R/3 User Data store in Portal....?

Similar Messages

• How to use rdbms as users data store in a form authentication webapp?

  Hi,ALL!
  WLS 10.3
  This is part of web.xml:
  <security-constraint>
       <web-resource-collection>
            <web-resource-name>secureweb</web-resource-name>
            <url-pattern>/secureweb/*</url-pattern>
       </web-resource-collection>
       <auth-constraint>
            <role-name>Users</role-name>
       </auth-constraint>
  </security-constraint>
  <login-config>
       <auth-method>FORM</auth-method>
       <form-login-config>
            <form-login-page>/login.htm</form-login-page>
            <form-error-page>/login_fail.jsp</form-error-page>
       </form-login-config>
  </login-config>
  Every time I want to access web page in /secureweb/,it takes me to /login.htm,and when I want to login on from /login.htm,it takes me to /login_fail.jsp,so I think there is nothing wrong with web.xml but WLS's configuration.
  There is only one Security Realm called "myrealm" in my domain,and besides the DefaultAuthenticator and DefaultIdentityAsserter,I created a new SQL Authencator called sql_auth in front of them,after that,I created tables(USERS,GROUPS,GROUPMEMBERS) in my Oracle database accordding to the configurations in sql_auth,and insert some user data.
  But it never successed when I used the data in the database to test the authentication,it allways go to the /login_fail.jsp page...
  What's wrong there?
  Best Regards!
  Edited by: Linyin.Huang on Jun 18, 2009 5:02 AM

  Hello,these are the SQLs from the "provider specific" configuration tab in my SQLAuthenticator,in fact,it's provided by WLS,and I have never modified them:
  SQL Get Users Password:SELECT U_PASSWORD FROM USERS WHERE U_NAME = ?
  SQL Set User Password:UPDATE USERS SET U_PASSWORD = ? WHERE U_NAME = ?
  SQL User Exists:SELECT U_NAME FROM USERS WHERE U_NAME = ?
  SQL List Users:SELECT U_NAME FROM USERS WHERE U_NAME LIKE ?
  SQL Create User:INSERT INTO USERS VALUES ( ? , ? , ? )
  SQL Remove User:DELETE FROM USERS WHERE U_NAME = ?
  SQL List Groups:SELECT G_NAME FROM GROUPS WHERE G_NAME LIKE ?
  SQL Group Exists:SELECT G_NAME FROM GROUPS WHERE G_NAME = ?
  SQL Create Group:INSERT INTO GROUPS VALUES ( ? , ? )
  SQL Remove Group:DELETE FROM GROUPS WHERE G_NAME = ?
  SQL Is Member:SELECT G_MEMBER FROM GROUPMEMBERS WHERE G_NAME = ? AND G_MEMBER = ?
  SQL List Member Groups:SELECT G_NAME FROM GROUPMEMBERS WHERE G_MEMBER = ?
  SQL List Group Members:SELECT G_MEMBER FROM GROUPMEMBERS WHERE G_NAME = ? AND G_MEMBER LIKE ?
  SQL Remove Group Memberships:DELETE FROM GROUPMEMBERS WHERE G_MEMBER = ? OR G_NAME = ?
  SQL Add Member To Group:INSERT INTO GROUPMEMBERS VALUES( ?, ?)
  SQL Remove Member From Group:DELETE FROM GROUPMEMBERS WHERE G_NAME = ? AND G_MEMBER = ?
  SQL Remove Group Member:DELETE FROM GROUPMEMBERS WHERE G_NAME = ?
  SQL Get User Description:SELECT U_DESCRIPTION FROM USERS WHERE U_NAME = ?
  SQLSet User Description:UPDATE USERS SET U_DESCRIPTION = ? WHERE U_NAME = ?
  SQL Get Group Description:SELECT G_DESCRIPTION FROM GROUPS WHERE G_NAME = ?
  SQL Set Group Description:UPDATE GROUPS SET G_DESCRIPTION = ? WHERE G_NAME = ?
  And these are the SQLs for creating tables(Oracle 11G):
  CREATE TABLE USERS(
  U_NAME VARCHAR2(50) PRIMARY KEY,
  U_PASSWORD VARCHAR2(50) NOT NULL,
  U_DESCRIPTION VARCHAR2(50) NOT NULL);
  CREATE TABLE GROUPS(
  G_NAME VARCHAR2(50) PRIMARY KEY,
  G_DESCRIPTION VARCHAR2(50) NOT NULL);
  CREATE TABLE GROUPMEMBERS(
  G_NAME VARCHAR2(50) NOT NULL,
  G_MEMBER VARCHAR2(50) NOT NULL,
  CONSTRAINT PK_GROUPMEMBERS PRIMARY KEY(G_NAME,G_MEMBER));
  INSERT INTO USERS(U_NAME,U_PASSWORD,U_DESCRIPTION)VALUES('usera','passworda','userdesa');
  INSERT INTO GROUPS(G_NAME,G_DESCRIPTION)VALUES('groupa','groupdesa');
  INSERT INTO GROUPMEMBERS(G_NAME,G_MEMBER)VALUES('groupa','usera');
  COMMIT;
  I still can't see any users or groups in my SQLAuthenticator...
  Thank you!
  Edited by: Linyin.Huang on Jun 18, 2009 1:39 PM

