I checked our Netweaver log and find following messages:
User XXXX does not have AccessSchedulerBusiness permission: java.security.AccessControlException: No authorization Category: /Applications/Scheduler Place: com.redwood.scheduler.security.impl.sap.ume.UMEUser Application: redwood.com/scheduler-ear Username | ACCESS.ERROR | null | | Permission=[(com.redwood.scheduler.security.permissions.SchedulerAccessPermission business)] Category: /System/Security/Audit Place: com.sap.security.core.util.SecurityAudit Application: redwood.com/scheduler-ear (Username =my Username)
These are my userroles in SAP Netweaver UME:
scheduler-user Einfacher Zugriff, sieht keine Objekte, Ist Basis für andere Rollen. UME-Datenbank
scheduler-isolation-administrator Create/Edit/Delete Isolation Groups and add users to these UME-Datenbank
scheduler-administrator Kann alle Aktionen im SAP CPS ausführen UME-Datenbank
and here my userroles in SAP CPS
Redwood System Administrator
Redwood System BAG:9:F:Scheduler_Manager
Redwood System scheduler administrator
Redwood System scheduler user
Redwood System BAG:1:F:Scheduler_Manager_Isolation
Redwood System scheduler isolation administrator
Redwood System scheduler_administrator
Redwood System scheduler it user
We use SAP CPS Build: M33.42-54458
Anyone an idea?
"User XXXX does not have AccessSchedulerBusiness permission: java.security.AccessControlException: No authorization"
"Username | ACCESS.ERROR | null | | Permission=[(com.redwood.scheduler.security.permissions.SchedulerAccessPermission business)]"
Errors such as the above normal and should not be any reason for concern. CPS has support for many more SAP standard roles now and in this situation CPS asks the UME if the user has these roles, the NW Java UME then logs a message if the user does not have the requested roles. This error is specifically logged when the user has no business user permissions.
You can ignore these default trace entries. These standard roles are part of CPS, but they do NOT show in the CPS UI until you have assigned them in the UME to a user and that user has logged into CPS.
thank you for your answer.
But where can I assign business user permissions, or which roles do I need?
CPS has support for many more SAP standard roles now and in this situation CPS asks the UME if the user has these roles, the NW Java UME then logs a message if the user does not have the requested roles.
I try to understand this messages. Where and which Role/Group or credential I need? Is this a problem which Netweaver Stack we use?
In fact I'm not yet clear on what the "Action" encapsulates - however we recently found that we could not link Job Documentation in SolMan with Jobs in CPS automatically (i.e. the URL in CPS linking back to SolMan Job Docs) until users had this Action "AccessSchedulerBusiness" in addition to the "AccessScheduler" action.
Searching the Security guide doesn't seem to give any explanation for this mysterious action....