cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ACCESS.ERROR: Authorization check

Go to solution
Former Member

on ‎08-31-2009 9:55 AM

0 Kudos

Hello,

When I tried to execute a query on BEx Web Application Designer, I received the next error:

ACCESS.ERROR: Authorization check for caller assignment to J2EE resource [keystore-view.TicketKeystore : view-actions : GET_VIEW : ALL ].

ACCESS.ERROR: Authorization check for caller assignment to J2EE resource [keystore-view.TicketKeystore : view-actions : GET_VIEW : ALL ].

[EXCEPTION]

java.lang.Exception

Anybody knows what I have to do to solve the problem?

Thanks to all.

Regards,

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

former_member265210
Active Participant
‎09-08-2009 12:07 PM
0 Kudos

HI

Error: ACCESS.ERROR: Authorization check for caller assignment to J2EE resource [keystore-view.TicketKeystore : view-actions : IS_VIEW_EXISTS : ALL ]

check the Note [791649 |https://websmp230.sap-ag.de/sap(bD1lbiZjPTAwMQ==)/bc/bsp/spn/sapnotes/index2.htm?numm=791649]- User unable to logon by ticket

Solution : Remove the corrupted keystore view and restart the engine

For this use VisualAdmin tool -> server X -> service -> Key Storage GUI node. Select TicketKeystore view and press "Delete View" button. To prevent the loss of the already imported certificates they can be saved in temporary keystore view and loaded back after the restart:

Regards

Shridhar Gowda

Show replies
Show replies
Former Member
‎09-09-2009 11:14 AM
0 Kudos

Hello,

Thanks for responses.

- I have created the TicketKeystore view again.

- I have followed the SLD PostInstallation document steps.

- J2EE is updated to SP18.

But the errors doesn't disappear.

When I execute a query at Web Application designer, it open a web browser and I have to enter the user and password (for example J2EE_ADMIN). is it normal? I think that it should connect and show the result without ask for user/pass...

Then, when I enter the user/pass, the web browser keeps on charging.

If I see the log, it shows me those errors.

Please, anybody knows how could I solved the problem?

Regards,

former_member197348
Active Contributor
‎09-10-2009 4:17 AM
0 Kudos

Hi Carmelo Perez,

As for as I know, this problem is due to authorization in BI system for Portal user.

Try this if you have not done already.

Open the properties of the iView, go to permissions -> assign permissions to everyone (EU role). And you need authorization from BI system as well. Better to configure SSO for BI and Portal.

Check this link for [SSO |http://help.sap.com/saphelp_nw04s/helpdata/en/d0/a3d940c2653126e10000000a1550b0/frameset.htm]configuration.

Regards,

Siva

Former Member
‎09-10-2009 11:49 AM
0 Kudos

Hi Siva,

What permissions should have the role 'Everyone'? In the Portal useradmin --> Identity Management, the role 'Everyone' doesn't have any 'Assigned Actions'.

Also, I should mention that I have used 'Support Desk Tool' to check the system and the status is green, so I think the configuration is ok. However, with 'DiagTool' I received this messages:

- Warning J2EE_GUEST SAPEngine_Application_Thread[impl:3]_31 ~urity.authentication.loginmodule.ticket no authscheme found that has auth template evaluate_assertion_ticket

- Error J2EE_GUEST SAPEngine_Application_Thread[impl:3]_4 ~engine.services.security.resource.audit ACCESS.ERROR: Authorization check for caller assignment to J2EE resource [keystore-view.TicketKeystore : view-actions : GET_VIEW : ALL ].

- Error J2EE_GUEST SAPEngine_Application_Thread[impl:3]_4 ~engine.services.security.resource.audit ACCESS.ERROR: Authorization check for caller assignment to J2EE resource [keystore-view.TicketKeystore : view-actions : IS_VIEW_EXISTS : ALL ].

- Error J2EE_GUEST SAPEngine_Application_Thread[impl:3]_4 ~engine.services.security.resource.audit ACCESS.ERROR: Authorization check for caller assignment to J2EE resource [keystore-view.TicketKeystore : view-actions : VIEW_ALIASES : ALL ].

- Error J2EE_GUEST SAPEngine_Application_Thread[impl:3]_4 ~engine.services.security.resource.audit ACCESS.ERROR: Authorization check for caller assignment to J2EE resource [keystore-view.TicketKeystore : entry-actions : LIST_ENTRY : ALL ].

I don't know what more I can do...

Best regards,

Former Member
‎09-16-2009 11:57 AM
0 Kudos

Hi,

please perform the following steps to resolve the TicketKeystore issue:

  • Start the visual admin and navigate to "..Server -> Services -> Key Storage"

  • Click on the "Views" tab -> delete the entry "TicketKeystore" -> restart the J2EE engine

If the logon still does not work correctly please check

  • in visual admin under "..Server -> Services -> Security Provider";

  • go in the frame "Components" to keystore-view.TicketKeystore and click on the tab "Security roles"

  • check if for the security role "view-creator" the group everyone is assigned

  • if not please assign it and restart the J2EE again!

Regards,

Holger.

Former Member
‎09-16-2009 12:35 PM
0 Kudos

Thank you very much Holger!

The second step ( - check if for the security role "view-creator" the group everyone is assigned if not please assign it and restart the J2EE again! ) solved my problem.

Answers (2)

Answers (2)

former_member192434
Active Contributor
‎09-08-2009 11:04 AM
0 Kudos

probably you need to apply patch level for SAP-JEE 13.1

Show replies
Show replies
former_member185086
Active Contributor
‎09-08-2009 10:49 AM
0 Kudos

Hi

Have a look on following doc

1[ACCESS.ERROR: Authorization check|;

2. [Authorization check |;

Best Regards

Satish Kumar

Show replies
Show replies
Ask a Question