• Portal UME data store and various options (Opinions needed!)

  We are currently exploring our options with connecting the portal (UME) to various data sources for user authentication. Per EP 101, we all know that yes, we can authenticate against (1) the portal db (2) the portal DB + an SAP system and (3) the portal db + a LDAP directory. Now, of course, in most cases, #3 is the standard option. But now, we want to explore another option.....what if we set up synchronization with the LDAP directoy (ie. http://help.sap.com/saphelp_nw04/helpdata/en/95/49cb3a663bfc70e10000000a114084/frameset.htm). For example, our process is such that now, within SAP R/3, a "new hire" is created and then this triggers the creation of their userid/password in the external LDAP directory as well. Is it possible to then have synchronization set up so that the LDAP directory will then synchronize with the portal db and create the user in the portal db itself? (the example given in the help file seems to suggest this but does not provide any detail). Then the portal could authenticate users against it's own db? (ie. no need to make a "trip" to the LDAP directory). Soooooo first off, is this possible and if so, how? Second, what are the pros/cons of this approach versus the standard option of simply using the LDAP directory for authentication and storing only portal specific attributes in the portal's own db? Lastly any "gotchas" to be aware of (ie such as "yes this works fine for NDS but no way will it work for MS-AD" haha)?
  oh...and one more...take the LDAP directory out of the picture for a moment...is it possible to "synchronize" directly from an SAP system (such as 4.6d or ECC5.0) directly with the portal db (as well as other SAP componenet systems)? (*this one is more out of curiousity than anything...past experience with CUA. haha)
  thanks BIG TIME in advance!
  Chris

  Chris I can answer the second part of your question only, sorry!
  It is possible to automatically sync users directly from a sap system, I currently do this for relase 4.7, so it should work ECC5 on onwards (you would think). As for 4.6c/d? I just posted a new thread asking that very question, hopefully someone helps!
  with NW04 portal and about SP13 or better you get a new UME connection option - dataSourceConfiguration_abap.xml, picking this automates the link between ABAP and portal users & roles.
  Any user created in 4.7 automatically appears in portal plus (this is the good bit) dataSourceConfiguration_abap.xml makes all ABAP security roles appear as portal groups. You then simply assign one of these replicated groups to your portal roles, so a user assignment to a role in ABAP seamlessly becomes assigned to a portal role, giving you portal use managment without having to go near the portal system.
  So it's not really like CUA at all, just a mechanism that automatically replicates all ABAP users & roles into the portal in a useable form
  hope that helps a little
  danny

• Which table stores SM04 (currently active users) data?

