SAP R/3 : read only acces role
Hi,
I need to provide full read access to our SAP R/3 system to an auditor. Does R/3 provide any predefined role/set of roles to accomplish this task ?
Kind regards,
HI,
These are the sap standard auditor roles.
SAP_AUDITOR_A
SAP_AUDITOR_ADMIN
SAP_AUDITOR_ADMIN_A
SAP_AUDITOR_BA_A
SAP_AUDITOR_BA_CFM
SAP_AUDITOR_BA_CFM_A
SAP_AUDITOR_BA_CO
SAP_AUDITOR_BA_CO_A
SAP_AUDITOR_BA_EC_CS
SAP_AUDITOR_BA_EC_CS_A
SAP_AUDITOR_BA_EC_PCA
SAP_AUDITOR_BA_EC_PCA_A
SAP_AUDITOR_BA_EXPORT_DATA
SAP_AUDITOR_BA_FI_AA
SAP_AUDITOR_BA_FI_AA_A
SAP_AUDITOR_BA_FI_AP
SAP_AUDITOR_BA_FI_APMD
SAP_AUDITOR_BA_FI_APMD_A
SAP_AUDITOR_BA_FI_AR
SAP_AUDITOR_BA_FI_ARMD
SAP_AUDITOR_BA_FI_ARMD_A
SAP_AUDITOR_BA_FI_CJ
SAP_AUDITOR_BA_FI_CJ_A
SAP_AUDITOR_BA_FI_GL
SAP_AUDITOR_BA_FI_SL
SAP_AUDITOR_BA_FI_SL_A
SAP_AUDITOR_BA_HR
SAP_AUDITOR_BA_HR_A
SAP_AUDITOR_BA_MM
SAP_AUDITOR_BA_MM_IM
SAP_AUDITOR_BA_MM_IM_A
SAP_AUDITOR_BA_MM_IV
SAP_AUDITOR_BA_MM_IV_A
SAP_AUDITOR_BA_MM_PUR
SAP_AUDITOR_BA_MM_PUR_A
SAP_AUDITOR_BA_ORGA
SAP_AUDITOR_BA_RE
SAP_AUDITOR_BA_RE_A
SAP_AUDITOR_BA_SD
SAP_AUDITOR_BA_SD_A
SAP_AUDITOR_DS
SAP_AUDITOR_DS_A
SAP_AUDITOR_SA
SAP_AUDITOR_SA_BC
SAP_AUDITOR_SA_BC_CCM_USR
SAP_AUDITOR_SA_BC_CUS_TOL
SAP_AUDITOR_SA_CCM_USR
SAP_AUDITOR_SA_CUS_TOL
SAP_AUDITOR_TAX_A
SAP_AUDITOR_TAX_AA
SAP_AUDITOR_TAX_AA_A
SAP_AUDITOR_TAX_COPS
SAP_AUDITOR_TAX_COPS_A
SAP_AUDITOR_TAX_FI
SAP_AUDITOR_TAX_FI_A
SAP_AUDITOR_TAX_HR
SAP_AUDITOR_TAX_MM
SAP_AUDITOR_TAX_MM_A
SAP_AUDITOR_TAX_SD
SAP_AUDITOR_TAX_SD_A
SAP_AUDITOR_TAX_TR
SAP_AUDITOR_TAX_TR_A
Similar Messages
-
Business Connector - Read only - Administrator role
Hi Community,
We've currently got SAP 4.8 running in our environment.
The situation is that often developers need to check the extended settings, logs, or what jobs are scheduled.
The two main roles are Developer or administrator.
The only way to get access to the web GUI admin page is to assign the administrator role.
Does anyone know how to assign a "read-only" role for the web admin page?
I would then assign this to a developer rather than give them full administrator access on business connector.
Kind Regards,
ChrisTo the best of my knowledge thats not an option.
But like to hear it if otherwise.
