URL in Role?

Similar Messages

• Protected URL vs role mapping in OAM

  Hi,
  Can we do map Protected URL vs role mapping ?
  for example I have some ULR need to be protected thru OAM. Now based on url, user should get the screen. I have user and role in OID.
  My Doubt is : Once user it authenticated, how IDM is conforming that user has access to particular URL or not ?
  or is there any way to do so ? Can I map my 50 URL to 50 role and assign this role to user in oracle IDM?
  Any Help Apprecaited.

  I am too looking for something similar i.e. if users requested url is '/xyz' check if they are in role 'admin' or 'abcde' if not then authentication fails.
  If you find anything please share.
  Thanks

• Assign URL to role

  hi all
  what r the steps involved to assign url to role?
  shalini

  Hi Shalini,
  Go through the link http://help.sap.com/saphelp_bw21c/helpdata/en/52/6714b6439b11d1896f0000e8322d00/content.htm.
  Hope it helps,
  Sunil.

• Problem with UI5 ESS URL with Role Upload in HR Renewal 2.0

  Hi Experts,
  We are in the process of implementing the HR Renewal 2.0 FP1.
  I have made the custom copy of the Standard PFCG ESS role SAP_EMPLOYEE_ESS_XX_UI5_1 into ZSAP_EMPLOYEE_ESS_XX_UI5_1.
  I was able to upload this role in to SAP Portal by selecting the default system object created to point to our ECC system and assigned the ESS role to the end user.
  Now the problem is with the URL which needs to points to the UI5 ESS Landing page in the ECC system. Instead the URL path now is,
  http://portalhost:50000/sap/bc/ui5_ui5/sap/arsrvc_suite_pb/main.html?page=HR_SELFSERVICES.
  I have maintained the system object name in the Generic Content property category of iView and still it picks up the portal URL.
  The relative path should be appended with the ECC host details instead of portal host details.
  Please help me to resolve the issue.
  Thanks,
  Urmi

  Hi Sharadha,
  Run the role from backend and make sure its has correct expected url, then from portal we can address it easily.
  Once you copy and make Zrole, you have to modify and it should point it to the correct catalog.
  In case if you still face issue, pls open a new  thread and past ur screen shots and details, so that we can suggest appropriate. 
  Regards
  Yugandhar reddy

• How to assign URL to role.

  Hi Wad experts
  can any one give me more inputs on this issue
  what steps needs to be followed in pfcg?
  its urgent
  shalini

  Hi Shalini,
  Do you have the authorization to access the PFCG. If yes go to the T-Code. Give your role name.
  After mentioning the role name click the pencil icon or change icon.
  It will take you inside, there you will find Menu Tab.
  In that Tab you will find the option + others, next to Transaction and Report.
  Once you go inside you will find different options, where u can enter your URL.
  regards,
  ashok.

• Role url points to private portal url

  Hi gurus,
  I have the folllowing scenario.
  Several custom roles have been developed and each one has some views pending from them.
  These roles point to http://privatehost:50000/irj/portal/....
  Now external internet acces to the portal is required, and the privatehost ip is not going to be published in internet. This way, theses url´s from roles are not reachable from internet. Anyone knows how to change the url
  the roles are pointing to the new public ip.
  Thanks

  If you are using any external facing portal then you use only  the relative path..
  As an example .... if the absolute path is http://abc.com:50000/irj/portal/xyz
  Instead of the absolute path use only the relative path ..say  /irj/portal/xyz
  Raghu

• Server returned HTTP response code: 403 for URL

  Hi,
  We completed configuration for integration between Sourcing 9.0 and SAP ERP.  I'm trying to publish a Master Agreement into ERP but I'm getting below error message.
  We already verified URL and roles in CLM_USR account in PI, and everything looks fine.   I'll appreciate any suggestion to fix the problem.
  Thanks,
  Omar

  Hi Prasad,
  I'll open an OSS message; but you can find in the mean time "Integrated System Configuration" settings.
  Import Error Type
  E, A.
  Import Success Type
  S
  Use FTP Unchecked
  PI URL
  http://asc-sapnpid01.asc.local:50000/sap/xi/adapter_plain?namespace=http://sap.com/xi/ESourcing/SRMJS/OP&service=SAP_CLM&scheme=&QOS=BE&sap-user=CLM_USR&sap-client=001&sap-language=EN
  Use HTTP header authentication  Unchecked
  PI User (only for HTTP header authentication)
  CLM_USR
  PI Password
  Regards,
  Omar