  HI all,
  what is the table which stores the SM04 currently active users data in sap?
  plzzzzzzzzz help me..
  Thanks all in advance ,
  Malti

  SM04 uses a kernel call to get the active user data, not table is involved:
  Get the list of logged on users
      CALL 'ThUsrInfo' ID 'OPCODE' FIELD OPCODE
          ID 'TAB' FIELD USR_TABL-SYS.
  Markus

• What is the table which stores the SM04 currently active users data

  HI all,
  what is the table which stores the SM04 currently active users data in sap?
  plzzzzzzzzz help me..
  Thanks  all in advance ,
  Malti

  Hi,
  Pl. check in tables USR02/USR01 for the list of users & logon data.
  Regards,
  SDS

• How to fetch Portal Users data ? (Including Mapping details)

  Hi all,
  I want to retrieve Portal users data with the detail of its mapping (i.e. if the user is mapped or not with backend user? and if yes, to which backend user?).
  Thanks,
  Tejas

  Thanks for the reply Nadav.
  But what I want is the complete list of all the users, the reason being there are more than 2000 users on Portal and going for this one by one mapping checking is not really feasible time and effort wise.
  So is there any way how can I get the users data from UME or LDAP? as I have both kinds of users.
  Please guide.
  Thanks and Regards.
  Tejas

• Portal language refresh / reload (user data source ABAP stack)

  Hello,
  I'm on SAP NetWeaver Portal 7.0 with user data source on ABAP stack.
  I'm trying to create simple JavaScript links for changing the Portal language.
  I was able to change the ABAP stack user's logon language by BAPI call.
  But the newly set language shows up only after the user logs out and logs in again.
  I know that in the WebDynpro for Java, which implements the UME user interface, there is a functionality, that allows that relogging of the user is not necessary. After setting the language you only refresh the browser page (F5) and the new language shows up.
  Does anyone know what function I should call, for the language refresh (could be the same as in UME standard WDJ)?

  Hi Andres,
  language doesn't change on the Portal. The content remains in the previous language.
  I know that the switching of Logon language parameter in the user profile in ABAP stack and logoff and login on the portal leads to change of the language on the Portal. But I don't know, how to do it without the relogging of the user.
  I change the Logon language in ABAP by AJAX call of BAPI.
  Thank you for any idea.
  Jiri

• Portal's ability to pull information from foreign data stores?

  Besides gateways, what are other alternatives to allow Portal to pull
  information from foreign data stores?

  Outside of gateways, the main way is to write a web provider/portlet that directly access the data in the store and formats the result into portlet html.

• Store user data row in modle session

  All,
  My use case is after successful login, i get a row in the VO. i don't want to store separate attributes in the model layer session and HTTP Session. How can i store the entire Row in the session and how do i access it. In my model layer i can do something like this
  getSession().getUserData().put("currentUserDetailsRow",  getVO.getFirst());but my problem is i will be writing the session syn code in a root class of the application module. So how do i get access to the VO there and how do i get the view object in all the other VOs ?
  hope i am clear here
  thnks
  jdev 11..1.15

  I would recommend to think again about the use case. You normally store this info on the client side in a session bean and pass the info needed to the model layer as method parameter.
  If you really want to store the info in the model layer too you always end up with separate stage l storage of the info. In addition you need to take care of activation and passivation of the user data.
  Timo

• Unable to created users through UME on portal with AS ABAP as its data sorc

  Hi,
  Unable to created users through UME on portal with AS ABAP as its data source.
  I have assigned SAP_BC_JSF_COMMUNICATION to the user SAPJSF but this only helps in editing the already existing users but not in creating new users on portal.
  I have checked that that the role SAP_BC_JSF_COMMUNICATION is properly generated and has *  in all authorizations. I have even assigned SAP_ALL and SAP_NEW to SAPJSF and another ID.
  DO we need to make any config changes to make the database writable from portal. Please advise.
  Thanks,

  Hi,
  If your system is a AS ABAP + +JAVA System,, you have to do the following
  1. Login to Client 001 using SAP GUI
  2. Create a user id
  3. Login to portal and you will be able to see the user.
  4.Assign him the portal rights
  If you want the portal to use seperate Database for USers, there is a setting in Visual admin, that you can change for the same, but i dont remember that

• How do I contain my OS purely on a small SSD drive, but store all user data on an additional internal HDD?