Regards
Juan -
Hello Everyone
Is there something like read-only OIM Admin role?. My manager wants to just see everything done by a system administrator or xelsysadmin . He doesn't want to modify any date, but he just wants to access everything added by the administrator.
Thank YouHi,
I hope you are using OIM 11g R2.
If yes, then OOTB OIM provides many Admin Roles under organization section. For example: User Viewer, HelpDesk, Org Admin etc.
You can use any of the OOTB admin roles to fulfill your requirement.
HTH
J -
DB read only access role with properties view of a database
Hi,
We need to access database properties for SQL server 2000/2005/2008. I am pretty sure that 2005/2008 can be accessed with db_datareader role. Not sure whether same can be used with SQL 2000 instances. CAn anyone provide clarity on this?You can use db_datareader on SQL 2000, but as Satish says, you don't need it only to access database properties.
Erland Sommarskog, SQL Server MVP, [email protected] -
Read only access to J2EE related tools
Hello,
I would like to help our auditors access everything they need to check in the Java systems, but I am not ready to give them ADMIN accounts. That`s why I need some kind of read only access for them.
So I would like to ask you if there is a SAP Note about the read only access roles for J2EE/ Java AS?
I am afraid there is no such note available, so can anybody share any experience with granting read only access to the Java system? I know how to grant access to the whole NWA, but what about the rest?
Examples:
- is there a way how to grant read only access only to the UME?
- is there a role for read only access to the portal PCD?
- is there something similar for KM access?
Or has anybody ever tried to split the admin roles into smaller pieces? Is there a description/ document how to do such thing?
Thank you for your time and effort,
cheers OttoHi,
thanks for trying, but I can use help.sap.com and was on that page before.
Maybe if there were any examples there or better: if the whole thing would be more granular (I see no point in using roles starting with SUPER, containing ADMIN or ending with ALL). I am looking for roles for surgery or for auditing. I don`t want to give anybody these super/admin/all roles just like that.
If you can suggest how to use that page, that would be cool. Otherwise I see no use.
By the way: another question of mine about surgery: How to restrict access to download/ upload UME configuration file
I would like to know how to controla access to this specific feature, nothing else.
Thanks for the time and effort,
cheers Otto -
Create a user with read only access in the weblogic server 10.3.5
Hi Friends,
I am getting the below exception after creating a user (soa_read_only) with read only access in the logs after logging in with this user credentials:
[2011-11-28T13:22:32.781+05:30] [AdminServer] [WARNING] [] [oracle.jps.admin] [tid: [ACTIVE].ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: soa_read_only] [ecid: 49233e31d176bb92:78c87a90:133e90b0482:-8000-00000000000005d2,0] Access denied. Required roles: Operator, Admin, executing subject: principals=[soa_read_only, Monitors][[
java.lang.SecurityException: Access denied. Required roles: Operator, Admin, executing subject: principals=[soa_read_only, Monitors]
at oracle.as.jmx.framework.wls.spi.security.WLSMBeanSecurityHelper.isInWlsGlobalSecurityRoles(WLSMBeanSecurityHelper.java:245)
at oracle.as.jmx.framework.wls.spi.security.WLSMBeanSecurityHelper.checkGlobalSecurityRoleBasedAccess(WLSMBeanSecurityHelper.java:139)
at oracle.as.jmx.framework.wls.spi.security.WLSMBeanAccessControllerSPIImpl.checkLogicGlobalSecurityRoleAccess(WLSMBeanAccessControllerSPIImpl.java:35)
at oracle.as.jmx.framework.MBeanAccessControllerImpl.checkLogicGlobalSecurityRoleAccess(MBeanAccessControllerImpl.java:52)
