cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

NW 7.4 Portal - Log Viewer for Developers

Go to solution
former_member155626
Explorer

on ‎10-01-2014 9:14 PM

0 Kudos

We just recently upgraded our NW 7.01 portal to NW 7.4 and are trying to become antiquated with the many changes involved with this upgrade.

One of the first things we've encountered is that the log viewer has moved under the NWA.

Our problem is giving our developers access to a log viewer now that it's been moved. Before we were just able to copy the log viewer iView from under sys admin>support>etc and move it to a role that all the developers have access to. This isn't possible as far as I can see in 7.4.

I've found this thread:

I know how to get to <portal>/nwa/logs and also about the Troubleshooting Wizard at  <portal>/tshw, but from what I can tell (and I have yet to find any real concrete information) is that in both the /nwa and /tshw require the Administrator role to access them...or at least to be able to use them; I notice I can access the tshw with a our developer permissions but it just throws errors.

Is there a way to give people who only have developer permissions on the portal (mainly Content Administration and ability to deploy from NWDS to the portal) access to the log viewer, or some sort of log viewer??

Is giving them access to the file system at the operating system the only other way to do this?

Thanks for you help,

Beau

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎10-02-2014 12:18 PM
0 Kudos

Hi Beau,

The documentation regarding NWA can be found here:

https://help.sap.com/saphelp_nwce10/helpdata/en/45/2bdafff14003c3e10000000a1553f6/content.htm

And I quote:

"For authorization, the SAP NetWeaver Administrator uses the User Management Engine (UME) and the Java Management Extension™ (JMX) security features. The following security roles are defined from an authorization point of view:

●  NWA_READONLY

●  NWA_SUPERADMIN

The roles include the permissions that enable/disable certain elements in the UI, as well as permissions to access the data in the managed system. The read-only role does not allow making any changes in the managed system such as starting/stopping, changing the configuration and so on, whereas the other role allows full control."


For your purpose, just assign the NWA_READONLY Role to the user and he will have read-only access to

<portal>/nwa/logs.


Best regards,

Etay

Show replies
Show replies
Former Member
‎10-02-2014 1:09 PM
0 Kudos

Etay, since we had a similar situation in this context, Beau I hope you dont mind: there can we find a complete description of all available EP UME actions? For most customer I have canned stuff delivered by your employer is by far not enough: companies in free economy out there have strict security policies, which doesnt allow employee's to even see any informations, they are not related to. So there is no european company I would know who gave their developers NWA_READONLY because of such reasons. We desperated searched for a semantic description of available actions by SAP and miserably failed to do all we wanted on our own. Would you help us on this? Thank you,

regards

former_member155626
Explorer
‎10-03-2014 4:31 PM
0 Kudos

Lawrence,

I've been working on this this morning, trying to break out the Troubleshooting wizard so that our developers can have it. I have yet to figure it out.

I know some subset of the 2500+ actions assigned to the Administrator role give one access to /tswh (I THINK!), but what they are I have no idea.

I tried giving owner permissions to our developers for the "tc~sec~tools~tsh~wd" (if you go to the <portal>/tshw link you'll see that come up in the URL) application under the "Web Dynpro Java Applications" under Content Admin, as well as assigning any actions of "ts~sec~tools~tsh*" to the developers role, and both of the above, and still it says that my test developer only has read-access to the troubleshooting wizard.

I don't know what I'm missing here, or if it's even possible, but I'm about to give up because like many things SAP, it makes no sense and I'm having a difficult time finding any useful information on it.

Former Member
‎10-08-2014 3:00 PM
0 Kudos

Yes, same here. Neither me nor colleagues of my were able to find any practibale way to use canned actions, I guess there is no. At the end colleagues of my just developed actions on their own and deployed them on AS Java. Developer traces are not telling you which UME action you need to avoid permission problems, as far I got it

cheers

Answers (2)

Answers (2)

former_member155626
Explorer
‎10-03-2014 2:58 PM
0 Kudos

Etay,

Thanks for the help. The read-only role will definitely get us by, although I'm already hearing complains of the search capability being a bit more limiting that it used to be. For instance you get a portal runtime error and it has an ID like "12:20_02/10/14_0029_5011XXXXX", which they normally do, you can't really search on that. At least they haven't found a way yet.

Also kind of unfortunate that the read-only role doesn't seem to give access to the Troubleshooting wizard. I'm looking around for a role that might give that access without giving it to everything else. Might be one I have to break out the UME action for.

Thanks again.

Show replies
Show replies
Former Member
‎10-05-2014 10:28 AM
0 Kudos

Hi Beau,

For that purpose navigate to <host>:<port>/nwa

Then in NWA navigate to "Troubleshooting" tab --> "Logs and Traces" subtab and press the

"Log Viewer" link.

In the Log Viewer, on the upper left side of the screen click on

"View" --> "Open View..." --> "Developer Traces".

This will show the default trace with the "Error" severity you need and you will be able to search

for example, and error ID.

Best regards,

Etay

Former Member
‎10-02-2014 10:42 AM
0 Kudos

Create and adapt (size down) copies of SAP system roles (or your own) including appropriate actions to deliver the right level of access to your developers.

cheers

Show replies
Show replies
Ask a Question