3 Replies Latest reply: Sep 20, 2013 6:17 PM by Jamie Neilan RSS

SAP CPS Security Permissions

Marc Resch
Currently Being Moderated

Dear All,

 

I checked our Netweaver log and find following messages:

 

User XXXX does not have AccessSchedulerBusiness permission: java.security.AccessControlException: No authorization

Category: /Applications/Scheduler
Place: com.redwood.scheduler.security.impl.sap.ume.UMEUser
Application: redwood.com/scheduler-ear

Username | ACCESS.ERROR | null | | Permission=[(com.redwood.scheduler.security.permissions.SchedulerAccessPermission business)]

Category: /System/Security/Audit
Place: com.sap.security.core.util.SecurityAudit  
Application: redwood.com/scheduler-ear
(Username =my Username)

 

These are my userroles in SAP Netweaver UME:

 

  scheduler-user Einfacher Zugriff, sieht keine Objekte, Ist Basis für andere Rollen. UME-Datenbank

  scheduler-isolation-administrator Create/Edit/Delete Isolation Groups and add users to these UME-Datenbank

  scheduler-administrator Kann alle Aktionen im SAP CPS ausführen UME-Datenbank

 

and here my userroles in SAP CPS

 

Redwood System     Administrator     

Redwood System     BAG:9:F:Scheduler_Manager

Redwood System     scheduler administrator     

Redwood System     scheduler user     

Redwood System     BAG:1:F:Scheduler_Manager_Isolation     

Redwood System     scheduler isolation administrator     

Redwood System     scheduler_administrator

Redwood System     scheduler it user     

 

We use SAP CPS Build: M33.42-54458

 

Anyone an idea?

 

 

Kind regards

 

Marc

 

  • Re: SAP CPS Security Permissions
    David Glynn
    Currently Being Moderated

    "User XXXX does not have AccessSchedulerBusiness permission: java.security.AccessControlException: No authorization"

       

    "Username | ACCESS.ERROR | null | | Permission=[(com.redwood.scheduler.security.permissions.SchedulerAccessPermission business)]"

     

    Errors such as the above normal and should not be any reason for concern. CPS has support for many more SAP standard roles now and in this situation CPS asks the UME if the user has these roles, the NW Java UME then logs a message if the user does not have the requested roles. This error is specifically logged when the user has no business user permissions.

     

    You can ignore these default trace entries. These standard roles are part of CPS, but they do NOT show in the CPS UI until you have assigned them in the UME to a user and that user has logged into CPS.

     

    Rgds,

    David

    • Re: SAP CPS Security Permissions
      Marc Resch
      Currently Being Moderated

      Dear David,

       

      thank you for your answer.

       

      But where can I assign business user permissions, or which roles do I need?

       

      You wrote:

       

      CPS has support for many more SAP standard roles now and in this situation CPS asks the UME if the user has these roles, the NW Java UME then logs a message if the user does not have the requested roles.

       

       

      I try to understand this messages. Where and which Role/Group or credential I need? Is this a problem which Netweaver Stack we use?

       

      Kind Regards

       

      Marc

      • Re: SAP CPS Security Permissions
        Jamie Neilan
        Currently Being Moderated

        In fact I'm not yet clear on what the "Action" encapsulates - however we recently found that we could not link Job Documentation in SolMan with Jobs in CPS automatically (i.e. the URL in CPS linking back to SolMan Job Docs) until users had this Action "AccessSchedulerBusiness" in addition to the "AccessScheduler" action.

         

        Searching the Security guide doesn't seem to give any explanation for this mysterious action....

Actions