at oracle.security.jps.mas.mgmt.jmx.policy.JpsAdminRoleImpl.checkRole(JpsAdminRoleImpl.java:182)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at oracle.as.jmx.framework.standardmbeans.spi.OracleStandardEmitterMBean.doInvoke(OracleStandardEmitterMBean.java:973)
at oracle.adf.mbean.share.AdfMBeanInterceptor.internalInvoke(AdfMBeanInterceptor.java:104)
at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doInvoke(AbstractMBeanInterceptor.java:252)
at oracle.as.jmx.framework.generic.spi.security.AbstractMBeanSecurityInterceptor.internalInvoke(AbstractMBeanSecurityInterceptor.java:190)
at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doInvoke(AbstractMBeanInterceptor.java:252)
at oracle.security.jps.ee.jmx.JpsJmxInterceptor$2.run(JpsJmxInterceptor.java:344)
at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:413)
at oracle.security.jps.ee.jmx.JpsJmxInterceptor.internalInvoke(JpsJmxInterceptor.java:360)
at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doInvoke(AbstractMBeanInterceptor.java:252)
at oracle.as.jmx.framework.generic.spi.interceptors.ContextClassLoaderMBeanInterceptor.internalInvoke(ContextClassLoaderMBeanInterceptor.java:103)
at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doInvoke(AbstractMBeanInterceptor.java:252)
at oracle.as.jmx.framework.generic.spi.interceptors.MBeanRestartInterceptor.internalInvoke(MBeanRestartInterceptor.java:116)
at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doInvoke(AbstractMBeanInterceptor.java:252)
at oracle.as.jmx.framework.generic.spi.interceptors.LoggingMBeanInterceptor.internalInvoke(LoggingMBeanInterceptor.java:524)
at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doInvoke(AbstractMBeanInterceptor.java:252)
at oracle.as.jmx.framework.standardmbeans.spi.OracleStandardEmitterMBean.invoke(OracleStandardEmitterMBean.java:887)
at oracle.as.jmx.framework.standardmbeans.spi.OracleStandardEmitterConfigMBean.doInvoke(OracleStandardEmitterConfigMBean.java:398)
at oracle.as.jmx.framework.standardmbeans.spi.OracleStandardEmitterConfigMBean.invoke(OracleStandardEmitterConfigMBean.java:365)
at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:836)
at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:761)
at weblogic.management.mbeanservers.domainruntime.internal.FederatedMBeanServerInterceptor.invoke(FederatedMBeanServerInterceptor.java:349)
at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$16.run(WLSMBeanServerInterceptorBase.java:449)
at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.invoke(WLSMBeanServerInterceptorBase.java:447)
at weblogic.management.mbeanservers.internal.JMXContextInterceptor.invoke(JMXContextInterceptor.java:263)
at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$16.run(WLSMBeanServerInterceptorBase.java:449)
at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.invoke(WLSMBeanServerInterceptorBase.java:447)
at weblogic.management.mbeanservers.internal.SecurityMBeanMgmtOpsInterceptor.invoke(SecurityMBeanMgmtOpsInterceptor.java:65)
at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$16.run(WLSMBeanServerInterceptorBase.java:449)
at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.invoke(WLSMBeanServerInterceptorBase.java:447)
at weblogic.management.mbeanservers.internal.SecurityInterceptor.invoke(SecurityInterceptor.java:444)
at weblogic.management.jmx.mbeanserver.WLSMBeanServer.invoke(WLSMBeanServer.java:323)
at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder$11$1.run(JMXConnectorSubjectForwarder.java:663)
at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder$11.run(JMXConnectorSubjectForwarder.java:661)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder.invoke(JMXConnectorSubjectForwarder.java:654)
at javax.management.remote.rmi.RMIConnectionImpl.doOperation(RMIConnectionImpl.java:1427)
at javax.management.remote.rmi.RMIConnectionImpl.access$200(RMIConnectionImpl.java:72)
at javax.management.remote.rmi.RMIConnectionImpl$PrivilegedOperation.run(RMIConnectionImpl.java:1265)
at javax.management.remote.rmi.RMIConnectionImpl.doPrivilegedOperation(RMIConnectionImpl.java:1367)
