hand it out anymore but it is not on the standard samples page for Oracle. You may want to open a Support SR to ask for it. It should still be around in their servers if they can get permission to hand it out as a sample again.
  Sample CustomReports component to demonstrate how to create customized reports
  CustomReportsBundle.zip
  Date:     October 30, 2006
  Sample Version:     version=2006_10_20 (build 1)
  Product and Version:     Content Server
  Sample Status:     This is a Stellent Sample. Stellent Samples are free and include non-supported add-ons, utilities, tutorials or programming examples. It may require additional configuration or security auditing for maximum effect. It is not supported by Stellent without a consulting engagement.

• Roles included in Roles and how it effects User Content

  I want to have one role which generates a tab called "Budget Development" under this tab depending on the users other assigned roles I want from 1 to 3 addition tabs or selections to appear. Based opn user assigned Roles
  When I create 3 additional roles, and assign them to the Parent Role (Budget  Development) all 3 tabs appear evenif the addional roles are not assigned to the user.
  Role 1 "Budget Development"
              Role 1.1 "Budget Add"
              Role 1.2  "Budget Change"
              Role 1.3  " Budget Delete"
  I have access to all 3 tabs/selection and the functionality when I am assigned the 1 role of "Budget Development"
  How do I selectivly Display Sub-Roles based on Portal Roles and permissions etc.
  Thanks for any help.
  Sarah

  Hi Sarah,
               You can achieve this by the 'Merged Role Concept'.
  1)Create 3 roles with the same name say "Budget Development" which will have different ID's though.
  -Under the role properties set the "Merge ID" for each role. The mergeID has to be the same for all the 3 roles.
  2) Now create 3 worksets say "Budget Add", "Budget Change" and " Budget Delete".
  - and assign each of these worksets to 3 different roles that we have first defined.
  Now depending upon which user needs what access you can assign the roles. The user will see one role but different worksets underneath based upon what he has been assigned.
  -Let me know if you have any further issues with this.

• UCM 11g and Weblogic SQL Authenticator

  A bit lengthy question about UCM 11g using WLS Security providers for user authentication.
  There's a lot of stuff on the web about integrating UCM 11g with WLS AD/LDAP authenticators. However there's literally nothing about integrating it with SQL-based authenticators. Does it mean that using WLS's built-in providers other than AD/LDAP is not supported ?
  I tried configuring my Custom DBMS Authenticator - it works fine. I can see my users/groups and membership info read from the DB in WLS Admin Console. The users can even log in to the Content Server but their WLS groups are never mapped to UCM roles/accounts. I tried reordering the WLS authenticators so that the DBMS authenticator is at the top but this does not help. Does this mean that group -> role/account mapping works only with LDAP ?
  thanks in advance

  Hi Sirnath,
  Thanks for the prompt reply.
  I did another exercise and defined the contributor group in both the DefaultAuthenticator and the SQL Authenticator and created two users 'default' (int the DefaultAuthenticator) and 'sql' (in the SQL authenticator). Both users are members of the 'contributor' group (in the respective Authenticator). If I log in as either of the users they all have the proper principals/credentials set in the javax.security.auth.Subject instance (the 'contributor' is a principal and a credential in both cases). However UCM maps it to a role only for the 'default' user.
  Is it possible that the JPS provider somehow bypasses the javax.security.auth.Subject abstraction? Do you know of any related docs available online ?

• How to pull Roles and Policies from backend using SQL query in OIA

  Hello,
  I have Roles and Policies defined in OIA with mapping each other and there is no direct extract report from OIA Web console.
  Is there any oracle SQL query by which we can get the data and filter the Policies based on the role ?
  Note: We have one Role having more than one Polcies defined in OIA.
  Appreciate your help.
  Thanks

  I am quoting this from MOS Doc Id "Why would multiple session records be present in the User Sessions screen in P6 Web, and why might some of them have different IP addresses? (Doc ID 1600172.1)"
  Multiple sessions show up for users since different sections of P6 Web have their own sessions associated with them. If a user is authorized to use multiple areas of the software they will have multiple sessions each time they log in. Additionally, if users are closing their browsers before logging out of P6 Web Access you might see some past sessions still appearing in the list. These will eventually be cleared out by background jobs, however you can also reset the sessions in the software by clicking the "Reset User" link (Administer > User Sessions > Manage User Sessions), or by choosing the "Reset All Users" link (Administer > User Sessions > Manage User Sessions) to do this for all past sessions.
  Multiple IP addresses for sessions can happen when a user logs in from different machines. For example, a person may login at their desk, but then go to a colleagues workstation to discuss a project, and log in from there. Doing so will leave them with multiple IP addresses in the session records.
  Hope this helps
  Regards,
  Sachin Gupta

• ABAP User Roles and Query for accessing particular T- codes and Reports

  dear Gurus
  I have one problem, i want to know about ABAP User Query ,i have one requirement my user wants to Lock all the HR Std versus Customized reports in T- code SQ01,other department peoples also see the Payslips and Hr personal reports which is harmfull to the dept so i want to Lock all the reports in Std T- code in SQ01 and i have created one Customized User Roles or Query in which the T-codes and Reports are assigned only those particular user can access the T-codes and Std reports .how can it be possible i dont have any idea about user roles and Queries .
  kindly help me out or send me some documents related to user roles and queries
  regards ritesh sharma

  Hi Ritesh,
  https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/103cafc2-7a64-2b10-14b3-eddb7d324561
  Regards,
  Flavya

• Configure security-role and method permission for EJB 3.0 using Jdev 11g

  The EJB 3.0 session bean created by Jdev 11g EJB wizard does not have ejb-jar.xml. Where and how can security-role and method permission for the EJB be configured?
  For example,
  <assembly-descriptor>
  <security-role>
  <role-name>managers</role-name>
  </security-role>
  <method-permission>
  <role-name>managers</role-name>
  <method>
  <ejb-name>Employees</ejb-name>
  <method-name>setSalary</method-name>
  <method-params>
  <method-param>java.lang.Long</method-param>
  </method-params>
  </method>
  </method-permission>
  </assembly-descriptor>

  user516954,
  By default annotations are used. However, you can create a new descriptor and that will take presidence over any declared annotation.
  --Ric