Secure "Applications" within CMC

Similar Messages

• BO Security Management within CMC

  Hi,
  I have two similar questions regarding the security management using InfoView with a hierarchical folder structure.
  1) At the very moment when a new Folder is created, all the system users are able to see the newly created folder as per inheritance from the top-level security (view access). In order to hide this new folder from some users, the security of this Folder has to be manually updated. Is there a way to avoid this manual interaction with the system?
  2) I would also like to use the "send to inbox" feature of infoview, but not all users are supposed to send reports to all other users. As per inheritance from top-level security, all users are able to see all users. Is there a way to adjust the security only for some users (view access), so that I do not have to adjust the security of all users (no access)?
  Regards
  Victor

  What version of business objects you are using?
  1) if it is XI R2. there is no way. you have to do it for every folder you create. you have to manually set no access to everyone on that folder and add groups that you want to give them access and assign access level.
      if it is XI3x, you can create one custon access level with only one right that is on the folder rights, for view select granted and make it to Object only. then goto all folders in CMC, for everyone change the access level to the one you have created.
  here you are breaking the inheritance. by default new folders that you create are not given access to anyone. you just need to add the groups that you want and assign access.
  2) create 2 different groups. one groups for users whom you want to enable send to option. other group with remaining users.
  depending the version of the business objects you can either a new access control list or goto advanced and enable rights.

• Is it possible to run a java application within a web browser?

  Hello everyone here! I have a question about running a java application within a web browser and I would appreciate it very much if anyone here can give me some answers.
  I have a standalone java application written with AWT. Basically this free application lets users to select spectral lines from a big file based on some criteria and plot those selected lines. Yes, it is a very simple application. Now I want to run this application within a web browser so that users don't need to download the application from the ftp site and thus don't need to install in their machine. Is it possible to run this application within browser? If yes, can we get the same plotting function as we run the application separately and where should I start out?
  Thanks in advance!
  kuilian

  Please see the signed applet discussion group for details of how to avoid the applet security restrictions. You can sign the applet, or use the policy file containing {AllPermission} for testing purposes (though not suitable for widespread deployment).
  Regards
  Matthew

• SAP Security tool within to determine the affects of a security change.

  Hi -
  Do anyone know of a security application tool within SAP to determine the affects of a security change to roles other than SUIM, SE16 ( tables), PFCG, etc
  The basics are:
  1) A role is updated to include additional t-codes, removal of t-codes, or change authorizations of existing t-codes.
  2) Currently there is no way to determine what other t-codes may be affected by the change in authorizations which makes regression testing almost impossible.  The ultimate solution would be a list to the process teams for regression testing to ensure everyone is aware of the consequences of making a change.
  The application in question would:
  1) Use the change log within SAP (with a few parameters specified) to determine what authorizations were changed.
  2) Lookup all the authorizations by t-code for every t-code in the roles meeting the criteria.
  3) Create a list of roles / t-codes that use the authorizations that were identified as changed.  This would be the t-codes that need to be evaluated for regression testing.
  This process is possible today, but would take hours to evaluate a simple change by hand.  A single t-code can have 100+ authorizations and a role could have 50+ t-codes.  This case would lead to the manual cross referencing of 5000+ items which would be extremely time consuming and prone to error.
  Thanks
  Larry Mac

  Hi Larry,
  I am only aware of SUIM....
  there are some possibilities beside change logs, for instance Transaction->executable with role/for user,....
  Also rsusr008_009_new(critical authorizations) gives you a good chance for finding such
  possible effects.
  The cusotmizing of critical auths./combinations/variants is a bit complex, but following the documentation step by step gives a good starting point.
  So if after the changes users show up in the result, you knwo, that you have to react.
  Of course this is not 100% the solution you are looking for, but gives the possibility for an additional check/countercheck.
  b.rgds, Bernhard

• "security" application package to CLEAN the widely "known" Malicious code?