at javax.management.remote.rmi.RMIConnectionImpl.invoke(RMIConnectionImpl.java:788)
at javax.management.remote.rmi.RMIConnectionImpl_WLSkel.invoke(Unknown Source)
at weblogic.rmi.internal.ServerRequest.sendReceive(ServerRequest.java:174)
at weblogic.rmi.internal.BasicRemoteRef.invoke(BasicRemoteRef.java:222)
at javax.management.remote.rmi.RMIConnectionImpl_1035_WLStub.invoke(Unknown Source)
at javax.management.remote.rmi.RMIConnector$RemoteMBeanServerConnection.invoke(RMIConnector.java:993)
at weblogic.management.remote.wlx.ClientProvider$WLXMBeanServerConnectionWrapper.invoke(ClientProvider.java:291)
at weblogic.management.remote.wlx.ClientProvider$WLXMBeanServerConnectionWrapper.invoke(ClientProvider.java:291)
at oracle.sysman.emSDK.sec.targetauth.emas.EMASConnection.checkTargetRole(EMASConnection.java:222)
at oracle.sysman.emSDK.sec.targetauth.EMTargetAuthService.checkTargetRoleEx(EMTargetAuthService.java:625)
at oracle.sysman.emSDK.sec.targetauth.EMTargetAuthService.checkTargetRoleEx(EMTargetAuthService.java:595)
at oracle.sysman.emSDK.sec.targetauth.EMTargetAuthService.checkTargetRole(EMTargetAuthService.java:577)
at oracle.sysman.emSDK.sec.authz.EMAuthzService.checkPermission(EMAuthzService.java:288)
at oracle.sysman.emSDK.pagemodel.menu.EMMenuCommand.getMenuItem(EMMenuCommand.java:681)
at oracle.sysman.core.app.menu.XMLMenuManager.createEMMenuItem(XMLMenuManager.java:1595)
at oracle.sysman.core.app.menu.XMLMenuManager.createEMMenu(XMLMenuManager.java:1421)
at oracle.sysman.core.app.menu.XMLMenuManager.getTargetMenu(XMLMenuManager.java:529)
at oracle.sysman.core.view.menu.MenuBarUIBean.populateTargetMenu(MenuBarUIBean.java:1023)
at oracle.sysman.core.view.menu.MenuBarUIBean.getFarmMenuComp(MenuBarUIBean.java:696)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at javax.el.BeanELResolver.getValue(BeanELResolver.java:261)
at com.sun.faces.el.DemuxCompositeELResolver._getValue(DemuxCompositeELResolver.java:173)
at com.sun.faces.el.DemuxCompositeELResolver.getValue(DemuxCompositeELResolver.java:200)
at com.sun.el.parser.AstValue.getValue(Unknown Source)
at com.sun.el.ValueExpressionImpl.getValue(Unknown Source)
at com.sun.faces.application.ApplicationImpl.createComponent(ApplicationImpl.java:250)
at javax.faces.webapp.UIComponentELTag.createComponent(UIComponentELTag.java:222)
at javax.faces.webapp.UIComponentClassicTagBase.createChild(UIComponentClassicTagBase.java:513)
at javax.faces.webapp.UIComponentClassicTagBase.findComponent(UIComponentClassicTagBase.java:782)
at javax.faces.webapp.UIComponentClassicTagBase.doStartTag(UIComponentClassicTagBase.java:1354)
at org.apache.myfaces.trinidad.webapp.UIXComponentELTag.doStartTag(UIXComponentELTag.java:75)
at oracle.adfinternal.view.faces.unified.taglib.UnifiedMenuTag.doStartTag(UnifiedMenuTag.java:51)
at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:50)
at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
at oracle.jsp.runtime.tree.OracleJspNode.execute(OracleJspNode.java:89)
at oracle.jsp.runtimev2.ShortCutServlet._jspService(ShortCutServlet.java:89)
at oracle.jsp.runtime.OracleJspBase.service(OracleJspBase.java:30)
at oracle.jsp.runtimev2.JspPageTable.compileAndServe(JspPageTable.java:665)
at oracle.jsp.runtimev2.JspPageTable.service(JspPageTable.java:387)
at oracle.jsp.runtimev2.JspServlet.internalService(JspServlet.java:802)
at oracle.jsp.runtimev2.JspServlet.service(JspServlet.java:726)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:821)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:27)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.sysman.eml.app.JSPFilter.doFilter(JSPFilter.java:93)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at weblogic.servlet.internal.RequestDispatcherImpl.invokeServlet(RequestDispatcherImpl.java:524)
at weblogic.servlet.internal.RequestDispatcherImpl.include(RequestDispatcherImpl.java:444)
at weblogic.servlet.jsp.PageContextImpl.include(PageContextImpl.java:164)
at weblogic.servlet.jsp.PageContextImpl.include(PageContextImpl.java:185)
