Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Reg SAPJSF User role issue

Former Member

‎03-31-2010 8:59 AM

0 Kudos

Dear Experts,

I'm trying to disable password based log on for certain users in Portal and Portal uses the ABAP Stack as the repository (IT is a dual stack system).

But when i log in as j2ee_Admin user and try to do this in the "Identity Management" section, i get the following error message

"An error occurred in the persistence. The original message (possibly not translated) was: "Cannot update user UACC.R3_DATASOURCE.USER3 in ABAP backend system. Reason: The UME/ABAP adapter has recognized that the communication user is only assigned to the read-only role SAP_BC_JSF_COMMUNICATION_RO (or no role at all) in the backend system. Therefore UME was set to read-only mode for users from the backend system. See SAP Note 908911 for further information.". Contact your system administrator"

I have checked the SAPJSF Roles too and i see the following there under "Assigned groups"

Everyone

SAP_BC_JSF_COMMUNICATION_RO

SAP_BC_JSF_COMMUNICATION

Authenticated Users

Please let me know the way to overcome this problem.

Regards,

Karthik

5 REPLIES 5

p330068
Active Contributor

‎03-31-2010 9:10 AM

0 Kudos

Hi Karthikeyan

When you login with j2ee_Admin user in "Identity Management" section, when you are getting error message.

I think SAPJSF user should have two roles: SAP_BC_JSF_COMMUNICATION and SAP_BC_USR_CUA_CLIENT_RFC

Thanks & Regards

Arun Jaiswal

Former Member
In response to p330068

‎03-31-2010 10:27 AM

0 Kudos

Dear Arun,

I did this, but i still see the same error message.

Regards,

Karthik

Former Member
In response to p330068

‎03-31-2010 12:00 PM

0 Kudos

Hi Karthikeyan,

Can you check if these SAP roles are generated or not? Also check out the help.sap link and check if you have missed out any step while creating SAPJSF user:

http://help.sap.com/saphelp_nw04/helpdata/en/d6/225f3ce4dd3370e10000000a114084/frameset.htm

former_member257889
Explorer

‎04-05-2010 6:31 PM

0 Kudos

Hello Karthik

According the SAP note 905188 - "Password change for ABAP users fails"

"If the communication user (default name: SAPJSF) has the 'read-only'

role (SAP_BC_JSF_COMMUNICATION_RO) in the ABAP system, users are no

longer able to change their own password.

This error is corrected with the following Support Packages:

o NetWeaver 2004: Support Package 16

o NetWeaver 2004s : Support Package 07

Until the corrections are available, the following workaround is

possible: Assign the additional role SAP_J2EE_GUEST to the communication

user in the ABAP system and restart the J2EE Engine.

This does not affect the authorizations of the communication user in the

ABAP system."

Please try to apply the note quoted above. I hope to help you!

Álvaro Ferreira Raminelli

Former Member

‎04-05-2010 8:58 PM

0 Kudos

A double-stack system is not recommended, let alone portal component Java Stack and ABAP user store.

Anyway, if you are disabling the password then you can do this in the ABAP logical system, either via RSUSR200 or via the "idle" parameters for password login or via the "password for SSO" mechanism.

See transaction RZ11 for login/* parameters.

Cheers,

Julius