Technical background user management engine
Hello,
My name is Marco Helmich and i'm student of computer sience. In my modeling course, we are about to discuss the user management engine of SAP Netweaver AS. You have great tutorials on your website, but they all describe a user sight on the UME and not how it works. For that reason i have some questions.
I'm interested in what exactly happens if the UME recieves a request for authorization from the J2EE-engine. Do the UME have components inside? And how do they interact if the UME recieve a request? It acts like a "black box". What are the differences between J2EE secutity roles and the UME roles? Is there a mapping between them? Where does the UME take place in my system landscape? Is it a part of my J2EE server or is it seperated from all servers?
I hope you can give me answers for my quetsions or show me where to find these informations.
Thank you.
Hi,
The UME architechture and other details can be found at the following link.
http://help.sap.com/saphelp_erp2004/helpdata/en/5b/5d2706ebc04e4d98036f2e1dcfd47d/frameset.htm
Hope that helps.
Regards,
Siddhesh
Similar Messages
-
SAPJSF user cannot log-on to the User Management Engine.
We have a newly installed PI 7.0 system.
SLDCHECK is succussful but if we go to the http://hostname:50100/sld - we are redirected to http://hostname:50100/logon/logonServlet?redirectURL=%2Fwebdynpro%2Fdispatcher%2Fsap.com%2Ftc%7Esld%7Ewd%7Emain%2FMain
When we check the default.trc file, we see the error: User "SAPJSF" is the communication user for the connection between User Management Engine and the ABAP backend system SIDCLNTxyz. This user cannot log-on to the User Management Engine.
The SAPJSF user is not locked in SU01. This user is used by the JCO providers to connect to the gateway service.
We opened Visual Administrator and navigated to Server0 -> Services -> UM Provider
We changed the password property at ume.r3.connection.master.passwd
We then restarted the ABAP and J2EE engine. But we still see this error.
Any help to solve this issue is appreciate.
Jay MallaHi,
Please, refer the link below. It says you cannot logon with SAPJSF user to J2EE engine for security reasons.
http://help.sap.com/saphelp_nw2004s/helpdata/en/4e/225b42eeb66255e10000000a155106/frameset.htm
Thanks
R.Murali -
No user is able to login to User Management Engine in SAP Web AS Java
Hi,
We are facing an error"User Authentication failed" in SAP Web AS Java(Stand-alone).
No user is able to login through User Management Engine but we were able to login as administrator into Visual admin.Tried SAP* (Emergency User Activation in config tool) also.SAP* is also able to login to Visual Admin But not into UME.Login in Visual Admin was successful when we tried with SAP* or administrator.
Feels like some UME configuration might have changed.Can anyone help me in this.
Thank You.
Regards,
Sudheer.Hi
Has the SAP* emergency user been activated? While this user is active, all the other users are inactive. Check the following documentation for information on this:
http://help.sap.com/saphelp_nw70/helpdata/en/3a/4a0640d7b28f5ce10000000a155106/frameset.htm
Regards,
Désiré -
No user is able to login through User Management Engine in SAP Web AS Java
Hi,
We are facing an error"User Authentication failed" in SAP Web AS Java(Stand-alone).
No user is able to login through User Management Engine but we were able to login as administrator into Visual admin.Tried SAP* (Emergency User Activation in config tool) also.SAP* is also able to login to Visual Admin But not into UME.Login in Visual Admin was successful when we tried with SAP* or administrator.
Feels like some UME configuration might have changed.Can anyone help me in this.
Thank You.
Regards,
Sudheer.Hi Sudheer Koppireddy
login VA with SAP*
go to services -- key config login ticket and see in right hand side entry deleate all entry
and save it
then go to sm 59 and check HMI connection (http connection to R/3)
deleate it and recreate it
Thanks
Amit Shivhare
PS:Reward Point -
Using User Management Engine API in Portal Application
Hello,
I actually develope a simple Portal Application, which print any User-Infos. Especially I need the date of the last Login. For this purpose I read the Article Using User Management Engine API - Portal - SAP Library where they use the library com.sap.security.api. In the articel they describe also, how to set DC dependencies. But this doesn't function for a Portal Component, because they do not appear in the Component Browser.
