Restrict Data for a user without VPD

Similar Messages

• Restrict data for a user profile

  Hi,
  I've made a jsp application where i implemented a users profiles for the screens, so i defined that user x can access to the jsp y in insert mode but can't access in remove mode.
  But now i need to implement a second profile that restrict the data that the user can see, like a Portuguese user can only see Portuguese citys and i don't know what is the best way of doing this, i'm using a BC4J.
  Any ideias
  thanks in advanced
  rjc

  Hi,
  Not exactly sure the exact details of what you are trying to achieve, but when the user logs in you can create a session variable that can be retrieved during the user's session. You implement this by using:
  session.setAttribute(String attrname, String attr)
  Then you can retrieve the attribute at a later time. So on your jsp page (I'm not sure of your table structure) you can do something similar to this:
  <%String whereclause = "Country=" + session.getAttribute("Country");%>
  <jbo:ViewObject id="CityView" whereclause="<%=whereclause%>">
  Hope this helps....
  A
  Hi,
  I've made a jsp application where i implemented a users profiles for the screens, so i defined that user x can access to the jsp y in insert mode but can't access in remove mode.
  But now i need to implement a second profile that restrict the data that the user can see, like a Portuguese user can only see Portuguese citys and i don't know what is the best way of doing this, i'm using a BC4J.
  Any ideias
  thanks in advanced
  rjc

• How to restrict data for certain users (brokers) in CRM

  Hi Team,
  We need to restrict brokers on their ability to 'see' and create trade promotions for only a given set of customers.
  Example:
  Broker Joe Smith can only see through t-code BP 3 customers, even though their are 10 customers created in the CRM system.
  Same goes for the t-code CRM_MKTPL (trade promotions), how do we restrict Joe Smith from creating promotions for only those 3 customer and not the other 7 customers?
  Any help is appreciated.
  Has anyone restricted any transaction like this before?
  Does it need ABAP programming? or does it need additional security roles?
  Thanks,

  The access control engine in CRM, is probably your best bet for this option.  I have not used it, but we did evaluate the use of the product.  I know this product works in BP, but I have not looked to see whether it hooks in CRM_MKTPL.
  Do a search on ACE in this forums or in the CRM help documentation.  Try this link for some basic information
  http://help.sap.com/saphelp_crm40sr1/helpdata/en/a9/04c42a9e207545b47a32d1d05f53c3/frameset.htm
  Good luck,
  Stephen

• Hide Unit price from sales order for sales user without change authorization of document setting

  Hi all expert
  Hide Unit price from sales user without change authorization of document setting.
  I have also refer this note
  SAP B1 2005 Purchas Order,Good Reciept PO'S, and Unit Price Block
  but sill I had not getting my proper solution.
  I want to restrict sales person to see & access unit price. Here I know option of block authorization of document setting but its not good option because , In future ,if sales user wants to changes forms setting in future so Its become problematic for user. so I want do this without restrict user for form setting & only hide unit price table from him/her. also He/her able to access form setting with out unit price.
  Please reply
  Amol Nikam

  Hi Experts,
  Please Tell me Is there any option "Hide Unit price from sales order for sales user without change authorization of document setting"
  Regards/Thanks
  Amol

• How should restrict data for particular month?

  Hi Experts,
  How should retrieve data for particular month without where condition.

  Hi,
  You must be having Month Object right in your Webi?
  User will be given opportunity to Select his/her required [Month]
  Create variable as =Userresponse("Enter value for Month")same text as you are giving in the Prompt text....Name it as [UMonth]
  Go to analysis tab..Filter..Add filter...[Month]=[UMonth]
  always this report will run for the month user require

• How to Use 'uid' for AD Users Without Domain Name For User Log in OAM

  How to Use 'uid' for synchronized Active Directory (AD) Users into Oracle Internet Directory (OID) Without Domain Name For User Logins in OIDDAS and OAM
  We successfully integrated OAM 11g with EBS R12.1.3 Now all the AD user id's stored in fnd_users table as [email protected]
  How can we remove @abc.com
  We are using OID 11g and OAM 11g
  Found the similar note for OID 10G: How to Use 'uid' for AD Users Without Domain Name For User Logins in OIDDAS and SSO [ID 580480.1]
  We are in OID 11g.
  Any help on this greatly appreciated.

  I couldn't find any reference that could be helpful -- Please log a SR and see if this is supported and if the steps are available.
  Thanks,
  Hussein

• Is there any object in labview that contains a list of data for the user to select (selection one at a time) or add a new data?

  Is there any object in labview that contains a list of data for the user to select (selection one at a time) or add a new data?

