Hi all,
Im trying to build a User how "only" has access to the PAR-Uploader in the Portal (System Administration --> Support --> Support Desk --> ("Portal Anywhere" Admin Tools" -->) Administration Console.
My idea for a solution was to create a role with a delta-linked iView to the source iView (Portal Content --> Content provided by SAP --> Admin Interfaces --> Admin iView Templates --> Support Desk). After asigning the new role to my new User and logging in to the Portal, i can see the "overview" mask (System Administration --> Support --> Support Desk), but by calling the "Portal Runtime" (to upload the PAR) I will get an Execption.
In the NWA I found two:
Exception ID:07:46_20/03/09_0033_4057750 [EXCEPTION] com.sapportals.portal.prt.runtime.PortalRuntimeException: Access is denied: com.sap.portal.support.desk.default - user: Deployment, Tester at com.sapportals.portal.prt.deployment.DeploymentManager.checkPermissions(DeploymentManager.java:2005) at com.sapportals.portal.prt.core.broker.PortalComponentContextItem.refresh(PortalComponentContextItem.java:251) at com.sapportals.portal.prt.core.broker.PortalComponentContextItem.getContext(PortalComponentContextItem.java:316) at com.sapportals.portal.prt.component.PortalComponentRequest.getComponentContext(PortalComponentRequest.java:387) at com.sapportals.portal.prt.connection.PortalRequest.getRootContext(PortalRequest.java:488) at com.sapportals.portal.prt.core.PortalRequestManager.runRequestCycle(PortalRequestManager.java:607) at com.sapportals.portal.prt.connection.ServletConnection.handleRequest(ServletConnection.java:240) at com.sapportals.portal.prt.dispatcher.Dispatcher$doService.run(Dispatcher.java:524) at java.security.AccessController.doPrivileged(Native Method) at com.sapportals.portal.prt.dispatcher.Dispatcher.service(Dispatcher.java:407) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at com.sap.engine.services.servlets_jsp.server.servlet.InvokerServlet.service(InvokerServlet.java:156) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401) at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266) at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386) at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364) at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039) at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265) at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95) at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175) at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33) at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41) at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37) at java.security.AccessController.doPrivileged(Native Method) at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102) at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172) Caused by: com.sapportals.portal.pcd.gl.PermissionControlException: Access denied (Object(s): com.sap.portal.system/security/sap.com/NetWeaver.Portal/high_safety/com.sap.portal.support.desk/components/default) at com.sapportals.portal.pcd.gl.PcdFilterContext.filterLookup(PcdFilterContext.java:422) at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1248) at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254) at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254) at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254) at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254) at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254) at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254) at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254) at com.sapportals.portal.pcd.gl.PcdProxyContext.proxyLookupLink(PcdProxyContext.java:1353) at com.sapportals.portal.pcd.gl.PcdProxyContext.proxyLookup(PcdProxyContext.java:1300) at com.sapportals.portal.pcd.gl.PcdProxyContext.lookup(PcdProxyContext.java:1067) at com.sapportals.portal.pcd.gl.PcdGlContext.lookup(PcdGlContext.java:68) at com.sapportals.portal.pcd.gl.PcdURLContext.lookup(PcdURLContext.java:238) at javax.naming.InitialContext.lookup(InitialContext.java:347) at com.sapportals.portal.prt.deployment.DeploymentManager.checkPermissions(DeploymentManager.java:2000) ... 26 more
and
07:46_20/03/09_0033_4057750 [EXCEPTION] com.sapportals.portal.pcd.gl.PermissionControlException: Access denied (Object(s): com.sap.portal.system/security/sap.com/NetWeaver.Portal/high_safety/com.sap.portal.support.desk/components/default) at com.sapportals.portal.pcd.gl.PcdFilterContext.filterLookup(PcdFilterContext.java:422) at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1248) at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254) at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254) at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254) at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254) at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254) at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254) at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254) at com.sapportals.portal.pcd.gl.PcdProxyContext.proxyLookupLink(PcdProxyContext.java:1353) at com.sapportals.portal.pcd.gl.PcdProxyContext.proxyLookup(PcdProxyContext.java:1300) at com.sapportals.portal.pcd.gl.PcdProxyContext.lookup(PcdProxyContext.java:1067) at com.sapportals.portal.pcd.gl.PcdGlContext.lookup(PcdGlContext.java:68) at com.sapportals.portal.pcd.gl.PcdURLContext.lookup(PcdURLContext.java:238) at javax.naming.InitialContext.lookup(InitialContext.java:347) at com.sapportals.portal.prt.deployment.DeploymentManager.checkPermissions(DeploymentManager.java:2000) at com.sapportals.portal.prt.core.broker.PortalComponentContextItem.refresh(PortalComponentContextItem.java:251) at com.sapportals.portal.prt.core.broker.PortalComponentContextItem.getContext(PortalComponentContextItem.java:316) at com.sapportals.portal.prt.component.PortalComponentRequest.getComponentContext(PortalComponentRequest.java:387) at com.sapportals.portal.prt.connection.PortalRequest.getRootContext(PortalRequest.java:488) at com.sapportals.portal.prt.core.PortalRequestManager.runRequestCycle(PortalRequestManager.java:607) at com.sapportals.portal.prt.connection.ServletConnection.handleRequest(ServletConnection.java:240) at com.sapportals.portal.prt.dispatcher.Dispatcher$doService.run(Dispatcher.java:524) at java.security.AccessController.doPrivileged(Native Method) at com.sapportals.portal.prt.dispatcher.Dispatcher.service(Dispatcher.java:407) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at com.sap.engine.services.servlets_jsp.server.servlet.InvokerServlet.service(InvokerServlet.java:156) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401) at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266) at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386) at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364) at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039) at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265) at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95) at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175) at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33) at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41) at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37) at java.security.AccessController.doPrivileged(Native Method) at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102) at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
With this exeptions I'd take a look to the security zone and -as not expected- the entry "com.sap.portal.system/security/sap.com/NetWeaver.Portal/high_safety/com.sap.portal.support.desk" is missing".
And Ideas to solve my problem (allow a User to access the PAR-Uploader) or to solve the missing security zone entry?