Skip to Content
0
Former Member
Mar 20, 2009 at 07:13 PM

Missing Entry in Security Zones

27 Views

Hi all,

Im trying to build a User how "only" has access to the PAR-Uploader in the Portal (System Administration --> Support --> Support Desk --> ("Portal Anywhere" Admin Tools" -->) Administration Console.

My idea for a solution was to create a role with a delta-linked iView to the source iView (Portal Content --> Content provided by SAP --> Admin Interfaces --> Admin iView Templates --> Support Desk). After asigning the new role to my new User and logging in to the Portal, i can see the "overview" mask (System Administration --> Support --> Support Desk), but by calling the "Portal Runtime" (to upload the PAR) I will get an Execption.

In the NWA I found two:

Exception ID:07:46_20/03/09_0033_4057750 
[EXCEPTION]
 com.sapportals.portal.prt.runtime.PortalRuntimeException: Access is denied: com.sap.portal.support.desk.default - user: Deployment, Tester
	at com.sapportals.portal.prt.deployment.DeploymentManager.checkPermissions(DeploymentManager.java:2005)
	at com.sapportals.portal.prt.core.broker.PortalComponentContextItem.refresh(PortalComponentContextItem.java:251)
	at com.sapportals.portal.prt.core.broker.PortalComponentContextItem.getContext(PortalComponentContextItem.java:316)
	at com.sapportals.portal.prt.component.PortalComponentRequest.getComponentContext(PortalComponentRequest.java:387)
	at com.sapportals.portal.prt.connection.PortalRequest.getRootContext(PortalRequest.java:488)
	at com.sapportals.portal.prt.core.PortalRequestManager.runRequestCycle(PortalRequestManager.java:607)
	at com.sapportals.portal.prt.connection.ServletConnection.handleRequest(ServletConnection.java:240)
	at com.sapportals.portal.prt.dispatcher.Dispatcher$doService.run(Dispatcher.java:524)
	at java.security.AccessController.doPrivileged(Native Method)
	at com.sapportals.portal.prt.dispatcher.Dispatcher.service(Dispatcher.java:407)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
	at com.sap.engine.services.servlets_jsp.server.servlet.InvokerServlet.service(InvokerServlet.java:156)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
	at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
	at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
	at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
	at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
	at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
	at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
	at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
	at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
	at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
	at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
	at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
	at java.security.AccessController.doPrivileged(Native Method)
	at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
	at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
Caused by: com.sapportals.portal.pcd.gl.PermissionControlException: Access denied (Object(s): com.sap.portal.system/security/sap.com/NetWeaver.Portal/high_safety/com.sap.portal.support.desk/components/default)
	at com.sapportals.portal.pcd.gl.PcdFilterContext.filterLookup(PcdFilterContext.java:422)
	at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1248)
	at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254)
	at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254)
	at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254)
	at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254)
	at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254)
	at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254)
	at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254)
	at com.sapportals.portal.pcd.gl.PcdProxyContext.proxyLookupLink(PcdProxyContext.java:1353)
	at com.sapportals.portal.pcd.gl.PcdProxyContext.proxyLookup(PcdProxyContext.java:1300)
	at com.sapportals.portal.pcd.gl.PcdProxyContext.lookup(PcdProxyContext.java:1067)
	at com.sapportals.portal.pcd.gl.PcdGlContext.lookup(PcdGlContext.java:68)
	at com.sapportals.portal.pcd.gl.PcdURLContext.lookup(PcdURLContext.java:238)
	at javax.naming.InitialContext.lookup(InitialContext.java:347)
	at com.sapportals.portal.prt.deployment.DeploymentManager.checkPermissions(DeploymentManager.java:2000)
	... 26 more

and

07:46_20/03/09_0033_4057750 
[EXCEPTION]
 com.sapportals.portal.pcd.gl.PermissionControlException: Access denied (Object(s): com.sap.portal.system/security/sap.com/NetWeaver.Portal/high_safety/com.sap.portal.support.desk/components/default)
	at com.sapportals.portal.pcd.gl.PcdFilterContext.filterLookup(PcdFilterContext.java:422)
	at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1248)
	at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254)
	at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254)
	at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254)
	at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254)
	at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254)
	at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254)
	at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254)
	at com.sapportals.portal.pcd.gl.PcdProxyContext.proxyLookupLink(PcdProxyContext.java:1353)
	at com.sapportals.portal.pcd.gl.PcdProxyContext.proxyLookup(PcdProxyContext.java:1300)
	at com.sapportals.portal.pcd.gl.PcdProxyContext.lookup(PcdProxyContext.java:1067)
	at com.sapportals.portal.pcd.gl.PcdGlContext.lookup(PcdGlContext.java:68)
	at com.sapportals.portal.pcd.gl.PcdURLContext.lookup(PcdURLContext.java:238)
	at javax.naming.InitialContext.lookup(InitialContext.java:347)
	at com.sapportals.portal.prt.deployment.DeploymentManager.checkPermissions(DeploymentManager.java:2000)
	at com.sapportals.portal.prt.core.broker.PortalComponentContextItem.refresh(PortalComponentContextItem.java:251)
	at com.sapportals.portal.prt.core.broker.PortalComponentContextItem.getContext(PortalComponentContextItem.java:316)
	at com.sapportals.portal.prt.component.PortalComponentRequest.getComponentContext(PortalComponentRequest.java:387)
	at com.sapportals.portal.prt.connection.PortalRequest.getRootContext(PortalRequest.java:488)
	at com.sapportals.portal.prt.core.PortalRequestManager.runRequestCycle(PortalRequestManager.java:607)
	at com.sapportals.portal.prt.connection.ServletConnection.handleRequest(ServletConnection.java:240)
	at com.sapportals.portal.prt.dispatcher.Dispatcher$doService.run(Dispatcher.java:524)
	at java.security.AccessController.doPrivileged(Native Method)
	at com.sapportals.portal.prt.dispatcher.Dispatcher.service(Dispatcher.java:407)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
	at com.sap.engine.services.servlets_jsp.server.servlet.InvokerServlet.service(InvokerServlet.java:156)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
	at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
	at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
	at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
	at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
	at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
	at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
	at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
	at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
	at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
	at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
	at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
	at java.security.AccessController.doPrivileged(Native Method)
	at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
	at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)

With this exeptions I'd take a look to the security zone and -as not expected- the entry "com.sap.portal.system/security/sap.com/NetWeaver.Portal/high_safety/com.sap.portal.support.desk" is missing".

And Ideas to solve my problem (allow a User to access the PAR-Uploader) or to solve the missing security zone entry?