Skip to Content
avatar image
Former Member

User Guest not authorized to access Configuration Manager.

I have Message Driven Bean which call from ABAP via RFC and JRA. After the update, i get error: User Guest not authorized to access Configuration Manager.
In new version of NW as Java 7.4 added new permission to Configuration Manger. But i want to know how change authentification to specific user?

Add comment
10|10000 characters needed characters exceeded

  • Former Member

    Answer found: You need add in ejb-jar.xml

    <security-identity>
    <run-as>
    <role-name>YourUmeActionName</role-name>
    </run-as> </security-identity>

    and

    <security-role>
      <role-name>YourUmeActionName</role-name>
    </security-role>

    Your UmeActionName may be any. And you must add in ejb-j2ee-engine.xml

    <security-permission>
      <security-role-map>
        <role-name>YourUmeActionName</role-name>
        <server-role-name>ServerUMERole</server-role-name>
      </security-role-map>
    </security-permission>

    If ServerUmeRole is absent, it generate when you deploy your project. With that generate UME user who named like RUNAS_*****.

    For using custom user you must create him before the deploy and assined to him role with the same name as ServerUmeRole. For access to ConfigurationManger you must add to ServerUmeRole action ACCESS_CFGMANAGER_ACTION.

    After that your MDB will be run as current user.

  • Get RSS Feed

1 Answer

  • avatar image
    Former Member
    May 10, 2017 at 09:54 AM

    Answer found: You need add in ejb-jar.xml

    <security-identity>
    <run-as>
    <role-name>YourUmeActionName</role-name>
    </run-as> </security-identity>

    and

    <security-role>
      <role-name>YourUmeActionName</role-name>
    </security-role>

    Your UmeActionName may be any. And you must add in ejb-j2ee-engine.xml

    <security-permission>
      <security-role-map>
        <role-name>YourUmeActionName</role-name>
        <server-role-name>ServerUMERole</server-role-name>
      </security-role-map>
    </security-permission>

    If ServerUmeRole is absent, it generate when you deploy your project. With that generate UME user who named like RUNAS_*****.

    For using custom user you must create him before the deploy and assined to him role with the same name as ServerUmeRole. For access to ConfigurationManger you must add to ServerUmeRole action ACCESS_CFGMANAGER_ACTION.

    After that your MDB will be run as current user.

    Add comment
    10|10000 characters needed characters exceeded