SDK C# - query Security Role Properties like Views, Tasks etc

Hi,
i have a Problem with getting information from the securityroles in SCSM. In C# i cant get the views, Tasks, templates etc. which are in the security roles. Can anybody give me a hint how i can query this configuration in c#.
Thank you in advance.

So the "real need" is that your security roles are confusing and not well defined, so to address this, you'd like to make or find a tool that tells you quickly roles a given user is in, then you could go about troubleshooting
the security issue.
I'd like to offer an alternative: fix your security roles.
a ideal* service manager implementation has 3 security roles.
Administrators, who can see and manage everything,
Analysts, who can work incidents complete activities and shepherd things through the process, but can't really change how the system operates
Everyone Else, who get
implied permissions and not much else.
Sometimes those roles are broken out into different responsibility groups, which are queue filtered, but typically those are the three classes of people in service manager.
Those roles groups should be applied to the departmental or job groups that correspond to the people who do this job, i.e. you work in the helpdesk, therefore you get helpdesk rights in SCSM.
If you are going to stray from this ideal, you should have a good reason for it.
*note: ideal is not "most" or even "a good", ideal is exactly what it sounds like, an ideal goal state that isn't restricted to practical needs. Practical business needs are going to modify this ideal, but it isn't going
to change the goal, just how close you can get.

Similar Messages

How to dump your database including other objects like views, sequence,etc

hi.
is it possible to generate a sql file that contains your database structure including the values in it and other objects. I have tried generating just the tables and that's the only way I know to dump a database using jdeveloper. but is there a way to generate a sql file with your db structure and also other objects like views, triggers, sequences and etc.
thanks.. :D

You may need to use utility(which may come with your DB) for creating DB dump

Shared JNDI view among security role

Hi,
We're working on project which needs to expose EJB across different Apps( EAR) in the same OC4J. To my knowledge, in order for those Apps to be able to access the JNDI entry for the exposed EJB, there could be follwing options.
* To enable JNDI entries to be global visiblle. so Bean can be accessible from all other App. This should not be a preferred option since we should not mandate that.
* Whichever app need to access the EJB, it should set the JNDI env to add the credential & JNDI provider URL.of the EJB so the EJB is accessible from those Apps. This adds up the complexity of the configuration for the EJB client.
Would like to see if there's such option to create certain kind of grouping so we can have all the Apps in the same group (e.g. with the same security role) to share the view of JNDI entries so that EJB clients don't need to maintain the credential & provider URL in order to access an EJB across Apps(EAR). Or any other option?
thanks
-Calvin

Calvin,
You can group your client applications together. Here is what you need to do:
1. Deploy your EJB's
2. When you deploy your client applications, under parent application choose the name of your EJB application. This way OC4J knows that the client application is a trusted source (i.e. a child of the parent) and it will not ask you for the credentials. You can then use the JNDI name of the resource that you are looking up.
When you choose the parent application, your server.xml will change and it will get a parent attribute:
<application name="clientapp" path="../applications/clientapp.ear" parent="EJBAppName" auto-start="true" />
Hope this helps.
Regards,
Deepak

Set PDF Document Properties Initial View by Acrobat SDK with C#

Hi,
Here am trying to set the PDF document initial view by the Acrobat SDK with C#.
Here I am show my screen shot which properties I want to set.
For this process I am referred Acrobat SDK and also following Adobe forums they also asked similar question.
http://forums.adobe.com/message/3866361
http://forums.adobe.com/message/4803264
http://livedocs.adobe.com/acrobat_sdk
And also I am used following C# code
      Acrobat.AcroPDDocClass doc = new Acrobat.AcroPDDocClass();
      doc.Open(@"D:\..\sap.pdf");
doc.SetOpenInfo(1,1,"Fit Width");
      doc.SetPageMode(3);
      doc.Save(1, @"D:\..\sap.pdf");
      doc.Close();
From the above code {doc.SetPageMode(3);} is working for set the page mode.
But I am having problem in following code {doc.SetOpenInfo(1,1,"Fit Width");}
Because it won’t work I do’t known, and there is no clear samples in the SDK reference document.
So please give advice and clear sample code/syntax to meet above needs which are marked in red box.
Document Properties - > Intial View
Document Option
     Show: Bookmarks Panel and Page
     Page Layout: Continuous
     Magnification: Fit Width
Window Options
     Show : Document Title
Regards,
Thirusanguraja Venkatesan

ok thank you Test Screen
I will try and let you know if i am done by automation .
Regard,
Thirusanguraja Venkatesan