  List and table controls -> listbox..is that what you are thinking of?
  The listbox presents the user with a list of options, and you can set it to only accept one selection at a time...Adding new data to the list can not be done directly by the user but if you make e.g. a text control and a button you can programatically insert new objects described in the text box when the button is pressed...(see example).
  If you need more than one column you have the multicolumn listbox. If you want the users to write new entries directly yu can use a table and read selected cells using it's selection start property to read what cell has been selected.
  MTO
  Attachments:
  Listbox_example.vi ‏34 KB

• Save persistents data for all users

  Hi
  The persistent datas are save for one specified user, the user logged in into the system (e.g. Windows).
  Is it possible to save persistent data for ALL users?
  If yes how?
  Thanks
  Hans

  Hi Hans
  IMO it might be a bit tricky. As you know - Persistence objects are stored in databases. I presume you're not asking about document database. Second database is stored in SavedData file which is located in per user data directory. I.E. on mac in ~/Library/Caches/Adobe Indesign/Version 6.0/en_US/Indesign SavedData
  Probably you need to create your own implementation of persistence or take a look on relations between file system and IDataBase interface.
  Regards
  Bartek

• Can I bundle flash player with a free downlodable gaming service that requires flash? Or can I download it for the user without making users to step out  from my product to a completely different flow?

  We have a free downloadable gaming service that requires flash player in order to operate properly.
  I am trying to figure our how can I make users who don't have flash to download it, but I don't want these users to leave my service and start a different download flow in a different website (adobe's) .
  I thought about several different options but don't know what would be considered legal or legit:
  1. download flash along with my product- this means I will have to add another offer screen to my installation? if so, it will damage my conversion.
  2. downloading flash for the user without consent- probably will result with AV alerts
  3. open an iframe for users who don't have flash where I'll ask users to download flash--> that still will redirect users to adobe website to complete the process, which will damage my usage...
  any comments on the above or additional ideas?
  Thanks
  Tom

  Unfortunately, I don't think that our license currently grants the rights that you're looking for.  We do allow for the inclusion of original installers on physical media to address the situation of installation where an Internet connection is not guaranteed to be available; however, the Adobe download center serves an important role in the cost-recovery efforts for the continued development, maintenance and distribution of Flash Player, which is a tremendously expensive undertaking. I think it's unlikely that we would agree to allow the inclusion of Flash Player installers in scenarios where the host installer requires an internet connection.
  Here is a brief summary of the rights granted by this license:
  Licensee is permitted to distribute Adobe Web Players to multiple clients in a closed intranet environment.
  Licensee is permitted to distribute Adobe Web Players to multiple end-users by including the Player installers on CDs, DVDs or other physical media.
  Usage of Adobe Web Players is only permitted for supported platforms; usage rights on non-PC devices or embedded systems are not granted by this license.
  Licensee must use the installers as-is without modification.
  Licensees, at their discretion, are entitled to display the Flash Enabled and/or Shockwave logos on products or intranet sites according to the Style Guide.
  On the plus side, you don't have to worry about serving your users outdated or vulnerable Flash Player versions, and keeping those embedded copies constantly updated would be a lot of overhead.
  Chrome and Internet Explorer on Win8+ always have Flash Player built-in, so those users are generally going to be in good shape (and you shouldn't redirect them to the download anyway, because we'll just give them a message about it already being installed).  IE11 eliminates JavaScript support for conditional comments and various other methods for fingerprinting and targeting IE with IE-specific logic, so you'll want to pay attention to that experience, particularly on Win8+ (i.e. your detection logic might need to be tweaked on this config, if it's depending on isMSIE to do the correct thing... there is a lot of busted Flash detection in the world on this target at the moment...)
  For NPAPI browsers (Safari, Firefox), users are going to have to close the browser to complete the install process, so I don't think that offering the download in an iframe is going to buy you much, and would probably make it more difficult to complete the installation steps, ultimately doing more harm than good. 
  In the case of Safari, the installer re-launches Safari at the end of the installation process, and it does so without reopening all of the previously opened tabs.  I'm hoping that we won't have to live with that issue much longer, but I want to be transparent about the impact to your user experience.  Safari users are going to lose the tab with your site in it during the installation process no matter what. 
  There's also an install mechanism called Express Install, which you can invoke automatically when you detect that Flash Player is not installed, or is below the version that you require.  Off the top of my head, I don't know exactly what happens in every possible install scenario (patch update vs. feature update, by OS and browser).  I think some configs require you to restart and others like IE on Windows don't.  It's all dictated by browser limitations, which are constantly moving targets. 
  In short, we recommend that everyone use SWFObject2 for detecting Flash from JavaScript, and they make it pretty easy to invoke upgrades via ExpressInstall.
  SWFObject: Javascript Flash Player detection and embed script | deconcept