So my question is, how get I the User Management Engine API referenced in my Portal Application, so that I can use the package com.sap.security.api. In the filesystem I can not find a JAR-File for the Development Componenten tc/je/usermanagement/api
Greetings,
ThomasHI,
Getting the last logon date can be a small problem. There is a method called: getLastSuccessfulLogonDate, but that one is deprecated since NW 2004s.
https://help.sap.com/javadocs/NW04S/SPS09/se/com/sap/security/api/IUserAccount.html#getLastSuccessfulLogonDate()
In NW 7.3 the method is still there: Generated Documentation (Untitled), but even so, JavaDoc states that the value is not updated automatically
"get last sucessful logon date NOTE: This attribute is not automatically updated during login." -
Error while trying to access User Management Engine
Hi,
when I am trying to login to UME using J2EE_ADMIN user id and password, I am getting the following error.
Unknown message (ID = java.lang.ExceptionInInitializerError
at com.sap.i18n.cp.ConvertBase.CheckConverterJNIAvailable(ConvertBase.java:80)
at com.sap.i18n.cp.ConvertBase.<init>(ConvertBase.java:91)
at com.sap.i18n.cp.ConvertXToC.<init>(ConvertXToC.java:19)
at com.sap.security.core.ticket.imp.Ticket.getString(Ticket.java:359)
at com.sap.security.core.ticket.imp.Ticket.setTicket(Ticket.java:413)
at com.sap.security.core.ticket.imp.Ticket.setTicket(Ticket.java:339)
at com.sap.security.core.ticket.imp.Ticket.setTicket(Ticket.java:318)
at com.sap.security.core.server.jaas.EvaluateTicketLoginModule.login(EvaluateTicketLoginModule.java:268)
at com.sap.engine.services.security.login.LoginModuleLoggingWrapperImpl.login(LoginModuleLoggingWrapperImpl.java:189)
at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:70)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:181)
at com.sap.engine.system.SystemLoginModule.login(SystemLoginModule.java:90)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
at com.sap.security.core.logon.imp.SAPJ2EEAuthenticator.getLoggedInUser(SAPJ2EEAuthenticator.java:103)
at com.sap.security.core.logon.imp.JUMAuthenticator.forceLoggedInUser(JUMAuthenticator.java:267)
at com.sap.security.core.admin.ServletAccessToLogic.getActiveUser(ServletAccessToLogic.java:141)
at com.sap.security.core.admin.UserAdminLogic.executeRequest(UserAdminLogic.java:438)
at com.sap.security.core.admin.UserAdminServlet.doPost(UserAdminServlet.java:26)
at com.sap.security.core.admin.UserAdminServlet.doGet(UserAdminServlet.java:19)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
Caused by: com.sap.i18n.cp.ConverterRuntimeException: com.sap.i18n.cp failed to register natives.
Got exceptions:
null
at com.sap.i18n.cp.ConverterJNI.<clinit>(ConverterJNI.java:46)
... 45 more
I have checked the password for J2EE_ADMIN from the ABAP end, it worked well.
Please suggest me the solution for this issue.
Thanks & regards,
ReddyHi,
I have checked UME properties in property sheet and everything is fine but still facing the same issue. Please find the default trace file below.
Caused by: com.sap.i18n.cp.ConverterRuntimeException: com.sap.i18n.cp failed to register natives.