Getting Device Properties like OS,Model,Brand,SDK,Version and CPU on Air for Android

Hi there,
I just wanted to share this old blog post in case no one knew about this here (like i didn't). I have no affiliation with this person, i just think its great!
Getting Device Properties like OS,Model,Brand,SDK,Version and CPU on Air for Android
http://www.funky-monkey.nl/blog/2010/11/11/getting-device-properties-like-os-model-brand-s dk-version-and-cpu-on-air-for-andoid/
I was able to correctly identify DroidX and Motorola Xoom family edition in my test, with no ane, pretty cool!

Okay. I've found an answer:
yes, you can and have to add these icons via the descriptor file, since flash wont let you. But before you do that, go into the "Air publish" settings in flash. Here, right on page 1, there is the "include files" section. Add your icon pngs there. Hit OK and exit these settings. Now open the descriptor with an editor outside of flash and write in the files like I posted above. Close. Save. Make it write protected. No go to flash and publish.

Using the SDK to check if user security role membership

Is there any way to check if a user is in a particular security role using the SDK?
I ask because I am considering adding a web based ticket search by ID/key word look-up web service since this function is not part of the Self-Service Portal. I am looking into what it takes to maintain the system's security model or at least limit
the information given to the users. I am thinking that affected users might get some ability to modify their tickets.
I've already built a web portal hosting complex forms for several of our teams where the Self-Service Portal was too limited to collect necessary information. The forms portal already uses the SDK to submit work items directly into Service Manager.
This would be a welcome extension of the web site's capabilities.

Hi,
You may try powershell, here are two PowerShell scripts that use
SMLets to reveal interesting information about user roles in SCSM, please refer to it:
https://gallery.technet.microsoft.com/Service-Manager-SCSM-User-ebcdfcd6
Regards,
Yan Li
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