at oracle.jsp.runtime.tree.OracleJspIncludeNode.execute(OracleJspIncludeNode.java:49)
at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
at oracle.jsp.runtime.tree.OracleJspIterationTagNode.executeHandler(OracleJspIterationTagNode.java:45)
at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
at oracle.jsp.runtime.tree.OracleJspIterationTagNode.executeHandler(OracleJspIterationTagNode.java:45)
at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
at oracle.jsp.runtime.tree.OracleJspNode.execute(OracleJspNode.java:89)
at oracle.jsp.runtimev2.ShortCutServlet._jspService(ShortCutServlet.java:89)
at oracle.jsp.runtime.OracleJspBase.service(OracleJspBase.java:30)
at oracle.jsp.runtimev2.JspPageTable.compileAndServe(JspPageTable.java:665)
at oracle.jsp.runtimev2.JspPageTable.service(JspPageTable.java:387)
at oracle.jsp.runtimev2.JspServlet.internalService(JspServlet.java:802)
at oracle.jsp.runtimev2.JspServlet.service(JspServlet.java:726)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:821)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:27)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.sysman.eml.app.JSPFilter.doFilter(JSPFilter.java:93)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at weblogic.servlet.internal.RequestDispatcherImpl.invokeServlet(RequestDispatcherImpl.java:524)
at weblogic.servlet.internal.RequestDispatcherImpl.include(RequestDispatcherImpl.java:444)
at weblogic.servlet.jsp.PageContextImpl.include(PageContextImpl.java:164)
at weblogic.servlet.jsp.PageContextImpl.include(PageContextImpl.java:185)
at oracle.adfinternal.view.faces.taglib.region.IncludeTag.__include(IncludeTag.java:442)
at oracle.adfinternal.view.faces.taglib.region.IncludeTag.doEndTag(IncludeTag.java:232)
at oracle.adfinternal.view.faces.taglib.region.PageTemplateTag.doEndTag(PageTemplateTag.java:162)
at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:63)
at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
at oracle.jsp.runtime.tree.OracleJspClassicTagNode.evalBody(OracleJspClassicTagNode.java:87)
at oracle.jsp.runtime.tree.OracleJspBodyTagNode.executeHandler(OracleJspBodyTagNode.java:58)
at oracle.jsp.runtime.tree.OracleJspCustomTagNode.execute(OracleJspCustomTagNode.java:261)
at oracle.jsp.runtime.tree.OracleJspNode.execute(OracleJspNode.java:89)
at oracle.jsp.runtimev2.ShortCutServlet._jspService(ShortCutServlet.java:89)
at oracle.jsp.runtime.OracleJspBase.service(OracleJspBase.java:30)
at oracle.jsp.runtimev2.JspPageTable.compileAndServe(JspPageTable.java:665)
at oracle.jsp.runtimev2.JspPageTable.service(JspPageTable.java:387)
at oracle.jsp.runtimev2.JspServlet.internalService(JspServlet.java:802)
at oracle.jsp.runtimev2.JspServlet.service(JspServlet.java:726)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:821)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:27)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.adf.library.webapp.LibraryFilter.doFilter(LibraryFilter.java:176)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.sysman.eml.app.JSPFilter.doFilter(JSPFilter.java:93)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.sysman.core.model.targetauth.EMLangPrefFilter.doFilter(EMLangPrefFilter.java:158)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at weblogic.servlet.internal.RequestDispatcherImpl.invokeServlet(RequestDispatcherImpl.java:524)
at weblogic.servlet.internal.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:253)
at com.sun.faces.context.ExternalContextImpl.dispatch(ExternalContextImpl.java:410)
at org.apache.myfaces.trinidad.context.ExternalContextDecorator.dispatch(ExternalContextDecorator.java:45)
at org.apache.myfaces.trinidad.context.ExternalContextDecorator.dispatch(ExternalContextDecorator.java:45)
at org.apache.myfaces.trinidad.context.ExternalContextDecorator.dispatch(ExternalContextDecorator.java:45)
at org.apache.myfaces.trinidad.context.ExternalContextDecorator.dispatch(ExternalContextDecorator.java:45)