Got exceptions:
null
at com.sap.i18n.cp.ConverterJNI.<clinit>(ConverterJNI.java:46)
... 50 more
) not found in properties files-java.lang.ExceptionInInitializerError
at com.sap.i18n.cp.ConvertBase.CheckConverterJNIAvailable(ConvertBase.java:80)
at com.sap.i18n.cp.ConvertBase.<init>(ConvertBase.java:91)
at com.sap.i18n.cp.ConvertXToC.<init>(ConvertXToC.java:19)
at com.sap.security.core.ticket.imp.Ticket.getString(Ticket.java:359)
at com.sap.security.core.ticket.imp.Ticket.setTicket(Ticket.java:413)
at com.sap.security.core.ticket.imp.Ticket.setTicket(Ticket.java:339)
at com.sap.security.core.ticket.imp.Ticket.setTicket(Ticket.java:318)
at com.sap.security.core.server.jaas.EvaluateTicketLoginModule.login(EvaluateTicketLoginModule.java:268)
at com.sap.engine.services.security.login.LoginModuleLoggingWrapperImpl.login(LoginModuleLoggingWrapperImpl.java:189)
at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:70)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:181)
at com.sap.engine.system.SystemLoginModule.login(SystemLoginModule.java:90)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
at com.sap.security.core.logon.imp.SAPJ2EEAuthenticator.getLoggedInUser(SAPJ2EEAuthenticator.java:103)
at com.sap.security.core.logon.imp.JUMAuthenticator.forceLoggedInUser(JUMAuthenticator.java:267)
at com.sap.tc.webdynpro.serverimpl.wdc.um.ClientUserFactory.forceLoggedInClientUser(ClientUserFactory.java:145)
at com.sap.tc.webdynpro.serverimpl.wdc.um.ClientUserFactory.checkAuthentication(ClientUserFactory.java:282)
at com.sap.tc.webdynpro.services.sal.um.api.WDClientUser.checkAuthentication(WDClientUser.java:230)
at com.sap.tc.webdynpro.clientserver.cal.ClientManager.checkAuthentication(ClientManager.java:1057)
at com.sap.tc.webdynpro.clientserver.cal.ClientManager.findClientWindow(ClientManager.java:813)
at com.sap.tc.webdynpro.clientserver.cal.ClientManager.doProcessing(ClientManager.java:201)
at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doWebDynproProcessing(DispatcherServlet.java:154)
at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doContent(DispatcherServlet.java:116)
at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doGet(DispatcherServlet.java:48)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
Caused by: com.sap.i18n.cp.ConverterRuntimeException: com.sap.i18n.cp failed to register natives.
Got exceptions:
null
at com.sap.i18n.cp.ConverterJNI.<clinit>(ConverterJNI.java:46)
... 50 more
[EXCEPTION]
#1#java.util.MissingResourceException: Can't find resource for bundle java.util.PropertyResourceBundle, key java.lang.ExceptionInInitializerError
at com.sap.i18n.cp.ConvertBase.CheckConverterJNIAvailable(ConvertBase.java:80)
at com.sap.i18n.cp.ConvertBase.<init>(ConvertBase.java:91)
at com.sap.i18n.cp.ConvertXToC.<init>(ConvertXToC.java:19)
at com.sap.security.core.ticket.imp.Ticket.getString(Ticket.java:359)
at com.sap.security.core.ticket.imp.Ticket.setTicket(Ticket.java:413)
at com.sap.security.core.ticket.imp.Ticket.setTicket(Ticket.java:339)
at com.sap.security.core.ticket.imp.Ticket.setTicket(Ticket.java:318)
at com.sap.security.core.server.jaas.EvaluateTicketLoginModule.login(EvaluateTicketLoginModule.java:268)
at com.sap.engine.services.security.login.LoginModuleLoggingWrapperImpl.login(LoginModuleLoggingWrapperImpl.java:189)
at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:70)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:181)
at com.sap.engine.system.SystemLoginModule.login(SystemLoginModule.java:90)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
at com.sap.security.core.logon.imp.SAPJ2EEAuthenticator.getLoggedInUser(SAPJ2EEAuthenticator.java:103)
at com.sap.security.core.logon.imp.JUMAuthenticator.forceLoggedInUser(JUMAuthenticator.java:267)
at com.sap.tc.webdynpro.serverimpl.wdc.um.ClientUserFactory.forceLoggedInClientUser(ClientUserFactory.java:145)
at com.sap.tc.webdynpro.serverimpl.wdc.um.ClientUserFactory.checkAuthentication(ClientUserFactory.java:282)
at com.sap.tc.webdynpro.services.sal.um.api.WDClientUser.checkAuthentication(WDClientUser.java:230)
at com.sap.tc.webdynpro.clientserver.cal.ClientManager.checkAuthentication(ClientManager.java:1057)
at com.sap.tc.webdynpro.clientserver.cal.ClientManager.findClientWindow(ClientManager.java:813)
at com.sap.tc.webdynpro.clientserver.cal.ClientManager.doProcessing(ClientManager.java:201)
at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doWebDynproProcessing(DispatcherServlet.java:154)
at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doContent(DispatcherServlet.java:116)
at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doGet(DispatcherServlet.java:48)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
Caused by: com.sap.i18n.cp.ConverterRuntimeException: com.sap.i18n.cp failed to register natives.
