cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Anonymous user want access to an iview of the portal

Go to solution
Former Member

on ‎04-16-2008 3:16 PM

0 Kudos

Hello,

I have a problem with the security in portal. The fact is I want an anonymous user access to an iView. For that I do it :

- I created an iView with visual composer which call an alias of a java web service declared in system administration,

- I add an anonymous user group in the permission properties (End user is checked) of the iView

- I add an anonymous user group in the permission properties (End user is checked) of web service alias

When i execute iView with a direct URL, I can see the iView but I can execute an action which call an web service alias. When I look at defaultTrace.trc in Log Viewer (Visual Administrator), I have this message :

com.sapportals.portal.prt.runtime.PortalRuntimeException: Access is denied: com.sap.visualcomposer.vcbroker - user: Guest,

This iView works fine with an logged user. Could you tell me if I forget something when I give permission to an anonymous user ?

Sorry for my english _

Best regards

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎05-05-2008 7:19 AM
0 Kudos

Hello all,

Thank you for your responses.

@Mr.Chowdary : Yes, I use Web services and I declared a system and an alias for it. All my web services don't use authentication and they are worked from iviews created with Visual Composer and from Web service navigator. In the properties of the "Anonymous Users" Group and in "User Mapping for System Access" tab, I have this message "There are no systems available for user mapping for the selected principal".

Best regards

Francois

Show replies
Show replies
Former Member
‎05-06-2008 6:19 AM
0 Kudos

Francois,

See sap Note # 985983

Symptom

An anonymous portal user is trying to run a Visual Composer Flash iView but discovers that this activity is not possible.

Reason and Prerequisites

The action of running a Visual Composer Flash iView activates a direct Portal component; when run by an anonymous user it exposes the backend systems to non secure activities.

Solution

No workaround is available as the workaround will expose the security described issue.

Mr.Chowdary

Former Member
‎05-06-2008 6:47 AM
0 Kudos

Thank you Mr Chowdary

Do you think if I create my iView with Web Dynpro, I'll have same security problem with an anonymous user like an iview created with Visual Composer ?

Best regards

Francois

Former Member
‎05-06-2008 10:18 AM
0 Kudos

I answered myself, I think it is possible to create an iView Web Dynpro to call a web service which isn't declared as a system alias in the portal.

Answers (2)

Answers (2)

Former Member
‎05-05-2008 6:02 AM
0 Kudos

Francios,

U r using a Web service, so u have created a system and alias object for it.

If there is any athentication fot u r web service just go to the user management and go to the anonymous user group in user mapping map the user to the web service.

Hope this may be u r solution.

Mr.Chowdary.

Show replies
Show replies
Former Member
‎04-16-2008 3:43 PM
0 Kudos

HI,

please set the logon method = none for the web service system alais.

and amke sure that the web service u r calling can be excuted with out any authentication .

Regards

Srinivas

Show replies
Show replies
Former Member
‎04-16-2008 4:03 PM
0 Kudos

Hi

Thank you for your response. All my web service alias have Logon method = None and I can execute these web services (not alias) with Web Service Navigator or Soap UI without logged on.

Regards

Former Member
‎05-04-2008 5:47 PM
0 Kudos

Hi,

sorry, this is no solution - but I can confirm the problem with anonymous service access. Maybe It is helping a little bit enclosing the problem.

It occurs regardless of authentication mode of the accessed service from iView. It happens with all system objects (web services and other PCD Systems). This problem is regardless of the Web Service or system authentication method. For auth services we tried user mapping - but doesn't work like with non-auth. services.

I can confirm that there are no problems running the same config with an authenticated portal user.

Technicaly the anonymous user is a authenticated user too, (J2EE_GUEST). He is logged in automatically during portal access with the browser. It seems there is a restriction in handling the anonymous group.

There is a other 4 week old thread on SDN, relating to the same problem (unsolved)

I keep looking for a solution.

Regards

Michael

Ask a Question