  Professionally & Personally - I use, make, and Read many PDF files daily [reports, documents, & books]; I have many "many" thousands of PDF documents in my Archives.
  A. Background:
  1.    I have heard, since Acrobat 5, many security specialist have deemed JAVA as a THREAT; and PDF as a security concern! Recently Reported Home Land Security has deemed JAVA as an on-going "continuing high threat", in spite of se7u11; reported that DHLS expressed that 28% of reported ATTACKS were from Adobe Acrobat PDF files embedded user malicious software code [ever growing numbers of attacks]. <PDF security is a major growing DOD concern!>
  2.    To my great surprise from "IT" professional who disabled JAVA in his Department's systems, the current Security Software and specific program updates offer no real solution or resolutions to this ongoing security problem. I understood that Virus and Trojan Checkers do not check malicious software code hidden inside PDF files, and software updates do not remove or make safe the malicious software code in the actual PDF – thus it remains a potentially very DISTRUCTIVE-DATA-BOMB just setting in your databases awaiting to be activated at some future date.
  3.    "This is very tedious and time consuming!" I have since disabled JAVA in my Adobe Acrobat and run each PDF through "PDF OPTIMIZER" - Discarding all User Data, User Objects, and especially User JAVA Codes – and disable my LAN internet connection -- before utilizing it. I don’t know if this is of any good or not – but I feel safer.
  B. PROBLEMS & QUESTIONS (I’ve given each question its own string to assist with preventing confusion)!
  4.    CLEAN OLD FILES! Has Abode Acrobat issued stand alone "security" application package to CLEAN the widely "known" Malicious code or attack internet sites from PDF files? I was informed that Security Software doesn't perform this specific function inside PDF files. Does Adobe have a similar Microsoft Windows Malicious Software Removal Tool? What is Adobe's solution?

  Hello George Johnson
  I do so appreciate your assistance…
  Although I have used in business and own computers since the 1970’s [built one myself from a kit in 79], I’ve not had to concern myself with programming since, DOS, Lotus/IBM/Apple Basic and COBAL --- especially after XP release I gave up even trying to figure what each does. I did not mean to offend as to which specific JAVA version and/or product is the problem, since I personally have no CLUE – and today totally depend upon goodwill of smart guys like you.
  Specifically why recently DHLS [IT security folks and DOD for many years] is saying that Malicious Software code in PDF files is such a big threat and responsible for 28% of the systems attacks I do not know the technicalities or reasoning of these assertions – except it had something to do with JAVA CODE/JavaScript[?] contained inside the actual PDF which virus software doesn’t detect or destroy?  I do not know if it is the Additional CODE placed inside the PDF by the bad actor and/or the changing of actual Adobe Program Code is the problem? I may be chasing may tail!
  My biggest concern for many years into the future -- is protecting my very large PDA database/Archive, multiple Systems, my personal information, and to try to the best of my ability to not pass PDF having within it Malicious Software CODE [JAVA CODE/JavaScript?] put into it by a bad actor.
  Since my PDF database Archives [and back-ups] is many terabytes – it is impossible to “import” each PDF into Acrobat and run PDF Optimizer (removing Adobe known user placed codes and data) – as I am doing now – much less trying to figure out what else I should check for within the PDF file or the ever increasing updates, changes, versions of plugging the hole in the dikes…..
  So George, back to my question,  Has Abode Acrobat issued stand alone "security" application package to CLEAN the widely "known" Malicious code or attack internet sites from PDF files? [You know 28% DHLS & DOD is talking about.] I was informed that Security Software doesn't perform this specific function inside PDF files. Does Adobe have a similar Microsoft Windows Malicious Software Removal Tool? What is Adobe's solution?
  Thank you so very much for your knowledge, help, and interest.

• How to integrate custom web application within Fusion Environment?

  Hi all,
  I have created a simple custom web application with JDeveloper (11.1.1.6.2).
  From JDeveloper this application is running successfully through the IntegratedWebLogicServer connected with our Fusion Database.
  Now I want to integrate this custom web application within our our Fusion Environment (11.1.4).
  The final goal is to make it available inside the navigator menu in Fusion Applications.
  I need some guidance how to get this done.
  For example I have created an EAR-file. Where should this file be deployed?
  How can I create an entry in the navigation menu pointing to this web application?
  The web application should be handled just like seeded pages. (no additional security, login, etc.) How do I manage that?
  I have checked several Oracle Guides and forums (also blogs.oracle.com/fadevrel), but still it is not clear to me.
  Maybe I am on the wrong track, I don't know.
  Kind regards,
  Cor van Dongen