Got exceptions:
null
at com.sap.i18n.cp.ConverterJNI.<clinit>(ConverterJNI.java:46)
... 50 more
at java.util.ResourceBundle.getObject(ResourceBundle.java:326)
at java.util.ResourceBundle.getObject(ResourceBundle.java:323)
at java.util.ResourceBundle.getString(ResourceBundle.java:286)
at com.sap.security.core.util.ResourceBean.getString(ResourceBean.java:115)
at com.sap.security.core.util.ResourceBean.print(ResourceBean.java:129)
at jsp_umLogonPage1257494316062._jspService(jsp_umLogonPage1257494316062.java:137)
at com.sap.engine.services.servlets_jsp.server.jsp.JspBase.service(JspBase.java:112)
at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service(JSPServlet.java:566)
at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service(JSPServlet.java:190)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
at com.sap.security.core.logonadmin.ServletAccessToLogic.gotoPage(ServletAccessToLogic.java:138)
at com.sap.security.core.sapmimp.logon.SAPMLogonLogic.doLogon(SAPMLogonLogic.java:993)
at com.sap.security.core.sapmimp.logon.SAPMLogonLogic.uidPasswordLogon(SAPMLogonLogic.java:630)
at com.sap.security.core.sapmimp.logon.SAPMLogonLogic.executeRequest(SAPMLogonLogic.java:150)
at com.sap.security.core.sapmimp.logon.SAPMLogonServlet.doPost(SAPMLogonServlet.java:60)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
Please suggest me the solution for this issue.
Thanks & regards,
Reddy -
What is it that we acheive by connecting an r/3 system using the UM configuration in the system configuration
Is it necessary that we , prior to mapping users in a portal to that in r/3, do the UM configuration?Hi Louis
Check out the links below:
http://help.sap.com/saphelp_nw04/helpdata/en/5b/5d2706ebc04e4d98036f2e1dcfd47d/content.htm
http://help.sap.com/saphelp_nw04/helpdata/en/a6/9d86f7b9d0224fbf74f9024b0b0a6a/content.htm
Regards
Gaurav Gandhi
PS: Award points if helpful/solved -
NWA or User Management doesn't start
Hello, All !!
I have recently installed a NW 7.0 system. Details listed below:
System: SAP SRM 5.0 SR3
Stacks: ABAP+JAVA - single install
Platform: HP-UX (64-bit)
Database: Oracle
Issue / Problem that's on hand
I am not able to bring up User Management or NWA from the URL:
<http>://<AS_Java_hostname>:<AS_Java_HTTP_port>/nwa
<http>://<AS_Java_hostname>:<AS_Java_HTTP_port>/useradmin
User ID: J2EE_ADMIN
Password: Installation Master Password
Once I enter these details and click on login button, I get back the same blank login screen. If I enter incorrect password, then I get an error: "User Authentication failed".
When I log on to AS ABAP, I see the following users defined:
J2EE_ADMIN
J2EE_GUEST
SAPJSF.
In the config tool, the guest user is specified as J2EE_GUEST (property ume.login.guest_user.uniqueids).
=======================================================================
Here are related excerpts from the installation guide
As of SAP NetWeaver 7.0 and Business Suite 2005, you can install an ABAP+Java system in one installation run. This means that AS Java is configured by default against ABAP client 001.
You can choose one of the following methods to set up your new production client:
n You install the ABAP and the Java part of your system separately.
n You install an ABAP+Java system and reconnect the Java part.
n You install an ABAP+Java system and do not reconnect the Java part.
Bonjour!! (Most frequently used word from my French vocabulary (FV)!! BTW - my FV has very few words.)
Hope everyone's doing fine. I have been bothering a few on the team with my questions and have been receiving prompt reply. And here's yet another question I need some advise on.
Excerpts from the installation guide:
As of SAP NetWeaver 7.0 and Business Suite 2005, you can install an ABAP+Java system in one installation run. This means that AS Java is configured by default against ABAP client 001.
You can choose one of the following methods to set up your new production client:
n You install the ABAP and the Java part of your system separately.
n You install an ABAP+Java system and reconnect the Java part.
n You install an ABAP+Java system and do not reconnect the Java part.