  Solid state drives are still pretty expensive, but the main benefit of SSD we all want doesn't require a lot of space. How do I keep the OS and Applications on the solid state, and the user data on an additional HDD inside of a Mac Pro?
  I'm afraid that if I just store my media/docs folders on the second drive (which, obviously take up the most space), I'm still operating within a small (ideally 64GB SSD) solid state. Which means any time I save something to my desktop or downloads folder I'm taking up space on the SSD rather then the HDD. On the flip side, I dont want put my whole user folder on the HDD because (correct me if I'm wrong) won't the apps launch from the HDD? Then you would lose the benefit of solid state (other then I/O times...).
  Does this make sense? I feel like there has the be a straight forward way to do this.
  Thanks for your help!

  ds store wrote:
  Naturally, which you have to enable of course or else if your users drives has directory issues you wouldn't have a user to boot into to fix it.
  When I said I always have backups I neglected to mention that one of those backups is always mounted so it is always available to boot from.
  The hatter wrote:
  A small home folder - yours - on the SSD is a way to improve performance because it does take a lot of hits and I/O's and while there is the "protect your SSD from writes" drives are also there to be used and as long as it isn't too tiny and has 40GB+ of free space, a month's worth if writes, use it and let the firmware and controller inside do all the agressive background work, even w/o TRIM.
  As I said I only want my key apps on the SSD and less used stuff off it.  If I wanted to fully maximize the disk performance then of course I would keep everything on the SSD.  But I prefer the convenience of having a common home dir across any volume I can to boot from.
  Putting the /Users on another drive via hard link didn't always work.
  I certainly never suggested that and I agree, its problematic.
  Not having a small user makes it harder.
  As I said above I always have another boot drive available to fall back on I also always have root (and lets not debate the pros and cons about root).  And then there's also my unmounted external backups too.

• IM server - store user data in files or directory?

  Is there a document that explains the advantages and disadvantages of storing user data in files vs the directory? Is one recommended above the other for new installations?

  JesseThompson wrote:
  Is there a document that explains the advantages and disadvantages of storing user data in files vs the directory? AFAIK no such document exists
  Is one recommended above the other for new installations?
  This depends upon your deployment

• BW Analytical Authorisations and Data Store Objects

  Hello All
  I am in the proces of trying to figure out how BW Analytical authorisations work as I have to build some authrisations for a new a new BW project.
  I understand the concept of BW Analytical authorisations. I have created an object linked to heirarchies via an info provider, and assigned it to a user and it works great. The problem is that I then went and ran a generation for heirarchies and I specified the Z info provider my analytical authorisation object was linked to. Now I find that all usrs on the system have access to my object and I need to remove this. Even new users on the system automatically get this access.
  I have read note 1052242 which explains that I can remove the authorisations using data store objects (DSOs). The thing is that I do not know how to maintain these DSOs..
  Can anyone help with this. Once I know how to maintain the DSO I can add in the required D_E_L_E_T_E entry and re-run the genration and hopefully this will solve my problem.
  Thank You In Advance
  Best Regards