How to get security roles in a JSF portlet

I need to get the LDAP user-roles available in the Sun Portal Server 7 in my JSF-168 portlet.
I've added the mapping file, updated the portlet.xml and web.xml, deployed the portlet (psconsole). But the portlet shows the "content not available" error with javax....title title.
I've probably messed up the descriptors, but I don't see what is wrong. Here they are:
roleMaps.properties
cn\=VSM.Administrator,dc\=neco,dc\=cz=Administrator
web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.4">
<context-param>
    <param-name>javax.faces.STATE_SAVING_METHOD</param-name>
    <param-value>server</param-value>
</context-param>
<context-param>
    <param-name>javax.faces.CONFIG_FILES</param-name>
    <param-value>/WEB-INF/navigation.xml,/WEB-INF/managed-beans.xml</param-value>
</context-param>
<context-param>
    <param-name>com.sun.faces.validateXml</param-name>
    <param-value>true</param-value>
</context-param>
<context-param>
    <param-name>com.sun.faces.verifyObjects</param-name>
    <param-value>false</param-value>
</context-param>
<filter>
    <filter-name>UploadFilter</filter-name>
    <filter-class>com.sun.rave.web.ui.util.UploadFilter</filter-class>
    <init-param>
      <description>
          The maximum allowed upload size in bytes. If this is set
          to a negative value, there is no maximum. The default
          value is 1000000.
        </description>
      <param-name>maxSize</param-name>
      <param-value>1000000</param-value>
    </init-param>
    <init-param>
      <description>
          The size (in bytes) of an uploaded file which, if it is
          exceeded, will cause the file to be written directly to
          disk instead of stored in memory. Files smaller than or
          equal to this size will be stored in memory. The default
          value is 4096.
        </description>
      <param-name>sizeThreshold</param-name>
      <param-value>4096</param-value>
    </init-param>
</filter>
<filter-mapping>
    <filter-name>UploadFilter</filter-name>
    <servlet-name>Faces Servlet</servlet-name>
</filter-mapping>
<servlet>
    <servlet-name>Faces Servlet</servlet-name>
    <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
    <load-on-startup>1</load-on-startup>
</servlet>
<servlet>
    <servlet-name>ExceptionHandlerServlet</servlet-name>
    <servlet-class>com.sun.errorhandler.ExceptionHandler</servlet-class>
    <init-param>
      <param-name>errorHost</param-name>
      <param-value>localhost</param-value>
    </init-param>
    <init-param>
      <param-name>errorPort</param-name>
      <param-value>25444</param-value>
    </init-param>
</servlet>
<servlet>
    <servlet-name>ThemeServlet</servlet-name>
    <servlet-class>com.sun.rave.web.ui.theme.ThemeServlet</servlet-class>
</servlet>
<servlet>
    <description>Generated By Sun Java Studio Creator</description>
    <display-name>CreatorPortlet Wrapper</display-name>
    <servlet-name>VSMPortal</servlet-name>
    <servlet-class>org.apache.pluto.core.PortletServlet</servlet-class>
    <init-param>
      <param-name>portlet-class</param-name>
      <param-value>com.sun.faces.portlet.FacesPortlet</param-value>
    </init-param>
    <init-param>
      <param-name>portlet-guid</param-name>
      <param-value>VSMPortal.VSMPortal</param-value>
    </init-param>
</servlet>
<servlet-mapping>
    <servlet-name>ExceptionHandlerServlet</servlet-name>
    <url-pattern>/error/ExceptionHandler</url-pattern>
</servlet-mapping>
<servlet-mapping>
    <servlet-name>ThemeServlet</servlet-name>
    <url-pattern>/theme/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
    <servlet-name>VSMPortal</servlet-name>
    <url-pattern>/VSMPortal/*</url-pattern>
</servlet-mapping>
<welcome-file-list>
    <welcome-file>faces/null</welcome-file>
</welcome-file-list>
<error-page>
    <exception-type>javax.servlet.ServletException</exception-type>
    <location>/error/ExceptionHandler</location>
</error-page>
<error-page>
    <exception-type>java.io.IOException</exception-type>
    <location>/error/ExceptionHandler</location>
</error-page>
<error-page>
    <exception-type>javax.faces.FacesException</exception-type>
    <location>/error/ExceptionHandler</location>
</error-page>
<error-page>
    <exception-type>com.sun.rave.web.ui.appbase.ApplicationException</exception-type>
    <location>/error/ExceptionHandler</location>
</error-page>
<jsp-config>
    <jsp-property-group>
      <url-pattern>*.jspf</url-pattern>
      <is-xml>true</is-xml>
    </jsp-property-group>
</jsp-config>
     <security-role>
          <role-name>Administrator</role-name>
     </security-role>
</web-app>
portlet.xml
<?xml version='1.0' encoding='UTF-8' ?>
<portlet-app xmlns='http://java.sun.com/xml/ns/portlet/portlet-app_1_0.xsd' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' xsi:schemaLocation='http://java.sun.com/xml/ns/portlet/portlet-app_1_0.xsd                         http://java.sun.com/xml/ns/portlet/portlet-app_1_0.xsd' version='1.0'>
     <portlet>
          <description>Created By Java Studio Creator</description>
          <portlet-name>VSMPortal</portlet-name>
          <display-name>VSMPortal Portlet</display-name>
          <portlet-class>com.sun.faces.portlet.FacesPortlet</portlet-class>
          <init-param>
               <name>com.sun.faces.portlet.INIT_VIEW</name>
               <value>/Uctarna.jsp</value>
          </init-param>
          <expiration-cache>0</expiration-cache>
          <supports>
               <mime-type>text/html</mime-type>
               <portlet-mode>VIEW</portlet-mode>
          </supports>
          <supported-locale>en</supported-locale>
          <portlet-info>
               <title>VSMPortal</title>
               <short-title>VSMPortal</short-title>
               <keywords>Creator</keywords>
          </portlet-info>
          <security-role-ref>
               <role-name>Administrator</role-name>
               <role-link>Administrator</role-link>
          </security-role-ref>
     </portlet>
</portlet-app>If I don't use the security-role and security-role-ref tags, the portlet works, and the isUserInRole method obviously doesn't.

