Wild card "*" usage in the authorization role
Hi All,
I am an ABAP consultant(not a security pro, so please put up with any incorrect wordings), and working on a requirement where i need to check if the user has access to particular values entered on a screen field. For example if the text entered on the field is ABCDEFGUS, i want to check on the last two characters to see if user has access to enter values ending with US.
So i create an authorization object...etc, and in the role i enter US as the value, but now when i run through the code using AUTHORITY-CHECK against the authority object. The authorization passes for all the values i enter, ex: ABCDEFGUK* - this should have failed as i have maintained *US.
Note: but when i maintain the value as ???????US in the role, it works as expected.
All the help and pointers, towards this would be appreciated.
Regards,
Chen
So you will maintain value like #US in your roles and just before authorization check you will amend string.
Hi Martin,
Have you ever tried this and used it in production?
Changing the value sent to the AUTHORITY-CHECK is easy but very intrusive to the data in the program which might be used else where.
Changing the value at runtime which the AUTHORITY-CHECK expects to find is a different ball game (also in performance).
I have done some experimental stuff with this in sandboxes using STATICS in a wrapper for fixed lengths but cannot recommend it at all. I cannot see it ever flying in an AUTHORITY-CHECK statement construct.
It is also completely unauditable to any authorization analysis tool...
Hang on a second... if SPRO can do this then we can as well --> I think we have a winner here!
Cheers,
Julius
Similar Messages
-
Wild card usage in standard F4 help - issue
Hi Friends,
i want to list a function module which - second character should be 'Z' .........HOW TO DO THAT ...
usually we will put : in se37 - IN THE FIELD VALUE COLUMN : %z*
but wild card % or ? is not accepting ....give me your help on this.
regards
raajthanks for your response.
if we use z* or *z.....
please not that only second character of my listing should be "z"
If you give *z - it will list out all values which ends with "Z" ....
HOW TO USE THE WILD CARD : % -
Hello All,
Is it possible to use a wild card (<b>*</b>) in the restriction of a characteristic in Bex?
Suppose I have the a characteristic DepartmentName, if I want to report the data of all the departments starting with letter 'F' <b>(F*)</b> .
So this should include departments like <b>F</b>ire, <b>F</b>leet, <b>F</b>inance.....
Please let me know if this is possible? else let me know if there any other way to achieve this...
Points are assured...
Thanks in advance....hi,
check out this thread.
BW BEx using a wildcard ("*")???
hope it helps,
regards,
Parth. -
How to pass wild card '%' value from the parameter to the query
Hello everyone,
I have following 2 problems
1) I was trying to do some thing like below
select * from emp
where ename like 'J%'
for this i have used the following code
select * from emp
where ename like :P_ENAME
and before running the query in the parameter box i entered J%. But my report returns an error which says INVALID PARAMETERS REQUESTED.
2) I have a req of passing both comma separated and wild card for the same parameter. If we take the same example as above,
user should be able to enter
a) JASON, SMITH, JOHN OR b) J%
I have used comma separated value option of the parameter for the csv values and its working fine, but i need to add the wild card feature also to the same parameter.
Can anyone please help me with these things?????
Thanks in advance!!
RaghuHi Raghu,
I guess you are in older version, You have to get into latest version to use %, it should work well
you should use where ( ename like :P_ENAME ) or ( ename in (:P_ENAME)) for both the condition to satisfy. -
Hi Experts,
Can any one suggest me whether WILD CARDS (eg : ' %' or ' ? ' ) will be used in Bex Explorer.
I have a requirement where my ' Material Short Text ' will be '<b> SULFATE,ZINC99.0011</b> ' Now user need a Keyin Field where in he can just Click on the Report and once the User entry window popup's, he be typing only 'SULFATE ' in the Short Text characteristic field and it should bring in all the records which has text description that starts with ' SULFATE XXXXXXX, xxxxxxx '(for eg: SULFATE,ZINC00.11 , SULFATE,1112.00,,,,,,,,,,,,. )
Can any one suggest me how to succeed in this scenario.
Thanks,
Samhi,
check out this thread.