Installing an ABAP+Java System and Reconnecting the Java Part
If you need the Java users in your ABAP production client, you have to manually configure the connection of the Java part to the ABAP part.For more information about Java users, see the table User Management Engine (UME) in Basic SAP System Parameters [page 28].
1. You install the ABAP+Java system as described in this documentation.
2. You perform the client copy [page 144].
3. You reconnect the Java part to the production client as described in SAP Note 937323.
=======================================================================
Eventually, I want to change the client in AS JAVA to point to production client and not client 001. But right now, I am not even able to bring up NWA or User Management. But I can bring up "System Information" - logging in as J2EE_ADMIN user.
Please let me what needs to be done to correct this problem.
Thanks in advance!!
MadhaviHi,
Login into your 001 client and check whether your j2ee_admin or j2ee_guest are locked? If yes then unlock them and try again.
Also if you want to change the password then make sure you update the pasword in the secure storage area of web as java through configtool.
Regards,
Vamshi. -
Portal user management for SRM
Hi ,
We will be using global portal & SRM as a backend.
Portal<---->SRM<----->ERP
Which will be the best option for data sources of the User Management Engine (UME)?
Regards,
Arpit.Repeated.
-
Does TestStand 2.0 have a user manager accessible through the base deployment engine?
I only see API calls to show add and edit users for the base deployment engine, but not a full user administrator like in the Sequence editor. Is this only available with the TestStand development env?
Why do want to be able to edit users on every test station. You can make life simpler by putting your users.ini file in a network location and from Station Options>User Manager, point to that location. That way you only have to add users once and you can do that from the development system. Even if there's a reason to have different users for different stations, you could just copy the different users.ini files you create to the local TestStand directories on the test stations. I do that with the StationGlobals.ini file. I find it easier to have of my test stations use the same station globals. I define the unique ones as sequence file globals. When I do have to add a new station global, I take my local copy of StationGlobals.ini and just do a c
opy to all of the test stations. Personally, I much prefer the fact that users and station globals can't be edited by the operator interface. That's just one less thing I have to worry about the test operators getting in and changing something. -
User-managed backups of a 10g DB using ASM
Is it possible to do user-managed backups of a 10g database which is using ASM?
When I run the following SQL command
SELECT NAME FROM v$datafile;
It returns
+DBDATA/db_test/datafile/system.256.617633575
+DBDATA/db_test/datafile/users.259.617633757
The ASM is setup in 'normal redundency' across 2 partitions, both of which are not formatted.
If there is anyone who has done user-mangaged backups on a 10g DB using ASM who could provide an insight I would be greatful.
Basically what I would like to know is how do I access the datafiles, so I can back them up to a location of my choosing?I think it's a good product, we use it for many years now. A big advantage is Backtrack automates not only backups (that do all products), it also provides automatic restore/recovery in many cases (not in all!). That means the product detects what is wrong with the database and automatically performs all necessary steps to bring back the database to working. In case of trouble that's good for operators by night and also good for the DBA, who does not need to come.
Disadvantage (may be true for all 3rd party products) Backtrack is always behind Oracle's newest technology, so it took some time to support ASM and it's still not a full support.
There's no problem with online backups, Backtrack uses the traditional way (ALTER TABLESPACE BEGIN BACKUP .... END BACKUP), they don't use RMAN technology in the background.
We use both in our company, Backtrack and RMAN. Besides the technical point of view, there's also a license issue. Backtrack's license fee is due to amount of data, the larger your databases the larger the fee.
Werner -
Not able to login to User management link in portal
Hi,
I am not able to login to "User Management" link from index.html page. When I enter user name and password, only page is getting refreshed and it is not logging in.
Error from default trace:
#1.5 #00188B34FD33006C0000002800007AC8000461B1DE2BD2F2#1233316471589#com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl#sap.com/tcwddispwda#com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl#J2EE_ADMIN#2018##mysapbw_BW7_23635150#J2EE_ADMIN#c13b1ba1eec411dd9cbb00188b34fd33#SAPEngine_Application_Thread[impl:3]_2##0#0#Error#1#/System/Server/WebRequests#Plain###application [webdynpro/dispatcher] Processing HTTP request to servlet [dispatcher] finished with error.