• MB5B showing diff data for diff users

  Dear All,
  At my client side in standard report MB5B for one user data for particular material is coming while for another user
  it is showing no data.
  I have checked authorization object in SU53 but it is having no problem.
  Roles,parameters and profiles are correct in both.
  Also i have checked all materials in MB5B for both users and found the materials which are having nil stock in current
  date are not showing data for that user while for other user it is showing data.
  What could be the reason and what changes are required in user profiles??
  Thanks,
  Naren

  Thanks Ajit....in category it was not tick..
  Naren

• Restricting  Access for SQ01 User Group

  Hi ,
  Please let me how to Restrict  Access for a   User Group  to only some of  the specific users?
  Thank you
  Edited by: Vibhor Arora on Apr 12, 2010 7:29 AM

  Hi,
  Can you please clarify what exactly you want to know, your request can be interpreted in a few different ways.
  If you are concerned that people have access to all user groups, then you need to remove access to S_QUERY activity 02 and I think activity 23.  They will lose access to all user groups that they are not assigned to via SQ03.

• HT5534 How do i purchase keynote for multiple users without a MAC computer?

  How do i purchase keynote for multiple users without a MAC computer?

  Guy, you see, I understand you need to be with the Mac you want to download Keynote.
  And yeah, Keynote only works with the Mac OSX and iOS

• How to restrict login for multiple users having same Role

  Our Web Application is deployed on Tomcat 5.5
  The requirement is ?
  There are roles in application like "operator", "admin"?
  There are multiple users created for each of the above role.
  When one user of "operator" role is logged in, then
  It should not allow to login for another user of "operator" role.
  Also, if user did not log out & application gets close, then
  It should not allow to login for another user of "operator" role.
  Also, it should not allow to login for multiple requests of same user
  (using another browser instance...)
  Is it possible using session object?
  But, using session object, it will create separate objects for different users,
  So here I will not be able to restrict session object creation rolewise.
  Also, how to retrieve these multiple session objects created for different users on server?
  If anyone is having the solution please reply as soon as possible,
  Thank you.

  To tell you the truth, this is a stupid requirement. It must be an extremely fragile application.
  In any case, you will have to write your stuff for that. Probably a filter that on login, logout, and session expiration checks, makes, or removes entries in a DB (using a synchronized resource to prevent race conditions) or possibly even simply in an application context object.

• How to apply Software Restriction policy for specific user in local group policy object ?

  I am working on implementing user based software restriction policy programmatically for local group policy object.
  If i create a policy through Domain Controller,i do have option for software restriction policy in user configuration but in local group policy editor i don't have option for that.
  When i look for the changes made by policy applied from Domain Controller in registry, they modifies registry values for specific users on path HKEY_USERS\(SID of User)\Softwares\Policies\Microsoft\Windows\Safer\Codeidentifiers
  They also have registry.pol stored in SYSvol folder in Domain Controller. When i make the same changes in registry to block any other application, application is getting blocked.
  I achieved what i wanted but is it right to modify registry values ?  
  PS:- I am using Igrouppolicyobject API

  I achieved what I wanted but is it right to modify registry values ?
  You also can modify a registry programmatically based policy. Check this:
  http://blogs.msdn.com/b/dsadsi/archive/2009/07/23/working-with-group-policy-objects-programmatically-simple-c-example-illustrating-how-to-modify-a-registry-based-policy.aspx
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• SEM-BPS how to load additional data for special users at runtime?

  Let´s assume you have a transactional info cube which contains SD Data from the source system.
  If you want to show additional data, let´s say the attributes of the sold materials which can be read in the table MARA of the source system (provided you use R/3, etc.)
  and you only want to show this data for a small amount of users, which need to see it, then i wonder how to do  this.
  am i right, that i can use the exit functions to init key figures, i.e. i could write some code which connects to the source system over RFC, downloads the data at runtime and presents it at the users excel sheet????
  moreover, is it necessary to extend the existing cube, just to achieve this aim?
  Message was edited by: Gideon Lenz

  Hello Gideon,
  there's no need to program anything. You can display any attribute in planning layouts. In your case you would extract the master data from material from SAP R/3 (MARA) into BW. The setup the layout to show the required attribute(s) in the layout in BPS.
  If the attribute is relevant only for a specific user group, just give them access to this "special" layout (create a planning folder or web interface for this group).
  Regards
  Marc
  SAP NetWeaver RIG