  How you deploy your EAR depends on the type of environment you have. For "OnSite" deployment you would need to contact the production system administrator to have your application deployed on the production WLS. The administrator would decide where and how the application is deployed, the process would be specific to the site.
  The security behavior depends on the configuration, e.g. when you enable security on your application various [url http://docs.oracle.com/cd/E14571_01/web.1111/b31974/adding_security.htm#BGBDEHFH]files are created / updated. When deployed to production these configurations need to be changed to suite the production instance, i.e. in development environments authentication is enforced by security constraints while in production this is achieved e.g. using OAM policies. The specific details depend on the instance.
  For Cloud environments you would need to deploy the application e.g. on [url https://cloud.oracle.com/mycloud/f?p=service:home:0]Java Cloud Service instance as applications cannot be deployed on the Cloud production instance.
  To integrate with the navigator menu refer to the [url http://docs.oracle.com/cd/E15586_01/fusionapps.1111/e16691/ext_nm.htm]Customizing the Navigator Menu documentation.
  Jani Rautiainen
  Fusion Applications Developer Relations
  https://blogs.oracle.com/fadevrel/

• Error while running a Secured Application

  Hi all,
  we have created an application with a single page, which works fine when we run the same. But if security is enabled for the application, following exception is being thrown:
  <Mar 9, 2011 4:17:51 PM IST> <Error> <Deployer> <BEA-149265> <Failure occurred in the execution of deployment request with ID '1299667669178' for task '2'. Error is: 'java.lang.NoSuchFieldError: RESOURCE_NAME_EXPRESSION'
  java.lang.NoSuchFieldError: RESOURCE_NAME_EXPRESSION
  at oracle.security.jps.internal.policystore.entitymanager.impl.PermissionSetManagerImpl.getResourceNameExpressionQuery(PermissionSetManagerImpl.java:2448)
  at oracle.security.jps.internal.policystore.entitymanager.impl.PermissionSetManagerImpl.checkPermissionSetSearchQuery(PermissionSetManagerImpl.java:2464)
  at oracle.security.jps.internal.policystore.entitymanager.impl.PermissionSetManagerImpl.getPermissionSets(PermissionSetManagerImpl.java:2414)
  at oracle.security.jps.internal.tools.utility.destination.apibased.JpsDstPolicy.clone(JpsDstPolicy.java:935)
  at oracle.security.jps.internal.tools.utility.destination.apibased.JpsDstPolicy.migrateData(JpsDstPolicy.java:442)
  Truncated. see log file for complete stacktrace
  Caused By: java.lang.NoSuchFieldError: RESOURCE_NAME_EXPRESSION
  at oracle.security.jps.internal.policystore.entitymanager.impl.PermissionSetManagerImpl.getResourceNameExpressionQuery(PermissionSetManagerImpl.java:2448)
  at oracle.security.jps.internal.policystore.entitymanager.impl.PermissionSetManagerImpl.checkPermissionSetSearchQuery(PermissionSetManagerImpl.java:2464)
  at oracle.security.jps.internal.policystore.entitymanager.impl.PermissionSetManagerImpl.getPermissionSets(PermissionSetManagerImpl.java:2414)
  at oracle.security.jps.internal.tools.utility.destination.apibased.JpsDstPolicy.clone(JpsDstPolicy.java:935)
  at oracle.security.jps.internal.tools.utility.destination.apibased.JpsDstPolicy.migrateData(JpsDstPolicy.java:442)
  Truncated. see log file for complete stacktrace
  >
  <Mar 9, 2011 4:17:51 PM IST> <Warning> <Deployer> <BEA-149004> <Failures were detected while initiating deploy task for application 'DSDemo [Version=V2.0]'.>
  <Mar 9, 2011 4:17:51 PM IST> <Warning> <Deployer> <BEA-149078> <Stack trace for message 149004
  java.lang.NoSuchFieldError: RESOURCE_NAME_EXPRESSION
  at oracle.security.jps.internal.policystore.entitymanager.impl.PermissionSetManagerImpl.getResourceNameExpressionQuery(PermissionSetManagerImpl.java:2448)
  at oracle.security.jps.internal.policystore.entitymanager.impl.PermissionSetManagerImpl.checkPermissionSetSearchQuery(PermissionSetManagerImpl.java:2464)
  at oracle.security.jps.internal.policystore.entitymanager.impl.PermissionSetManagerImpl.getPermissionSets(PermissionSetManagerImpl.java:2414)
  at oracle.security.jps.internal.tools.utility.destination.apibased.JpsDstPolicy.clone(JpsDstPolicy.java:935)
  at oracle.security.jps.internal.tools.utility.destination.apibased.JpsDstPolicy.migrateData(JpsDstPolicy.java:442)
  Truncated. see log file for complete stacktrace
  Caused By: java.lang.NoSuchFieldError: RESOURCE_NAME_EXPRESSION
  at oracle.security.jps.internal.policystore.entitymanager.impl.PermissionSetManagerImpl.getResourceNameExpressionQuery(PermissionSetManagerImpl.java:2448)
  at oracle.security.jps.internal.policystore.entitymanager.impl.PermissionSetManagerImpl.checkPermissionSetSearchQuery(PermissionSetManagerImpl.java:2464)
  at oracle.security.jps.internal.policystore.entitymanager.impl.PermissionSetManagerImpl.getPermissionSets(PermissionSetManagerImpl.java:2414)
  at oracle.security.jps.internal.tools.utility.destination.apibased.JpsDstPolicy.clone(JpsDstPolicy.java:935)
  at oracle.security.jps.internal.tools.utility.destination.apibased.JpsDstPolicy.migrateData(JpsDstPolicy.java:442)
  Truncated. see log file for complete stacktrace
  >
  [04:17:51 PM] #### Deployment incomplete. ####
  Any help on this regard would be greatly appreciated.
  Thanks in advance,
  Raghu

