cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

IDM UI: access denied

joachimvanpraet
Active Participant

on ‎06-22-2010 10:11 AM

0 Kudos

Hi,

<br \>

I transported my configuration to a production environment and my IDM Webdynpro's are showing access denied.

This is the error in the defaulttracefile:

<br \><br \>

Full Message Text

<br \><br \>

Exception getting tab visibility

[EXCEPTION]

com.sap.idm.jmx.exceptions.IdmException: Access denied

at com.sap.idm.jmx.ic.EntryUtil.getTabVisibility(EntryUtil.java:1746)

at com.sap.idm.jmx.impl.SAP_ITSAM_IDM_Service_Impl_Impl.retrieveTabs(SAP_ITSAM_IDM_Service_Impl_Impl.java:1369)

at com.sap.idm.jmx.SAP_ITSAM_IDM_ServiceWrapper.invoke(SAP_ITSAM_IDM_ServiceWrapper.java:450)

at com.sap.pj.jmx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:944)

at com.sap.pj.jmx.server.interceptor.MBeanServerWrapperInterceptor.invoke(MBeanServerWrapperInterceptor.java:288)

at com.sap.engine.services.jmx.CompletionInterceptor.invoke(CompletionInterceptor.java:409)

at com.sap.pj.jmx.server.interceptor.BasicMBeanServerInterceptor.invoke(BasicMBeanServerInterceptor.java:277)

at com.sap.jmx.provider.ProviderInterceptor.invoke(ProviderInterceptor.java:258)

at com.sap.engine.services.jmx.RedirectInterceptor.invoke(RedirectInterceptor.java:340)

at com.sap.pj.jmx.server.interceptor.MBeanServerInterceptorChain.invoke(MBeanServerInterceptorChain.java:330)

at com.sap.engine.services.jmx.MBeanServerSecurityWrapper.invoke(MBeanServerSecurityWrapper.java:287)

at com.sap.engine.services.jmx.ClusterInterceptor.invoke(ClusterInterceptor.java:776)

at com.sap.pj.jmx.server.interceptor.MBeanServerInterceptorChain.invoke(MBeanServerInterceptorChain.java:330)

at com.sap.idm.wd.jmx.SAP_ITSAM_IDM_Service$Impl.retrieveTabs(SAP_ITSAM_IDM_Service.java:434)

at com.sap.idm.wd.modelwrapper.ModelWrapperInterface.getTabVisibility(ModelWrapperInterface.java:478)

at com.sap.idm.wd.modelwrapper.wdp.InternalModelWrapperInterface.getTabVisibility(InternalModelWrapperInterface.java:184)

at com.sap.idm.wd.modelwrapper.wdp.InternalModelWrapperInterface$External.getTabVisibility(InternalModelWrapperInterface.java:351)

at com.sap.idm.wd.wf.toptab.TopTab.InitializeContext(TopTab.java:372)

at com.sap.idm.wd.wf.toptab.wdp.InternalTopTab.InitializeContext(InternalTopTab.java:216)

at com.sap.idm.wd.wf.toptab.TopTabView.wdDoInit(TopTabView.java:101)

at com.sap.idm.wd.wf.toptab.wdp.InternalTopTabView.wdDoInit(InternalTopTabView.java:186)

at com.sap.tc.webdynpro.progmodel.generation.DelegatingView.doInit(DelegatingView.java:61)

at com.sap.tc.webdynpro.progmodel.controller.Controller.initController(Controller.java:215)

at com.sap.tc.webdynpro.progmodel.view.View.initController(View.java:445)

at com.sap.tc.webdynpro.progmodel.controller.Controller.init(Controller.java:200)

at com.sap.tc.webdynpro.progmodel.view.ViewManager.getView(ViewManager.java:709)

at com.sap.tc.webdynpro.progmodel.view.ViewManager.bindRoot(ViewManager.java:579)

at com.sap.tc.webdynpro.progmodel.view.ViewManager.init(ViewManager.java:155)

at com.sap.tc.webdynpro.clientserver.window.WebDynproWindow.doOpen(WebDynproWindow.java:295)

at com.sap.tc.webdynpro.clientserver.window.ApplicationWindow.show(ApplicationWindow.java:182)

at com.sap.tc.webdynpro.clientserver.window.ApplicationWindow.open(ApplicationWindow.java:177)

at com.sap.tc.webdynpro.clientserver.cal.ClientApplication.init(ClientApplication.java:364)

at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.initApplication(ApplicationSession.java:754)

at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:289)

at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessingStandalone(ClientSession.java:713)

at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:666)

at com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:250)

at com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:149)

at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doContent(DispatcherServlet.java:62)

at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doGet(DispatcherServlet.java:46)

at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)

at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)

at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)

at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)

at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)

at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)

at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)

at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)

at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)

at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)

at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)

at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)

at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)

at java.security.AccessController.doPrivileged(AccessController.java:219)

at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)

at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)

<br \><br \>

I checked the configuration again and again:<br \>

1. We are using a user that is created in the UME. This user is known in the IDM ID store and is member of the privileges:<br \>

- MX_PRIV:WD:TAB_HISTORY<br \>

- MX_PRIV:WD:TAB_MANAGE<br \>

- MX_PRIV:WD:TAB_REPORT<br \>

- MX_PRIV:WD:TAB_TODO<br \>

2.Visual admin<br \>

- The ID of the used ID store is 3.<br \>

- The DB connection is working<br \>

3. Version info of the webdynpro is exactly the same as the development environment.<br \>

4. We allready did an undeploy, restart, deploy & restart ...<br \>

<br \><br \>

What are we missing?<br \>

<br \><br \>

kr,<br \>

Joachim

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎07-02-2010 8:04 AM
0 Kudos

Hello,

I have the same error. But my problem is the jdbc driver.

I process as follow:

Delete the DataSource.

Replace sqljdbc.jar (0 bytes) in

D:\usr\sap\SID\JC00\j2ee\cluster\server0\bin\ext\SQL2005

Restart SAP !!!

Recreate the DataSource

Then it's works fine.

Best regards.

TH

Show replies
Show replies
Former Member
‎06-22-2010 12:38 PM
0 Kudos

Hi

Did you set the number of the IDStore in the Visual Admin?

Do you use AS Java 7.1, or what version do you use?

Show replies
Show replies
joachimvanpraet
Active Participant
‎06-22-2010 12:59 PM
0 Kudos

Hi,

All configuration seems correct.

IDStore is set.

When I try with a user who's not in the IDStore, I can see an other error message in the logfile:

No user found with username=USERNAME.

When I start the Searchentry-webdynpro (tcidmwdworkflow/SearchEntry and not tcidmwdworkflow/idm) , I can execute all tasks with the valid user.

Version is 7.0 (same version as on development server and there it's working)

kr,

Joachim

joachimvanpraet
Active Participant
‎06-25-2010 10:22 AM
0 Kudos

Our system admin forgot to assign the role actions to the IDM roles.

Problem solved

Ask a Question