• Setting session attributes at the Role level

  I am running AM7.1 in Legacy mode and I am trying to create a role and assign session attributes at this role level. I followed the instructions for doing this but it does not seem to be working. I created the role and added the session service to it. I then went in an changed the attributes (Max Idle, Max Session, etc.) to the values I need for the role. I then assigned the role to a user. However when I log in as this user and look at the Active Sessions panel all of the values are still saying they are set at the defaults. It is not picking up the new values for the user. Am I missing something? Help! -Jeff

  Reply i was also getting this problem in relam mode but 7.0..........but when i specify in the url?role=rolename..........i see the session info applied but i wanted it to be dyanmically applied(without specifiying the role in the url).......i have raised an SR but that is for 7.0 .........please do it for 7.1 i think you might get some response.

• Error in Mass role import in Role Expert

  Hi,
  While configuring role expert, in mass role import ,I am able to import the bulk download file but its import is getting failed and error is "<b>File is in invalid format</b>"
  If I alter the downloaded file, another error is generated saying "<b>Cannot write to Upload Directory
  ursula\sap_temp\ROLEIMPORT or Directory does not exist.</b>
  Please help me out!
  Regards,
  Anubha

  Hi Michael,
  I am not able to import the SAP roles properly.
  I downloaded the roles from backend properly. But while importing them I am getting a list of backend roles and against each of them following message <b>Error in processing role infomation. Role not imported</b>.
  What could be the possible mistake? I have set <b>Upload Directory</b> = ursula\sap_temp.
  One more problem, while creating a new role I am able to reach successfully till the risk analysis phase. After that, as soon as I click on approval , i am getting message <b>Error in creating request</b>.
  I suppose the control should go to Access Enforcer from here.I have already set AC Workflow URL for role approval in Configuration -> miscellaneous.
  Thanks in advance!
  Anubha

• URL wrong

  Hi all,
      I am working with CRM 4.0 and SAP PORTAL 6.0.  I  have a iview type bsp(crm_bsp_frame).  This iview has links. This links launch  a new window   but the url is wrong . The url is:
       ROLES://…
  “http://portalserver/irj//portal?NavigationTarget= “ is missing. How can i solve it?
  Thanks and Best Regards.
  Gab

  hi
  Try this
  String iview=<Iview Path>;
  WDPortalNavigation.navigateAbsolute("ROLES:"+iview,WDPortalNavigationMode.SHOW_INPLACE,(String) null, (String) null, WDPortalNavigationHistoryMode.NO_DUPLICATIONS, (String) null,(String) null,"Param=Test");
  Kind Regards
  Mukesh

• URGENT HELP NEEDED ... Tomcat Realm and JRE1.4 plug-in problem

  I have tried the Security Realm of Tomcat. Since I do not have
  an LDAP server, I decided to use the Tomcat-users.xml file in
  Tomcat\conf directory.
  I added the following lines of code in the web.xml file.
  <security-constraint>
  <web-resource-collection>
  <web-resource-name>Entire Application</web-resource-name>
  <url-pattern>/*</url-pattern>
  </web-resource-collection>
  <auth-constraint>
  <!-- NOTE: This role is not present in the default users file -->
  <role-name>webviewer</role-name>
  </auth-constraint>
  </security-constraint>
  <login-config>
  <auth-method>BASIC</auth-method>
  <realm-name>Tomcat Manager Application</realm-name>
  </login-config>
  The <role-name> "webviewer" is added into "Tomcat-Users.xml" as the following:
  <tomcat-users>
  <user name="test" password="password" roles="webviewer" />
  </tomcat-users>
  So, now when we type the url: http://localhost:8080/adbpdbre/default.htm, TOMCAT shows a dialog box asking for UserName: and Password:Now, only when we give the username and password, it shows the page. This is exactly what we want.
  But the problem now is, this default.htm page, has 5 links to 5 applets. The first time that I click on one of these links, the JRE plug of 1.4 shows a dialog again asking for the username and password. Till I dont provide the username and password the system doesnt go ahead and applet doesnt load. I do not want the JRE to ask me for the username/passwords again..How to avoid this ?
  Can you give me some more information on this. Ultimately in the production usage, we will be using LDAP and not Tomcat's memory realm.
  URGENT HELP NEEDED ... I need to get back to my client on this.
  Help would be v. much appreciated.