at org.apache.myfaces.trinidadinternal.context.FacesContextFactoryImpl$OverrideDispatch.dispatch(FacesContextFactoryImpl.java:268)
at com.sun.faces.application.ViewHandlerImpl.executePageToBuildView(ViewHandlerImpl.java:471)
at com.sun.faces.application.ViewHandlerImpl.renderView(ViewHandlerImpl.java:140)
at javax.faces.application.ViewHandlerWrapper.renderView(ViewHandlerWrapper.java:191)
at org.apache.myfaces.trinidadinternal.application.ViewHandlerImpl.renderView(ViewHandlerImpl.java:193)
at oracle.sysman.emSDK.adfext.ctlr.EMViewHandlerImpl.renderView(EMViewHandlerImpl.java:150)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._renderResponse(LifecycleImpl.java:800)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:294)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:214)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:266)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:27)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.help.web.rich.OHWFilter.doFilter(Unknown Source)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.sysman.emSDK.license.LicenseFilter.doFilter(LicenseFilter.java:166)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:205)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:106)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:447)
at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:447)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:271)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:177)
at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.sysman.emas.fwk.MASConnectionFilter.doFilter(MASConnectionFilter.java:41)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.adf.library.webapp.LibraryFilter.doFilter(LibraryFilter.java:176)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.sysman.eml.app.AuditServletFilter.doFilter(AuditServletFilter.java:183)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.sysman.eml.app.EMRepLoginFilter.doFilter(EMRepLoginFilter.java:203)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.sysman.core.model.targetauth.EMLangPrefFilter.doFilter(EMLangPrefFilter.java:158)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.sysman.core.app.perf.PerfFilter.doFilter(PerfFilter.java:141)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.sysman.eml.app.ContextInitFilter.doFilter(ContextInitFilter.java:542)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:111)
at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:413)
at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:94)
at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:161)
at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:136)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
Why this exception is occurring? Kindly help me with this, its a bit urgent!!!!Hi
1. First create a user like readonlyweblogic using some password in Weblogic Console. In Weblogic Console itself, select this new user and go to his Group Memberships and add a Group named Monitors. This means this user has Monitor role for Weblogic Console. Monitor is a Read Only access role to the weblogic console.
2. NOW, with full admin privileges user, login into EM Console. Select soa_infra, right click mouse -> Security -> Application Roles. On right side, click green arrow and see list of Roles shown. Select the role named SOAMonitors, click on this. And add a User to this that is created above like "readonlyweblogic".
3. Close all the browsers. Open a new browser and test weblogic console and em console with this new user.
I have this setup like this in many envs and they all work fine. They are read only access users for admin console and em console.
Thanks
Ravi Jegga -
Database open for read-only access ORACLE
while building a universe with a dblink betweens oracle databases, i try to create a derived table in the form
select field1 from table@db_to_db2
but i get the following message:
Exception: DBD, ORA-16000: database open for read-only acces State N/A.