BW BEx using a wildcard ("*")???
hope it helps,
regards,
Parth. -
How to put the wild card search in the url
I want to call a report use the url which inculd a page parameter 'LastName', to list all the person whoes LastName is begin with the certain character, like 'B'. So in the report sql query, i used
Select Last_name, email, institution from members where Last_name like :lastname;
and then i want to list all the 26 english character, let ueser click on it to retrieved the report.
But when i test the URL like PORTAL_schemal.member_report.show?p_arg_names=_show_header&p_arg_values=YES&p_arg_names=_max_rows&p_arg_values=6&p_arg_names=_portal_max_rows&p_arg_values=6&p_arg_names=lastname&p_arg_values=B%, it always returns "no row returned".
anyone can help?
thanks a lot!!Try this :-
PORTAL_schemal.member_report.show?p_arg_names=_show_header&p_arg_values=YES&p_arg_names=_max_rows&p_arg_values=6&p_arg_names=_portal_max_rows&p_arg_values=6&p_arg_names=lastname&p_arg_values=B%25
Since % is a special characeter, you need to specify it as %<2-digit-ASCIIcode-in-hexadecimal>
The ASCII code for % in hexa = 25
Thus, you need to specify %25
If you want to indicate the pattern %B% in the URL, it would be :-
%25B%25 -
How to use wild card character in input field
Hi
I'm creating model in which the Purchase Order information need to be entered in Input Field.
My requirement is search using wild char char as '*'
Let say in input field i gave PO order as 20* then it'll search for all the PO's which starts from 20.
Could you please share some documents/guidelines, for this issue
Thanks and Regards
PuneetHi,
You can use the wild card char in the input box.please try below steps.
1.Check whether the input string has ' * ' char using "CONTAINS(text,pattern)" operation.
2.If yes, Replace the ' * ' with space by "REPLACE(text,pattern,repstr)" operation.->consider this result as input2
3.Now , Have a Filter from ur webservice(which gives your Purchase Order information )
and filter it by the condition " BEGINS(WSField,input2)"
the Final expression in the filter will be "_=IF(CONTAINS(input,""),BEGINS(HelpWSField,REPLACE(input,"\","")),true)_"
Hope it helps.
Regards,
Priya
Edited by: priya on May 20, 2009 12:49 PM -
Wild card search in existsNode function
Hi,
How can i do a wild card search for the below data?
I have a table as follows:
ID VARCHAR2(32 BYTE),
MESSAGE_TYPE VARCHAR2(64 BYTE),
MESSAGE_CONTENT XMLTYPE,
REJECTED_REASON VARCHAR2(256 BYTE)
And Sample XML as:
<?xml version="1.0" encoding="US-ASCII"?>
<MessageEnvelope>
<Header>
<Partner>Renault</Partner>
<MessageType>Release</MessageType>
<PartnerMessageType>S74</PartnerMessageType>
<MessageTime>2001-12-17T09:30:47.0Z</MessageTime>
<LinkToRawMessage>String</LinkToRawMessage>
</Header>
<Body>
<Release>
<Addresses>
<DealerDestAddr>ABCD</DealerDestAddr>
<DestAddr>ABCD</DestAddr>
<NextDestAddr/>
<StartAddr/>
</Addresses>
<Assignment/>
<ClientStatus/>
<Dates/>
<HoldInfo>
<HoldCode>HoldTest</HoldCode>
</HoldInfo>
<Message/>
<Partner>
<OrderGiverCode>CMR00BCV</OrderGiverCode>
</Partner>
<ToDo/>
<Transport/>
<Vehicle>
<VIN>W0LGDM9A_Ran11115</VIN>
</Vehicle>
</Release>
</Body>
</MessageEnvelope>
I am executing the foll query:
select * from t_xml x where x.message_type='DBLVEH' and x.MESSAGE_CONTENT.existsNode('//*[*="Release"]')=1;
This gives me correct result.
But i need to search *Rel and it should give me the desired result. How can i accomplish that?
I tried the foll and it did not work:
select * from t_xml x where x.message_type='DBLVEH' and x.MESSAGE_CONTENT.existsNode('//*[contains(*,"Re")]')=1;
Regards,
Sprighteesprightee wrote:
Hi,
How can i do a wild card search for the below data?I am not sure how this can be achieved using existsNode function but does following work for you?