  In the config file, you 're essentially saying that you want Tomcat to prompt for usr/passw on every request (url-pattern = /*) made by a 'webviewer', and that's exactly what Tomcat is doing.
  Consider using specific url-patterns & roles for resources to be protected. If for now, all you need is to protect the first page, use a more specific url-pattern.
  Just an advice : if you'll be using LDAP in production, do not waste time with Tomcat's Security Realm and the BASIC authentication type, since the two have not much in common. Start reading doc on LDAP, and code a prototype, or even better, a vertical slice of the app (i.e a proof of concept).

• Error in owb_awxml_import_expert

  Hi,
  This utility allows you to read and import metadata from an AW XML template coming from AW Manager into the OWB Repository. (10gR2)
  Import succeeded succesfully of the load mappings and dimensions en cube objects.
  But i can only redeploy a load_mapping when i have replaced or dropped the cube.
  in owb control center, this makes the cube empty, I cannot offord to do this in the production environment.
  Is this a bug and is there a workarround for this?
  This is the error on de load_mapping when redeploying it in de control center without replacing or recreating the cube :
  Name
  Type
  Status
  Log
  LOAD_T
  Batch Mapping
  Warning
  VLD-1005: Column precision of ST_TEMPERATUUR.INOUTGRP1.TEMPERATUUR is greater than the target column precision.
  Warning
  VLD-1006: Column scale of ST_TEMPERATUUR.INOUTGRP1.TEMPERATUUR is greater than the target column scale.
  Warning
  VLD-1001: The datatype of INOUTGRP1.KWARTIER_ID in ST_TEMPERATUUR (NUMBER) does not match the datatype of T.TIJD_NKEY in T (VARCHAR2).
  LOAD_T
  Description : Runtime User : EN_DEV_REP_OWNER Started : 2006-10-25 14:39:39.0
  Name
  Action
  Status
  Log
  LOAD_T
  Create
  Warning
  ORA-06550: line 23, column 3:
  PL/SQL: SQL Statement ignored
  LOAD_T
  Create
  Warning
  ORA-06550: line 2436, column 11:
  PL/SQL: SQL Statement ignored
  LOAD_T
  Create
  Warning
  ORA-06550: line 2438, column 13:
  PL/SQL: ORA-00942: table or view does not exist
  LOAD_T
  Create
  Warning
  ORA-06550: line 27, column 3:
  PL/SQL: ORA-00942: table or view does not exist
  LOAD_T
  Create
  Warning
  ORA-06550: line 47, column 3:
  PL/SQL: SQL Statement ignored
  LOAD_T
  Create
  Warning
  ORA-06550: line 51, column 3:
  PL/SQL: ORA-00942: table or view does not exist
  LOAD_T
  Create
  Warning
  ORA-06550: line 909, column 11:
  PL/SQL: SQL Statement ignored
  LOAD_T
  Create
  Warning
  ORA-06550: line 911, column 13:
  PL/SQL: ORA-00942: table or view does not exist
  Job Summary
  Updated : 2006-10-25 14:39:39.0 Job Final Status : Completed with warnings Job Processed Count : 1 Job Error Count : 0 Job Warning Count : 11
  Thanks in advance
  Best Regards

  Hi Michael,
  I am not able to import the SAP roles properly.
  I downloaded the roles from backend properly. But while importing them I am getting a list of backend roles and against each of them following message <b>Error in processing role infomation. Role not imported</b>.
  What could be the possible mistake? I have set <b>Upload Directory</b> = ursula\sap_temp.
  One more problem, while creating a new role I am able to reach successfully till the risk analysis phase. After that, as soon as I click on approval , i am getting message <b>Error in creating request</b>.
  I suppose the control should go to Access Enforcer from here.I have already set AC Workflow URL for role approval in Configuration -> miscellaneous.
  Thanks in advance!
  Anubha

• Where is security configuration for deployed web application stored

  Hi,
  We have deployed a folder as a web application. The changes I am making in Deployments -> web application -> Security -> URL Pattern -> Roles -> Edit a Stand-Alone Web Application URL Pattern Scoped Role is not saved and it is getting lost when I restart the application.
  For example I have added "AppTesters" group in "valid-users" url-pattern.
  Can anybody help me where these settings are stored and why it is not getting saved across application restarts.
  Thanks,
  Sambath.