  Hi,
  By secured application, i mean, i have configured security in the Application and ran it in the jdev. The same app was running smoothly without enabling the security.
  Thanks,
  Raghu

• Firefox has completely crashed today on my computer. I tried to reload it, and my security application closed it as a "malicious threat" . What's going on?

  All applications I try to open from my desktop ,where I used FIREFOX to open them...crash when trying to open. I tried to re-install FIREFOX, but my security application shut it down as a 'malicious threat'.
  What's going on?

  Thanks, I deleted a bunch of apps and some other TV shows I had on there. All of the other movies have an active download button so there is room for other movies, just not that one for some reason...weird!

• What is the legal way do distribute iPad corporate application within the company employees and avoid it downloading by a million of other users?

  Hello,
  My company has about 1500 employees. The purpose is to distribute our corporate application within their iPads. What are the possible legal ways to distribute?

  You can try these links, but some may require an active account to access:
  Enterprise Guide:
  iPhone OS - Enterprise Deployment Guide
  https://developer.apple.com/library/ios/#featuredarticles/FA_Wireless_Enterprise _App_Distribution/Introduction/Introduction.html
  Distributing Enterprise Apps for iOS 4 Devices

• How to deploy my forms application within OAS 10.1.3.2.0

  Dear all,
  I cannot find the web service in OAS 10g release 10.1.3.2.0, so how to deploy those oracle forms application within OAS 10.1.3.2.0.
  Thanks for anyone help to give the answer!

  Hi Grant,
  I have been hearing since quite some time now that slowly Oracle is shifting its focus towards J2EE and Java based technologies and there are plans also to make Forms obsolete in future.
  What is your comment on this?
  Thanks and Regards
  Amit Trivedi

• Integration a Web Dynpro ABAP application within one of my EP overview page

  Hi Experts,
  I've got an issue when integrating a Web Dynpro ABAP application within one of my EP overview pages.
  We've implemented PLM using the Web Dynpro ABAP scenario for employees. Now Iu2019m trying to integrate this into the Employee Self-Service overview page. I've got no issue to make the icon and area title appears, but when I click on it I get a blank page with Error 404. However when clicking on the link in the navigation bar (Level 2) then I get the page fine. So it looks like EP is not able to integrate correctly the Web Dynpro ABAP into the overview page in EP. Is there any specific Resource configuration?
  One more thing is that if I've implemented the same iView using Resources -> Services -> Sub Areas -> Areas everything works fine, but I receive two navigation Levels (Area Group contains the Area Link and when I click it brings me to Sub Area with the single Service Link) I want to avoid this double clicking, calling the application directly from Area Group -> Area link.
  Anyone has ever come across that kind of issue? Has anyone ever integrated a WDA application directly into an overview page?