SELECT *
FROM t_xml
WHERE
XMLExists(
'declare namespace ora = "http://xmlns.oracle.com/xdb"; (: :)
$d//*
[ora:matches(text(), "Re*")]'
PASSING MESSAGE_CONTENT AS "d"); -
Exchange Server 2013 with 3rd party wild Card Certificate shows Invalid
Hi Team,
I've Exchange Server 2013 SP1. Imported a valid 3rd party wild Card Certificate but the status is continuously showing "Invalid" on all my 2013 servers. Any help?
Thank you.
Muhammad Nadeem Ahmed Sr System Support Engineer Premier Systems (Pvt) Ltd T. +9221-2429051 Ext-226 F. +9221-2428777 M. +92300-8262627 Web. www.premier.com.pkHello,
Can you enable it on the Exchange Services like, IIS, SMTP without any issues?
If the certificate is for OWA, is there any certificate issue when you accessing OWA?
Run the following command to get the Exchange Certificate information and post them for researching:
Get-ExchangeCertificate |FL
Thanks,
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
[email protected]
Simon Wu
TechNet Community Support -
Is there a way to use a wild card cert in the CSS SSL Proxy list ?
Looks like you can request a cert such as ABC*.xyz.com from Verisighn.
Can you use that in a CSS for URLS like
ABC1.xyz.com
ABC2.xyz.com
ABC3.xyz.com
and only use one VIP ?
Thanks
Stevethe domain will be used to get a destination ip address.
So, the CSS does not really control the domain<->ip resolution.
If you can configure your DNS server to point all domains to 1 ip, then you only need 1 vip on the CSS.
However, if you have 1 ip for each domain, you will need the 1 vip per domain on the CSS.
I know working with a single vip sounds easier, but this could be a big limitation for you in the future.
If your number of domain increases or if the traffic load increases, the CSS performance could slow down as it will require to inspect all data to identify the domain name.
Playing with more vip will allow you to identify the domain with just the ip and increase performance.
Regards,
Gilles.
Thanks for rating this answer. -
Assign queries to authorization role via PFCG maintenace
Hi,
I would like to assign several queries to existing authorization roles.
Therefore I am using the transaction PFCG > maintain the menu > add "other" SAP BW Query URL and fill in the name as well as object description.
However, the new query will not be shown in the BEx Analyzer in the role folder.
What do I have to administrate that the query will be shown in the role menu (BEx Analyzer)?
Thanks!Dear Arvind,
thanks for your reply.
As an authorization administrator for SAP BI I do have the authorization for S_USER_AGR already.
I am just testing in our development system.
However, the query will not appear in the BEx Analyzer while selecting "Open Query" and search in "Roles".
As far as I know queries could provided to authorization roles via BEx Analyzer.
But does no possibility exists to maintain the authorization role via PFCG?
Regards, Christian -
How to upload authorization role & profile to PFCG
I have downlaod the authorization role & profile from PFCG at client 100.
How to upload the authorization role & profile to SAP client 200?check with ur basis guys once
generally it will be dont by them check with them once -
Hi All,
We are moving our applicaiton from Oracle Forms to Apex. I am basically a forms developer and I didnt understand the authorization/roles in Apex.
For eg in our database we have 2 roles app_lookup ( privs - insert,update, delete, select) and app_guest( privs select) . And we use the database authentication for forms. If we have 2 end users Super with role app_lookup and operator with role app_guest, and if I want to implement the database role, how can it be done in Apex.
End user Super ( with all privs) need to update/delete/insert/select in apex
End user Operator( with only priv select) need to select particular table/pages in apex.
Could someone throw lights on how this can be done in Apex.
thank you
rajesh"user596620",
You can go to your control panel and give us your real name, or at least something easier than "user596620".
Why do I think Database Authentication is a dying trend?
- LDAP directories were designed from the ground-up to store information like Authentication and Authorization data.
- Almost every technology out there can use LDAP as an Authentication source.
- There are only a few technologies that can use the DB for an authentication source. What if your users don't want to have a separate username / password for their APEX apps than their email account? You're out of luck.
- Databases were never designed as user repositories. It's a square peg in a round hole.
- Mixing data schemas and user accounts in a database is mess to maintain. It's often difficult to tell them apart. Which ones contain sensitive data, which ones are just users?