I understand the statement "Set Transaction for read only" must be set before any transaction during the session, but still dont know how to trigger it in bo universe designer.
Can someone know how to solve it?I suggest you fill-in the BEGIN_SQL parameter on the Universe to turn on the read-only transaction.
Here is an excerpt from the Universe Designer guide:
The BEGIN_SQL parameter allows you to prefix SQL statements with the same parameters each time a SQL statement is generated.
1. Open the "Universe Parameters" dialog box in Designer.
2. Click the Parameter tab.
3. In the "Parameter" list, select the BEGIN_SQL parameter and enter the
appropriate prefix commands.
4. Save the settings.
5. Save the universe. -
Creating user as good as sysadmin but with read only privs
Hi Folks I want to
creating user as good as sysadmin but having only read only privs
how can we do this.Hi
1. First create a user like readonlyweblogic using some password in Weblogic Console. In Weblogic Console itself, select this new user and go to his Group Memberships and add a Group named Monitors. This means this user has Monitor role for Weblogic Console. Monitor is a Read Only access role to the weblogic console.
2. NOW, with full admin privileges user, login into EM Console. Select soa_infra, right click mouse -> Security -> Application Roles. On right side, click green arrow and see list of Roles shown. Select the role named SOAMonitors, click on this. And add a User to this that is created above like "readonlyweblogic".
3. Close all the browsers. Open a new browser and test weblogic console and em console with this new user.
I have this setup like this in many envs and they all work fine. They are read only access users for admin console and em console.
Thanks
Ravi Jegga -
Hi, I am trying to implement a role that would enable a user to have the same functionality as the out-of-the-box User Admin role, but that this user would not be able to actually create or modify users, roles assignments, etc.
The idea is to have a 'Display' role - with read-only access.
The solution we are comtemplating right now involves getting the source code from SAP, copying it, and modifying it - disabling any interaction. We would then create new iviews, pages, etc from there only for this role. This is a tedious task.
Any ideas on how else this can be done?
ThanksI have only managed to do this by creating a role and assigning the relevant User Admin iViews to the role and then changing the End User Permissions on the role.
I assigned the ReadAll Premission. That did the trick for me.
Groups unfortunately require the manage_groups Permission, so we do not allow the viewing of groups. -
Role to access PFCG in "read-only mode"
Hi,
I've created a role to access transaction PFCG in "read-only mode", because some functional consultants asked for it.
However, it still gives them access to perform the "User Comparison" and I would like to remove that as well.
The role has the following authorization objects and values:
S_TCODE-TCD = PFCG
S_USER_AGR-ACTVT = 03
S_USER_AGR-ACT_GROUP = Y-, Z- (these are the allowed role names)
I really don't know what to do... any ideas?
thanksHello Gary,
Yes, I also noticed that. The restriction of a user compare in PFCG in the F4 help in PRGN_CUST, is the same SAP note as that for activity 22 (assigning the user to the role)...
You could have posted this on Sunday evening, that way Monday morning is closer to test it
Cheers,
Julius
PS: We now have at least two "Gary Morris" at SDN and have for some time been trying to contact the "real one(s)" to determine who-is-who. Another "name sake" is: https://forums.sdn.sap.com/profile.jspa?userID=3618541&start=0 for example.
If you have any concerns, feel free to email me (see my business card) or SDN (at) SAP (dot) COM. -
Read-only scenario issue in SAP BPC 7.0 SP07
Please do not post duplicate threads across forums.
Hi
This is related to SAP BPC.
The appset which runs on SAP BPC 7.0 SP07, is not able to write on read-only scenarios, while the appset which runs on SAP BPC 7.0 SP3, allows to write through script logic.
If a read-only scenario cannot be written even through a script logic, it is impossible to finalize working versions.
So, let me know if anyone came across such similar problem.And how was it resolved?
Thank you.