  Hi,
  We faced a similar problem with BSPs and had to change the definition of the area link type entry.
  I am assuming you have set the area link type to WebDynpro for ABAP and the resource is calling an Iview/page that has the WD ABAP application configured.
  To get around the error, change the Area Link type to Calls a Portal page and make sure the resource calls an Iview/Page that has the WD ABAP application configured.

• Exposing a Form-Driven Web Application within a Portlet

  Hi All,
  I'm having a bit of a problem exposing a form-driven Web-Application within a portlet window.
  The web-application I'm working with utilizes the Oracle XSQL servlet and is basically a collection of .XSQL pages which are formatted using .XSL stylesheets that produce output HTML for the client.
  The application contains hyperlinks for navigation, but is largely Form driven.
  The application has already been deployed into an Oracle Application Server 10g container as a J2EE object(.ear file), and is fully functional and accessible over the web.
  In order to expose this application thru a Portlet window I utilized the Url-based provider services that come with the Oracle PDK. This allowed me to set up a simple URL-based provider for the site without any coding whatsoever. I also included inline rendering declarations to force the application response to be rendered within the Portlet window.
  This setup works fine when only hyperlinks are used to navigate thru the application, however, Forms do not appear to work with this setup. Everytime a form is submitted, the data is posted to the Portlet which fails to pass it thru to the underlying web application. Instead the Action="somepage.xsql" parameter is appended to the URL of the Portal itself thus returning a "page not found",etc... error.
  After much OTN searching I have found that the PDK 10.1.2 URL services package does not support Forms for inline rendering. Thus this solution comes close but falls short of what I need.
  I was wondering if anyone can point me to a solution that would:
  1) allow me to display the entire web application within a Portlet window (app only outputs HTML & some client-side javascript, but takes POST requests to the XSQL Servlet)
  2) without modifying it's current Form-driven interface, or any of the application's underlying code for that matter,
  3) and without having to resort to java coding the Portlet interface.
  The URL-Based Provider setup is almost perfect, I just need to find a way to allow forms to pass thru to the underlying application so that it's response can be rendered correctly.
  Current Setup:
  Oracle Application Server (Portal & Wireless) 10.1.2g
  J2EE with OC4J_containers.
  Oracle XSQL Servlet (ver 10)
  Windows 2000 OS

  I tried that, the default "Base URL" provides the "Display Option" attribute but only gives me these 2 options:
  - Full browse window link
  - New browser window link
  I have also tried other items that use "Base URL" (Simple URL, UrlItem, URL) and are all the same thing. The only items I could find (relevant to this need) and provide the option "Item displayed in page area" were:
  - "Page link" item
  - "External Application" portlet
  I even created a fresh Instant Portal to recreate the defaults and add the URL item again, but nothing :(
  Edited by: stics on Apr 29, 2010 4:52 PM

• Juniper Java Secure Application Manager does not work with Snow Leopard

  Anyone else having issues as well? I'm not using a client - its basically the Java based application manager for VPN connections to work (so I can remote desktop to my work PC).
  Once logged in, it gives a "Restart your browser" error.
  Thanks for your help

  OK - so I got it to work. Here's what I did. Let me know if it works for you:
  I wasn't able to follow the instructions exactly as noted in the original link I posted above.
  The terminal command, specifically wget would not work - there is no wget.
  I manually downloaded the Java 1.5 version, by following the link (just clicked on it). I 'unzipped' it and moved it into the library/frameworks/JavaVM.framework/versions folder.
  So now the 1.5.0 is not an alias (as it is by default in SL), but the older version of Java.
  I then followed the instruction related to changing the order in JAVA PREFERENCES.
  The final stop - and I think this is key, is that I forced Safari to start in 32 bit mode. You can do this by going to Applications, highlighting Safari and hitting CMD-I. Then check the 32 bit option.
  Start Safari, go to the appropriate URL and login. The Java Secure Application Manager should then start as it used to do in Leopard. You should be all set.
  Hope this helps - let me know if someone has questions.