The error is: java.lang.NoSuchMethodError: com.sap.security.core.wd.umeuifactory.wdp.IExternalUmeUiFactoryCompInterface.hasSimplePermission(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)Z
Exception id: [00188B34FD33006C0000002600007AC8000461B1DE2BCF03]#
#1.5 #00188B34FD33005F000004A300007AC8000461B1E07DB217#1233316510512#com.sap.engine.services.security.authentication.logonapplication#sap.com/com.sap.security.core.admin#com.sap.engine.services.security.authentication.logonapplication.doLogon#J2EE_GUEST#0##n/a##d88d4300eec411dd9ac900188b34fd33#SAPEngine_Application_Thread[impl:3]_6##0#0#Error##Java###doLogon failed
[EXCEPTION]
#1#com.sap.security.core.logon.imp.UMELoginException
at com.sap.security.core.logon.imp.SAPJ2EEAuthenticator.logon(SAPJ2EEAuthenticator.java:949)
at com.sap.security.core.logonadmin.ServletAccessToLogic.logon(ServletAccessToLogic.java:208)
at com.sap.security.core.sapmimp.logon.SAPMLogonLogic.doLogon(SAPMLogonLogic.java:914)
at com.sap.security.core.sapmimp.logon.SAPMLogonLogic.uidPasswordLogon(SAPMLogonLogic.java:578)
at com.sap.security.core.sapmimp.logon.SAPMLogonLogic.executeRequest(SAPMLogonLogic.java:158)
at com.sap.security.core.sapmimp.logon.SAPMLogonServlet.doPost(SAPMLogonServlet.java:60)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
Please help me in resolving this issue.
Regards,
Nallasivam.DHi,
After looking into the error first i dont think you are enter the right password.
In case if you are entering the right password then you might not have the necessary admin rights on portal.
Regards,
Ramanath -
User Management Service API javadoc
According to the following document:
http://help.sap.com/saphelp_nw2004s/helpdata/en/f7/f289c67c759a41b570890c62a03519/frameset.htm
I can use the User Management Service interface to check authorizations:
"You can use the User Management Service to check the authorizations; there are various interfaces and methods available for this purpose."
Where are these interfaces and methods documented? I searched help.sap.com for "User Management Service" but am not able to find the javadoc API documentation.Hey David,
I must have misunderstood your question as I thought you couldn't "...figure out how to integrate these both elements through service link, with an agent and adapters." - Starter Edition has a reusable approach.
I'm interested in understanding where the user management features of Starter Edition aren't quite making your grade. The requirements driving Starter Edition's feature set are as they pertain to the enterprise as a private cloud deployment. Given this environment, the two primary deployment scenarios SE addresses are 1) no external user account data source (no directory integration), 2) external data source integration using one of the three types of directory servers supported by Cloud Portal. Scenario 2 two supports user authentication only and user authentication and authorization.
Scenario 1 supports user and organization management using Cloud Portal as the data source. Scenario 2 supports a pre-populated data source under the premise that enterprises most commonly have a existing directory services they desire to integrate with the solution, which is to say that an uncommon and not natively supported scenario is one in which the enterprise has no existing user account data source, but has idle directory services they would like for the solution to populate with new user accounts created through he solution. Certainly, such a scenario may be supported by extending the solution.
Let me know how you come along.
Regards,
Lee
Sent from Cisco Technical Support iPhone App -
User Managed Hot Backup via Sql
Hi being a bit old school - I am trying to understand the steps required for a Hotbackup managed via Sql ( sorry all RMAN fans ! )
I understand that I can backup each tablespace in turn ( via the necessary ALTER TABLESPACE <x> BEGIN BACKUP and then take it out of backup)
I presume also that I simply take a backup of my control file ( wither as binary or as trace if need be )
I am also guessing that you do not backup the Redo Logs ( since you will reset these on any recovery anyway )
The bit I am not sure about is the Undo Tablespace - can it be backup in eactly the same way as any of the other tablespaces ?
