on 04-16-2008 3:16 PM
Hello,
I have a problem with the security in portal. The fact is I want an anonymous user access to an iView. For that I do it :
- I created an iView with visual composer which call an alias of a java web service declared in system administration,
- I add an anonymous user group in the permission properties (End user is checked) of the iView
- I add an anonymous user group in the permission properties (End user is checked) of web service alias
When i execute iView with a direct URL, I can see the iView but I can execute an action which call an web service alias. When I look at defaultTrace.trc in Log Viewer (Visual Administrator), I have this message :
com.sapportals.portal.prt.runtime.PortalRuntimeException: Access is denied: com.sap.visualcomposer.vcbroker - user: Guest,
This iView works fine with an logged user. Could you tell me if I forget something when I give permission to an anonymous user ?
Sorry for my english _
Best regards
Hello all,
Thank you for your responses.
@Mr.Chowdary : Yes, I use Web services and I declared a system and an alias for it. All my web services don't use authentication and they are worked from iviews created with Visual Composer and from Web service navigator. In the properties of the "Anonymous Users" Group and in "User Mapping for System Access" tab, I have this message "There are no systems available for user mapping for the selected principal".
Best regards
Francois
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Francois,
See sap Note # 985983
Symptom
An anonymous portal user is trying to run a Visual Composer Flash iView but discovers that this activity is not possible.
Reason and Prerequisites
The action of running a Visual Composer Flash iView activates a direct Portal component; when run by an anonymous user it exposes the backend systems to non secure activities.
Solution
No workaround is available as the workaround will expose the security described issue.
Mr.Chowdary
Francios,
U r using a Web service, so u have created a system and alias object for it.
If there is any athentication fot u r web service just go to the user management and go to the anonymous user group in user mapping map the user to the web service.
Hope this may be u r solution.
Mr.Chowdary.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
HI,
please set the logon method = none for the web service system alais.
and amke sure that the web service u r calling can be excuted with out any authentication .
Regards
Srinivas
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
sorry, this is no solution - but I can confirm the problem with anonymous service access. Maybe It is helping a little bit enclosing the problem.
It occurs regardless of authentication mode of the accessed service from iView. It happens with all system objects (web services and other PCD Systems). This problem is regardless of the Web Service or system authentication method. For auth services we tried user mapping - but doesn't work like with non-auth. services.
I can confirm that there are no problems running the same config with an authenticated portal user.
Technicaly the anonymous user is a authenticated user too, (J2EE_GUEST). He is logged in automatically during portal access with the browser. It seems there is a restriction in handling the anonymous group.
There is a other 4 week old thread on SDN, relating to the same problem (unsolved)
I keep looking for a solution.
Regards
Michael
User | Count |
---|---|
86 | |
10 | |
10 | |
9 | |
7 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.