• Internet security applications for XP - which one?

  I'm about to do boot camp and add XP. Once I've turn the machine into a windows PC I'll need to have some anti-virus, firewall and all that. Don't trust XP's own offering.
  Which is the most compatible internet security application when using Boot Camp and/or VMware Fusion? Has anyone got an 'avoid this' recommendation?
  Thanks for any ideas.

  For 10 yrs I've said, "avoid Norton" but I have to admit that Norton Internet Security 2008 really is good, a complete ground-up rewrite and works very well and I'm not even aware it is there unless I want to. Working.
  AVG Suite was annoying, in your face, and why I had to find a replacement. It just bogs system down and always asking or telling you and wants to put a notification up (which goes away after 30 seconds).
  Real-time AV applications - for viral malware.
  Do not utilize more than one (1) real-time anti-virus scanning engine.
  Disable the e-mail scanning function during installation (Custom
  Installation on some AV apps.) as it provides no additional protection.
  http://www.oehelp.com/OETips.aspx#3
  Some experts believe that scanning incoming and outgoing mail causes e-mail file corruption.
  Avira AntiVir® PersonalEdition Classic - Free
  http://www.free-av.com/antivirus/allinonen.html
  Free antivirus - avast! 4 Home Edition
  http://www.avast.com/eng/avast4home.html
  (Choose Custom Installation and under Resident
  Protection, uncheck: Internet Mail and Outlook/Exchange.)
  AVG Anti-Virus Free Edition
  http://free.grisoft.com/
  On-demand AV application.
  (add it to your arsenal and use it as a "second opinion" av scanner).
  BitDefender10 Free Edition
  http://www.bitdefender.com/PRODUCT-14-en--BitDefender-8-Free-Edition.html
  A-S applications - for non-viral malware.
  The effectiveness of an individual A-S scanners can be wide-ranging and
  oftentimes a collection of scanners is best. There isn't one software that
  cleans and immunizes you against everything. That's why you need multiple
  products to do the job i.e. overlap their coverage - one may catch what
  another may miss, (grab'em all).
  SuperAntispyware - Free
  http://www.superantispyware.com/superantispywarefreevspro.html
  Ad-Aware - Free
  http://www.lavasoftusa.com/products/adawarefree.php
  http://www.download.com/3000-2144-10045910.html
  Spybot Search & Destroy - Free
  http://www.safer-networking.org/en/download/index.html
  Windows Defender - Free (build-in in Vista)
  http://www.microsoft.com/athome/security/spyware/software/default.mspx
  Interesting reading:
  http://www.pcworld.com/article/id,136195/article.html
  "...Windows Defender did excel in behavior-based protection, which detects
  changes to key areas of the system without having to know anything about
  the actual threat."
  A clarification on the terminology: the word "malware" is short for
  "malicious software." Most Anti-Virus applications detect many types of
  malware such as viruses, worms, trojans, etc.
  What AV applications usually don't detect is "non-viral" malware, and the
  term "non-viral malware" is normally used to refer to things like spyware
  and adware.
  Some more useful applications:
  Spyware Blaster - Free
  http://www.javacoolsoftware.com/spywareblaster.html
  Rootkit Revealer - Free
  http://www.microsoft.com/technet/sysinternals/Utilities/RootkitRevealer.mspx
  Crap Cleaner - Free
  http://www.filehippo.com/download_ccleaner/
  If Windows Defender is utilized go to Applications, under Utilities
  uncheck "Windows Defender".
  CW Shredder - Free
  http://www.softpedia.com/get/Internet/Popup-Ad-Spyware-Blockers/CWShredder.shtml

• Secure Application Roles in SE.

  I’m looking for ideas to implement or replicate the behavior of “Secure Application Roles” feature of EE in SE.
  Any help/sample are welcome!
  Thanks,
  Diego.

  Unfortunately there are features from the kernel that prevent the use of Application Roles in a Standard Edition. You must upgrade to a Enterprise Edition.
  ~ Madrid