Divya
Edited by: Pravender on May 11, 2010 12:28 PMHi,
for BPC please the a look the these forums:
/community [original link is broken]
SAP Planning and Consolidation, version for SAP NetWeaver
SAP Planning and Consolidation, version for the Microsoft platform
Regards Matthias -
Role properties are in read only mode
Hello
I have created a role in portal and now i am trying to make it's ENTRY POINT Property as Yes. But folders and worksets are in read only mode, how to make it an edit mode. Can anyone help please?
I have super_admin_role assigned to my username (group: Administrators)
Thanks
DubravkaDubravka,
Please check the button "Edit Mode" is enabled for the role when try to modify role's properties. If its enabled then press the button "Edit Mode" to change the read only mode.
Ram -
SAP PLM DMS Connector - Read Only
I've a very simple question.
Using SAP PLM DMS Connector can I upload documnents into repositories configured for DMS?
I read the documentation and it looks like a read only connector.
Thanks and Regards,
Prasanna KrishnamurthyHi,
It is a read only connector, confirmed by SAP.
Cheers,
Tuval -
Role for User Administrator(Read only)
Hi All,
I want to create a role just like the role ofUser Administrator.But I want to make it read only.I want that the end user can perform search operation,can see the locked user,can see the roles but can't delete the user.Basically ,they shouldn't able to do the modification.
Any suggestions will be appreciated.
ParitoshI have only managed to do this by creating a role and assigning the relevant User Admin iViews to the role and then changing the End User Permissions on the role.
I assigned the ReadAll Premission. That did the trick for me.
Groups unfortunately require the manage_groups Permission, so we do not allow the viewing of groups. -
Need to Assign read-only roles to a user in EP
Hello,
I am currently facing a situation wherin I need to assign read-only roles to a user. I need to assign the user admin, system admin and content admin roles to him, but all with read only permissions. Could someone kindly direct me as to how this can be done in EP7.0?
Thanks in advance and best regards,
Karthik.Hi Karthik,
first, welcome on SDN!
About your question:
Ganesh already showed the way for the PCD. Anyhow, the content admin also can accedd the KM content (if installed); so for KM the settings have to be done, too, i.e. defining only read-permissions for this user on all repositories.
The same holds for System-Admin - Permissions - Portal Permissions, here under the different sections only read access permissions would have to be set.
Anyhow, some areas cannot be restricted in this way, for example the User Management. This could be done only via http://yourserver/useradmin and there via ROLE actions (and not per user).
Still, some areas certainly will stay problematic, so that one maybe would have to strip down the standard roles (create a delta link copy of the content and then remove the problematic areas).
Hope it helps
Detlev
PS: Please consider rewarding points for helpful answers on SDN. Thanks in advance!
Maybe you are looking for
-
I just purchased a new i phone 5. when i go to connect with my laptop it says 'failed to connect to sync services, try again later' it shows my phone, and i can see my app screens, however it wont let me sync, back up or make changes. this is my firs
-
To open "adobe" you need to install a Java SE 6 runtime. Won't install? Please advise.
hello, every time i start up my Mac mini i get a message saying To open "adobe" you need to install a Java SE 6 runtime. But when i press install it says no connection available even though i am connected to a really reliable and fast connection. Ple
-
Error logging to a migrated sso 10g midtier on OAM 11.1.1.5.0 bp2
After successfully migrated an OSSO 10 midtier using the Upgrade Assistant from OAM 11g when trying to loggin to OIDDAS I got the oam logging page with a message : "System error. Please re-try your action. If you continue to get this error, please co
-
Beginners guide - Library vs Time Machine vs Vault?
I am new to Aperture 2, and up until now have had a workflow system that's involved importing images and exporting them into folders, and have no idea what Apertures Library is or does? I am using it as a default setting at present. I have never used
-
Apple Extreme - External Hard Drive - Time Machine????????
Can i connect an external hard drive to a apple extreme and use time machine for automatic back ups? If so, how?