Nobody uses the LDAP roles in a portlet? Anybody knows other thread discussing similar issue (I can't find anything)?

JDev EA1 Error with JAZN/Security Roles/Authentication

I have a current JSF application created under JDev 10.1.3 Preview which runs fine, but under JDev EA1 it crashes.
The application has a JAZN definition with a realm and user defined. The user is also tied to a security role.
In the web.xml I have a security role defined and security constraints. I also have the security-role-mappings in the orion-application.xml for deployment which uses OID to authenticate.
This all works fine in JDev 10.1.3 preview.
When I run the application in JDev EA1, the login dialog does not appear and the application crashes because it can't authenticate who is using the application. I have deleted and recreated the Jazn user and security roles under EA1.
I have noticed that JDev is now reporting the "<security-constraint>" tag in web.xml is an error now.
Any ideas on what's wrong?
Thanks

We're using SSO, so we haven't written our own login handler. The orion-application.xml has the "<jazn-web-app auth-method="SSO"/>" tag in it. We let SSO handle the login. You can write your own login handler if you wanted to. I think there's several threads about doing it. We wanted to try and use SSO and not have to write the piece to do the login.
orion-application.xml:
<jazn provider="LDAP"
location="ldap://my.company.com:<port number>"
default-realm="my_realm_here">
<jazn-web-app auth-method="SSO"/>
</jazn>
The way we approached it, we have a User and Visit object. The User object just holds some data:
public class User implements Serializable
private String userid;
private String name;
private String email;
private Date loginTime;
The faces-config.xml is like this:

<managed-bean>
<managed-bean-name>user</managed-bean-name>
<managed-bean-class>com.mycompany.User</managed-bean-class>
<managed-bean-scope>session</managed-bean-scope>
<managed-property>
<property-name>queryService</property-name>
<value>#{queryservicebean}</value>
</managed-property>
</managed-bean>
We're using Spring to inject the "queryservicebean". You may not need this section. We're having to grab data from a database table. So you can probably skip that "<managed-property>" section.
The section I think you are really asking about is the ViewHandler. You probably need to look at extending the ViewHandler to populate your user object.
public class AuthenticatingViewHandler extends ViewHandler{...}
You will probably need to look at adding code in the createView and restoreView methods.
Something like:
public class AuthenticatingViewHandler extends ViewHandler
private final ViewHandler _base;
public AuthenticatingAurepViewHandler(ViewHandler base)
_base = base;
public UIViewRoot createView(FacesContext facesContext, String viewId)
viewId = loadUser(facesContext,viewId);
return _base.createView(facesContext, viewId);
} //END createView(FacesContext facesContext, String viewId)
public UIViewRoot restoreView(FacesContext facesContext, String viewId)
viewId = loadUser(facesContext,viewId);
return _base.restoreView(facesContext,viewId);
} //END restoreView(FacesContext facesContext, String viewId)
--Then "loadUser" would populate your User object:
public String loadUser(FacesContext facesContext, String viewId)
String userId = facesContext.getExternalContext().getRemoteUser();
User user = (User) JSFUtils.getManagedBean(ViewConstants.USER);
-- Set the userid from OID in your User object
user.setUserid(userId);
-- Note: You may need to do some parsing on your user id string from OID.
-- Do more stuff here, may switch to a differnt viewId if needed, like an error page.
return viewId;
} // END loadUser(FacesContext facesContext, String viewId)
} //END AuthenticatingViewHandler
The "JSFUtils.getManagedBean" uses the valuebinding to get the User bean from the FacesContext. We also carry a boolean isUserLoaded in the User object so we're not executing the loadUser code each time a view is rendered. The Visit object just has a navigation trace and other things of interest to us, so you may not care about it.
A lot of this is from Adam Wiener's post on Sun's JSF forum. I think there's a couple of ways to approach this, with our requirements this works out better. If anybody else has any suggestions, it would be great to hear about them.
As always, hope it helps out with what you are doing and thanks for the chocolate.