  How are you restarting your weblogic Admin Server?
  This is only possible if some how while your Admin Server is restarted, the ldap directory that is present int the %DOMAIN_HOME%/your_domain/servers/AdminServer/data directory is deleted or updated with the previous values.
  This may give you some idea how to proceed with this issue.
  Thanks,
  Sandeep

• Is it possible bypass basic file authentication in glassfish using default

  I have a glassfish application with basic authentication enabled and a single user setup in the file security realm wth a single group named 'internal'.
  My web.xml is setup with an auth-constraint limited to 'internal' role, my glassfish-web.xml maps the group 'internal' to the role 'internal'
  I have one cluster with an app ('api') running that is already accessed internally without the need for authentication.
  I am trying to set up a standalone instance with a seperate config (publicapi) that runs the same app but can only access functionality of the publicapi rather than the api
  My approach has been to add basic authentication to api with a default principal (internal) in its config. The principal is mapped to a user (internal) in the file security realm that has a single group in its list of 'internal'. My understanding was this would be able to bypass the basic authentication when using this config but it has not.
  This is my config within the api project: glassfish-web.xml
  <glassfish-web-app error-url="">
  <class-loader delegate="true"/>
  <jsp-config>
  <property name="keepgenerated" value="true">
  <description>Keep a copy of the generated servlet class' java code.</description>
  </property>
  </jsp-config>
  <security-role-mapping>
  <role-name>internal</role-name>
  <group-name>internal</group-name>
  <principal-name>internal</principal-name>
  </security-role-mapping>
  </glassfish-web-app>
  web.xml
  <?xml version="1.0" encoding="UTF-8"?>
  <web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
  <security-constraint>
  <display-name>Limit non-internal principals</display-name>
  <web-resource-collection>
  <web-resource-name>Secure Application</web-resource-name>
  <url-pattern>/*</url-pattern>
  </web-resource-collection>
  <auth-constraint>
  <role-name>internal</role-name>
  </auth-constraint>
  </security-constraint>
  <login-config>
  <auth-method>BASIC</auth-method>
  <realm-name>Secure Area</realm-name>
  </login-config>
  <security-role>
  <description>Only accssible to internal roles</description>
  <role-name>internal</role-name>
  </security-role>
  </web-app>
  and sun-web.xml
  <?xml version="1.0" encoding="UTF-8"?>
  <!DOCTYPE sun-web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Application Server 9.0 Servlet 2.5//EN" "http://www.sun.com/software/appserver/dtds/sun-web-app_2_5-0.dtd">
  <sun-web-app error-url="">
  <security-role-mapping>
  <role-name>internal</role-name>
  <group-name>internal</group-name>
  <principal-name>internal</principal-name>
  </security-role-mapping>
  </sun-web-app>
  So is my understanding of being able to bypass the basic authentication using glssfish default principal flawed? Do default principals match to a user / group list that is added in the Glassfish control panel and therefore assocated with the same roles / groups? Any other info on how to correctly map the default principal to a security group and bypass authentication would be very useful. Thank you

  Haii
  your jsps or struts will not do that kind of client side jobs..u write a java script and do that.......
  regards
  Shanu

• Error: Navigate back to the same iView with Portal Absolute Navigation?

  Hi, SDN Fellows.
  When I tried to do a portal absolute navigation from and to the same iView, the iView before  an infinite loop that keep navigating by itself (the iView keep refreshing by itself non-stop).
  Here is the code that I used:
  My current URL, said: ROLES://portal_content/RoleA/WorksetA/PageA,
  then I called this method to navigate to itself:
  WDPortalNavigation.navigateAbsolute("ROLES://portal_content/RoleA/WorksetA/PageA"
  ,WDPortalNavigationMode.SHOW_INPLACE
  ,WDPortalNavigationHistoryMode.NO_DUPLICATIONS
  ,null);
  To make sure I have the right method, I changed the URL Target to, said: ROLES://portal_content/RoleA/WorksetA/PageB, then the navigation become fine and did navigate to PageB.
  Do any of you know what can be the problem?
  My optimal goal is to refresh the whole Web Dynpro application, by navigate to itself again. I used to implement this by using WDP Exit Plug and URL Navigation, but this does not work in the portal environment. So, I am thinking to use the portal navigation to do the same thing.
  Second question, do you have any other alternative way to refresh the whole Web Dynpro application without using Exit Plug?
  FYI:
  My current EP version is NW04s SP6.
  Thanks for advise.
  Kent

  Hi
  Use this code in ur action button event..
  WDPortalNavigation.navigateAbsolute("ROLES://portal_content/..............",WDPortalNavigationMode.SHOW_INPLACE,(String) null,(String) null,WDPortalNavigationHistoryMode.NO_HISTORY,(String) null,(String) null,(String) null,(String) null,true,false);
  It will open same view again..
  Do reward points if helpful
  Thanks
  Puneet