- There are only a few attributes that you can store in a database "user". If you want to store phone, email, certificate, etc, you have to create your tables for it.
- If end users have accounts in a database, it's that much easier for them to connect with third-party tools and start poking around.
- There is no concept of delegated administration with a database. How do you give someone the ability to manage all users in a particular group?
- Managing roles and privs for thousands of database user accounts is a nightmare. It's much easier in a web environment to assign select / execute privs to the account used by the web application, vs all of the users accessing the application.
- Onboarding / off-boarding / auditing accounts scattered throughout a bunch of databases is impossible vs creating / deleting / auditing all accounts and groups (roles) in a single LDAP directory.
I'm probably missing a lot of points here, so I may ask someone one the Identity Management side of things to chime-in.
Tyler -
Remote ssh commands with wild cards
I am trying to send a remote command via ssh - need to get a file listing in a directory using a wild card. However, the ssh command will not return results using a wild card:
ssh [email protected] sudo ls -l /var/audit-files/201110* (directory requires root permission)
/var/audit-files/201110*: No such file or directory
I've tried quoting the command, the directory, the file names, etc - same results. It will only work with a specific name that exists, but not with a wild card. Is there a way to make this work?This is a rather complex situation. The problem is that you need to quote the '*' character; however, quoting it once may not be enough. Every time the command goes through a shell you'll strip out a set of quotes. It isn't clear to me how many times this will go through the shell but I'm guessing you'll have to at least double quote it.
ssh [email protected] sudo ls -l "/var/audit-files/201110\*"
I won't guarantee that this will work but it might. I don't know what the permissions are on /var/audit_files. If you need root to read that you may need to triple quote it. I've never had much luck getting the quotes right in complicated situations like this. -
QUERY ERROR WITH WILD CARD ON FORM WHEN NO DATA WWC-49102
Portal 30985 ; database 9014 on sun solaris
Same server : two databases 9014 : db1 with portal and db2(used here as remote database);
Step1 ; Create public database link; db_link on db1 through Portal interface;
Step2 ; create public synonym emp_syn for table emp@db_link through Portal interface;
Step3 :create form based on emp_syn;
the form is generated OK and also is behaving OK when Insert,Update,Delete from
underlying table ;but when I am quering for 758% into the empno field I've got the same error:
Error: An unexpected error occurred: ORA-00000: normal, successful completion (WWV-16016)
No conversion performed for type NUMBER, value 758%. (WWC-49102) INSTEAD OF RETURNING EMPTY FORM(NO ROWS)
I have tryed to query on other fields ;
querying on a numeric field will give the above message;
querying on a varchar or date field with or without wild card will raise the following error:Error: An unexpected error occurred: ORA-00000: normal, successful completion (WWV-16016)
An unexpected error occurred: ORA-00000: normal,successful completion (WWV-16016).
LawrenceHi Mike,
You can actually just check for the existence of the cell:
var l_Cell = $x(pId);
if (l_Cell)
rest of the code to hide the column
}As long as l_Cell refers to a valid page item, then the if test passes and the rest of your code can run.
Andy
Maybe you are looking for
-
Hi I've just bought a Nokia 6230i (which is listed as a suppoeted phone on Apple's Isync pages). But although I can communicate with the phone over Bluetooth the option to synchronise with Isync is not available. Anybody know what's going on? I don't
-
Hi, Can someone help with this,Where should I locate XML configuration file in the WD project structure. second how can I refer to this file via WD runtime? Thanks Best Regards Yasir NOman
-
AMD Radeon HD 6990 vs Mercury Playback Engine
I just installed an AMD Radeon HD 6990. I am using Adobe Premiere Pro CS5.5 My Mercury Playback Engine "GPU" choice does not show up in Premiere. I tried the hack. Nothing. I see my card is not listed in the http://www.adobe.com/products/premiere/tec
-
Expression errors not displaying
When I write an After Effects expression that doesn't work for some reason, a dialogue box is suppoed to appear telling me what the error is. Since upgrading to 5.5, that dialogue is gone -- my expression just gets a yellow warning sign beside it wit
-
Hello, last night i was trying to record a video using the rear camera of my iPhone 4S, the phone started to get very hot after minute 5 and then i started to notice yellow spot on the right corner of the screen. I got scared and stoped the video bef