Showing or hiding buttons/ enabling text boxes depending upon security role in Portal

Hi All,
Is it possible to show or hide ceratin text box or buttons depending on the security
role of the user ? Let's suppose we have screen with buttons update, delete. Now
we want that when a administrator logs in he will see a screen with data in editable
text boxes and update and delete button. In case of normal user, only the phone
no. will be editable and he can't see the delete button.
Is it possible using portal feature ?
Any suggestion is welcome.
TIA,
Sudarson

Sudarson,
Not that I know of. If you'd like to eloborate on the feature you're
building I can log an enhancement request for you.
Sincerely,
Daniel Selman
"sudarson" <[email protected]> wrote in message
news:3c5f698e$[email protected]..
>
Hi Daniel,
Thanks for the reply. I think, I should elaborate my query.
Yeah, programattically we can do the stuff. But my question is that isthere any
such feature in weblogic portal so that in stead of using is UserInRoleand doing
it programatically, we can do it thru portal, thus having bettermaintainability.
>
Regards,
Sudarson
"Daniel Selman" <[email protected]> wrote:
Sudarson,
Yes this is possible. You can programmatically check the logged in user's
role within your JSP and react accordingly (all standard J2EE). You
should
do this with caution however as you could quickly create a maintenance
problem for yourself. Declarative security externalizes all security
settings (groups. permissions etc.) away from application code and is
usually to be preferred.
Programmatic security through EJB mechanisms such as the SessionContext
isCallerInRole and getCallerPrincipal methods and web-tier methods
getRemoteUser, isUserInRole and getUserPrincipal.
http://java.sun.com/j2ee/j2sdkee/techdocs/guides/ejb/html/Security5.html
Sincerely,
Daniel Selman
"sudarson" <[email protected]> wrote in message
news:3c5e81cf$[email protected]..
Hi All,
Is it possible to show or hide ceratin text box or buttons dependingon
the security
role of the user ? Let's suppose we have screen with buttons update,delete. Now
we want that when a administrator logs in he will see a screen withdata
in editable
text boxes and update and delete button. In case of normal user, onlythe
phone
no. will be editable and he can't see the delete button.
Is it possible using portal feature ?
Any suggestion is welcome.
TIA,
Sudarson

Query user roles and access

hi,
How can query user roles and access in whole database? I want to list username, status, rights, and role
thanks
P

Hi,
The data dictionary view dba_users has one row per user.
The data dictionary view dab_role_privs has one row for every distinct combination of user and role that actually occurs ion your database,
Are you interested in system privileges? See dba_sys_privs.
Are you interested in individual grants, like the privilege to UPDATE a given table, or the privilege to execute a given stored procedure? See dba_tab_privs. (Don't be fooled by the name; it's not just for tables.)
I hope this answers your question.
If not, post some CREATE statements, that create tables, roles, and whatever else you want, and some GRANT statmeents that grant privileges on those objects. Pos the results that you would want to get from those objects and grants.

Security Scopes: All instances of the objects that are related to the assigned security roles greyed out

So the guy who built our SCCM server is no longer in the company and his AD account no longer exists. I noticed in SCCM however his account as the "All instances of the objects that are related to the assigned security roles"
is selected. however the option is greyed out for everyone else.
This option is the one found under Administration/Security/Administrative Users select the user and open properties then select the Security Scopes tab.
Is there a way we can provide another user this same level access when we can no longer access through the original build account?
Already looked into tombstone resurrection of his account thats a no go.

Hi,
I recommend you rebuild SCCM or open a case with Microsoft.
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place.