  Hi Anwar,
  if your question is how to update data into a DSO, then I recommend you read the documentation.
  http://help.sap.com/saphelp_nw70/helpdata/en/f9/45503c242b4a67e10000000a114084/frameset.htm
  You require basic BW knowledge for that.
  If your background is more ABAP then think about making the DSO a DSO for direct update.
  That way you do not need BW knowledge and you can use ABAP instead to modify the data in the DSO.
  These Function modules of the API can be used:
  ●      RSDRI_ODSO_INSERT: Inserts new data (with keys not yet in the system).
  ●      RSDRI_ODSO_MODIFY:  inserts data having new keys; for data with keys already in the system, the data is changed.
  ●      RSDRI_ODSO_UPDATE: changes data with keys in the system
  ●      RSDRI_ODSO_DELETE_RFC: deletes data
  More information about these Function Module is here
  http://help.sap.com/saphelp_nw70/helpdata/en/c0/99663b3e916a78e10000000a11402f/frameset.htm
  However, if that doesn't solve your original problem with the authorizations, here are some useful links that I found helpful when implementing BW Analysis Authorizations.
  SDN area for Analysis Authorizations
  http://wiki.sdn.sap.com/wiki/display/BI/AuthorizationinSAPNWBI#AuthorizationinSAPNWBI-Differencebetweenrssmandrsecadmin
  Marc Bernard session
  https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/media/uuid/ac7d7c27-0a01-0010-d5a9-9cb9ddcb6bce
  SAP release note for new Analysis Authorizations
  http://help.sap.com/saphelp_nw04s/helpdata/en/80/d71042f664e22ce10000000a1550b0/frameset.htm
  Best,
  Ralf

• Help!!! Error to Configure Data Store....

  I am having trouble installing a Date Store.
  I can access my repository through the PHP LDAP Admin, but in OPENSSO not list the users.
  When I install the OPENSSO and set a date Store outside it connects to the repository but can not give any user of the repository.
  When a create a new user gives this error:
  Plug-in com.sun.identity.idm.plugins.ldapv3.LDAPv3Repo encountered an ldap exception 17: inetUserStatus: attribute type undefined
  My configuration
  Configuration Store Details edit...
  SSL Enabled No
  Host Name localhost
  Listening Port 50389
  Root Suffix dc=portal,dc=network,dc=xxxx
  User Name cn=admin,dc=yyyy,dc=network,dc=xxxx
  Directory Name /opt/openssocfg
  User Store Details edit...
  SSL Enabled No
  Host Name ZZ.ZZ.ZZZ.ZZZ
  Listening Port 389
  Root Suffix ou=cds,dc=coreo,dc=network,dc=ctbc
  User Name cn=admin,dc=coreo,dc=network,dc=xxxx
  Store Type Generic LDAP
  Site Configuration Details edit...
  This instance is not setup behind a load balancer

  Hi I got success by following these steps:
  http://blogs.sun.com/indira/entry/using_openldap_as_user_data
  But still I am having some problems:
  Creating Groups;
  --For create groups I haved change in LDAP the schema core.
  objectclass ( 2.5.6.17 NAME 'groupOfUniqueNames'
       DESC 'RFC2256: a group of unique names (DN and Unique Identifier)'
       SUP top STRUCTURAL
       MUST ( cn It was here)
       MAY ( businessCategory $ uniqueMember ---- It is here now $ seeAlso $ owner $ ou $ o $ description ) )
  Add users to Groups
  - Plug-in com.sun.identity.idm.plugins.ldapv3.LDAPv3Repo encountered an ldap exception 18: modify/add: memberOf: no equality matching rule
  Edited by: joncmuniz on Sep 4, 2008 1:17 PM

• Error while activating Data Store Object

  Hi Guru's,
  When I try to activate a data store object i get the error message :
       The creation of the export DataSource failed     
       No authorization to logon as trusted sys tem (Trusted RC=2).     
       No authorization to logon as trusted sys tem (Trusted RC=2).     
       Error when creating the export DataSource and dependent      Program ID 4SYPYCOPQ94IXEGA3739L803Z retrieved for DataStore object ZODS_PRA

  Hi,
  you are facing a issue with your source system 'myself', check and repair it. Also check if the communication user (normally ALEREMOTE) has all permissions needed.
  kind regards
  Siggi