02-25-2010 6:30 AM
Hi,
How do you prevent unauthorised users from accessing iviews through a direct URL? e.g. From the BeX Web Template on testing a query a URL is known, this URL can then be used by user who have no rights to view/ execute this report (after portal logon).
Can security zones be defined for the BeX iviews? If yes, how? Does setting the parameter Dcom.sap.nw.sz=true solve the problem?
Appreciate your input.
Many thanks,
Dharmi
03-01-2010 6:31 AM
03-01-2010 1:16 PM
Portal Catalog, open the iView editor and set the property 'Authentication Scheme' to required value.
I assume you have idea of portal role creation, assignment of Users groups with required permission.
Go to permission editor: 'System Administration' -> 'Permissions' -> 'Portal Permissions'.
folder: 'Security Zones' -> 'sap.com' -> 'NetWeaver.Portal' -> 'high_safety'
Cheers,
Bharath.
03-03-2010 12:25 PM
Hi Bharath,
Thank you for the input.
Can you please be more specific as to which BW component ?
I navigated to
Go to permission editor: 'System Administration' -> 'Permissions' -> 'Portal Permissions'.
folder: 'Security Zones' -> 'sap.com' -> 'NetWeaver.Portal' -> 'high_safety'
There the rights are ok.
Best regards,
Dharmi
03-05-2010 6:55 AM
Hi,
Setting the parameter -Dcom.sap.nw.sz=true does not help! Is this a kind of bug?
Regards,
Dharmi
03-05-2010 7:14 AM
Hi,
This is the [problem|/message/8814902#8814902 [original link is broken]] we are experiencing, can somebody help in solving this issue from the portal side.
As, already mentioned in the earlier post , setting the parameter didn't help. The security zone for the BWReport is on Low_Safety, can that be changed to High_Saftey? How?
Thank you in advance.
Best regards,
Dharmi
03-06-2010 9:20 PM
I guess you are going to have to give the users correct authority on the backend system...
What you could try to do it log the gateway in transaction SMGW and trap the program ID's. But I think that will mean a lot of hassle and maintenance and you will quickly have a headache trying to get it right at that level for many users.
Cheers,
Julius
03-07-2010 9:48 AM
Thank you Julius. Do you have any idea how the problem could be solved from the portal side?
Regards,
Dharmi
06-09-2010 8:12 AM
How Tou2026Configure Permissions for initial content in SAP NetWeaver Portal - helps in solving this issue.
06-16-2010 5:42 AM
Hi
Try to have a look table HTTP_WHITELIST.
Perhaps this can resolve your issue