Doing Active Directory System Discovery security roles

Hi Experts
I am assigning users who have specific roles in SCCM2012 (Reporting, application management etc) , they are not assigned with permissions which is the same as Full Administrator or Operation Manager.
The team would like to run Active Directory System Discovery on the Primary Site server to detect the computer objects found in the AD once they have joined the new computers to the domain, they are unable to perform RUN on the Active Directory System Discovery
as the option is not available to them. Possible to advise, which additional security roles should I assign to them so that the RUN command can appear?? They are unable to do this with the current permission as listed below, RUN is not listed when they right
click on Active Directory System Discovery, unlike the Full Administrator:
Application Administrator
Application Author
Application Deployment Manager
Operating System Deployment Manager
Read-only Analyst
Remote Tools Operator
Software Update Manager

Hi,
You could create a Custom role and modify the rights.
Administration workspace >Security >Security Roles >Select a Built-in role >Click Copy on the ribbon.
Otherwise, Role-based Administration Modeling and Auditing Tool helps administrators to model and audit RBA configurations.
http://www.microsoft.com/en-us/download/details.aspx?id=36213
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place.

Use evdre to query data from a SQL View

Hi all
I believe that it is possible to use evdre to query data from a SQL View. If this is possible then how does one go about setting it up in the evdre options (assuming that the view has already been created)?
Regards,
Byron

Byron, perhaps this is no longer supported, it might be worth opening up a case at service.sap.com on this. However, I did find the following on Page 11 of the "Usages and Considerations of EVDRE" pdf file. This doc is imbedded in the helpfile for BPC 7 SP5 (which was released in August of 2009, well after note 1315011 was last updated.
It looks like you are limited to one custom view per application, since you have to name the view in a parameter at the APPLICATION level. Go into BPC Administration, login to the application related to the custom view, choose "Set Application Parameters" and enter the name of the view to the Application Parameter called "EVDRE_QUERYVIEWNAME" If it is not listed, go ahead and create it at the bottom of the Application parameter screen.
Also: I interpreted the following info from Page 10 of the same doc:
In your EVDRE, set the following options:
QueryEngine: MANUAL
QueryType: enter either NEXJ OR TUPLE see below:
NEXJ - Use two-dimensional queries using the nonemptycrossjoin function
TUPLE - Use two-dimensional queries using tuples"
And I'm assuming you'd enter a Y for the following two parameters:
QueryViewName
"..to enforce the query engine to use a used-defined SQL view of the fact tables, when trying to read the values using SQL queries. This option is typically used in conjunction with the SQLOnly option (see below). "
Option SQLOnly
"..to enforce the query engine to only execute SQL queries, when reading data. This can be achieved using this option."

CRM 2011: Can you control which form is used based not security roles, but on a field value?

I see that you can control which form is used based on security roles, but can you control it based on other field values? I'd like a new record to use a different form until a given status is updated. I have a status of draft and active. So
it would be nice if I could use form1 for those in draft, form2 for those that are active. But I only see where you can control that via the security roles.
I can code all of this via JavaScript, but having the ability to use two separate forms would be nice. Is that even possible.
Best regards,
Jon Gregory Rothlander

Hello,
Recheck following article - http://gonzaloruizcrm.blogspot.com/2014/11/avoiding-form-reload-when-switching-crm.html
Dynamics CRM MVP/ Technical Evangelist at SlickData LLC
My blog

How to get security roles

Hi All,
I want to know how to get the security roles which we configured in adfsecurity.
Regards,
Smaran

Hi,
to get all roles associated with the current user, try
SecurityContext secCtx = ADFContext.getCurrent().getSecurityContext();
String[] roles = secCtx.getUserRoles();
To get access to the roles defined on the system (not user specific) then this requires OPSS access. The JavaDocs are here:
http://download.oracle.com/docs/cd/E17904_01/apirefs.1111/e10686/toc.htm
From the top of my head. this is how get access to the JPS context to query system resources.
JpsContextFactory jpsfact = JpsContextFactory.getContextFactory();
JpsContext jpxCtx = jpdfact.getContext();
IdentityStoreService store = jpxCtx.getServiceInstance(IdentityStoreService.class);
... from here on I have no further hint without trying it myself. However, I hope I go you started
Frank

SDK C# - query Security Role Properties like Views, Tasks etc

Similar Messages

Maybe you are looking for