Are there any other components that I need to backup ( apart from archive logs )
thanks,
JimEdStevens wrote:
Jim Thompson wrote:
Hi being a bit old school - I am trying to understand the steps required for a Hotbackup managed via Sql ( sorry all RMAN fans ! )
I understand that I can backup each tablespace in turn ( via the necessary ALTER TABLESPACE <x> BEGIN BACKUP and then take it out of backup)
I presume also that I simply take a backup of my control file ( wither as binary or as trace if need be )
I am also guessing that you do not backup the Redo Logs ( since you will reset these on any recovery anyway )
The bit I am not sure about is the Undo Tablespace - can it be backup in eactly the same way as any of the other tablespaces ?
Are there any other components that I need to backup ( apart from archive logs )
thanks,
JimI'm old school too. Been in this business over 30 years. Still prefer a command line interface.Me too.
>
But c'mon .... user managed backups? How about dictionary managed tablespaces? initialization parameter files instead of spfiles? Ok, I'll give you the DMT (old skool hippies should be lol now). But user managed backups do have their place, and seriously, I think plain old parameter files are in many cases better than strange binary things that need special software to manipulate and require you to remember arbitrary things. I cuss at regedit every time...
>
What is the business or technical justification for not going with rman?
I can still remember my grandfather arguing with the guy at the tire store, insisting they put inner tubes in those "newfangled" tubeless tires . . .My last lawn tractor had much better luck with tubed replacement tires than tubeless with puncture sealant. Naturally as soon as I bought a new tractor I got a puncture, it doesn't come with sealant. Anyone who's ever struggled with a bead that doesn't set in without a high pressure air pump will appreciate grandpa's point of view. As well as sew-ups. -
FAQ: BC-LDAP-USR (Directory Interface for User Management via LDAP )
Version: 20060317
Q: Where can i find more information to the BC-LDAP-USR interface ?
A: Have a look on our ICC webpage in the SDN:
SAP NetWeaver AS - Directory Interface for User Management via LDAP (BC-LDAP-USR)[1] [original link is broken]
Q: What costs a arising when we want our product to be certified ?
A: See also our SDN page under the headline "Price List".
Q: Is there a link/page for the already certified products for this interface ?
A: Sure, have a look on our ICC page under the headline "Certified Solutions"
Q: Who can we ask in case of general question ?
A: Have a look at our general ICC forum:
SAP Integration and Certification Center (SAP ICC)
Of course, if you have urgent requests you can send them also directly to our local ICC's:
ICC Walldorf in Germany: [email protected]
ICC Palo Alto in USA: [email protected]
ICC Bangalore in India: [email protected]
Q: Who can we ask in case of technical questions ?
A: This depends on the state of your certification project.
1.) If the certification contracts have been signed then you can ask in this forum and if this does not solve your question go back to your assigned integration consultant.
2.) When the certification contracts have not been signed then you can ask questions in this forum.I distinguish it using the passwordExpirationTime(or something like that, i don't have code here with me).
This is possible if after password is expired user has at least one more access.It is a user policy that can be set in the Ldap server.
If it is possible, user can still login and perform operations.You chan search the passwordExpirationTime attribute and determine if password is expired, and the send a message to the user, telling him to change it.(If only one access is allowed and you change the password with the same application or service then do not close context, else you should not be able to connect again.) Instead, if you use an external script, then the last acces should not give you problems.
Hope i made myself clear.
Maybe you are looking for
-
I did a hard reset on the airport express, but it did not work
I successfully reset the airport express once, got it set up, plugged in the new speakers, they worked for about 1 minute, then the blinking yellow error code started on the airport express. Since then I have tried to do a hard reset numerous times
-
Can't Open Administration Panel In FCS client
I had to re-install my server and final cut server. I was successful in restoring the backup of final cut server and all the files are there but I can not access the administration panel in the client. I have logged in with both accounts that have ad
-
FWD: Non-Delivery of:How to monitor who has what serviceobject connect
Hello, I'm getting quite of few of these Non-Delivery messages. Is this someone trying to respond to my question on service object connection? How to fix the problem?
-
How to choose addons and plugins to be active always
I want the choice to turn all plugins on and off in Aurora/Firefox because if i can't do that i can't use Aurora/Firefox anymore. If my plugins are turned off by default my Webplayers stops working all the time and Adobe Flashplayer won't work before
-
I have windows 7 and Bing as my search engine why can't I log in to Forums
in order for me to get on I had to download google chrome and open from their, I would like to have Bing as my default and be able to go to google from the search engine tool bar when needed any suggestions? and with Vista I did not have this proble