topic Re: UME Security - Java Scheduler 'Action' authorization in Application Development and Automation Discussions

UME Security - Java Scheduler 'Action' authorization

Former Member — Tue, 25 Nov 2014 21:27:13 GMT

Hello Security gurus!

Our PI team would like to have access to the NWA Java Scheduler. They currently have the NWA_READONLY role, the only role that we found that provide access to the scheduler is NWA_SUPER_ADMIN which for obvious reasons we don't want assign them to.

We copied the role NWA_READONLY to a Z_XXXX role and we would really need help identifying what "action" we need to add to the z role to grant access to the Java Scheduler.

The support button provides the following information:

----------------------------------------------------------------

Support Component:BC-NWA-JEE

Development Component:sap.com/tc~lm~itsam~ui~nwscheduler

URL:http://<sap_server_name>:5<##>00/webdynpro/resources/sap.com/tc~lm~itsam~ui~mainframe~wd/FloorPlanApp?applicationID=com.sap.itsam.ops.java.scheduling&applicationViewID=jobs

----------------------------------------------------------------

After countless hours of tracing, reading logs and "trial and error" I quite literally started talking to myself, now I'm not sure if talking to ones self is normal, but I truly hope someone bring me back to my old self before I start entertaining full conversations with myself.

Feel free to shoot out any ideas they are all welcome.

Regards,

Yannick C.

Re: UME Security - Java Scheduler 'Action' authorization

Former Member — Wed, 26 Nov 2014 11:50:49 GMT

Hello

Check SAP Note 1846228 - Log trace shows "No scheduler assigned to authenticated user "SM_COLL_XXX"" error in SOLMAN 7.1 - and assign role “SAP_JAVA_WSNAVIGATOR” to that user.

Cheers,

Tapan

Re: UME Security - Java Scheduler 'Action' authorization

Former Member — Wed, 26 Nov 2014 13:24:42 GMT

Hello Yannick,

look for these 2 actions: 'NWA_SUPERADMIN_JSL' or 'NWA_READONLY_JSL' depending on whether you want to grant readonly- or admin- permission.

Regards,

Malte

Re: UME Security - Java Scheduler 'Action' authorization

Former Member — Wed, 26 Nov 2014 14:58:33 GMT

Spot on Malte! Thanks for saving my sanity!

I'm wondering how you figured out it was these actions? I've looked everywhere for a note or documentation as to what action is used for what but to no avail.

If you could point me in the right direction where I could find this information I would be even more grateful.

Regards,

Yannick C.

Re: UME Security - Java Scheduler 'Action' authorization

Former Member — Thu, 27 Nov 2014 12:15:09 GMT

Pure chance! I had a similar requirement and was looking for a solution and hit your post. Hard job to find something, but after 2 hours of effort I found a matching overview in help portal: Link

Really worth for bookmarking...

Re: UME Security - Java Scheduler 'Action' authorization

Former Member — Tue, 02 Dec 2014 18:55:04 GMT

Thanks Malte, this like is really useful!

I not only book marked it but printed the page to PDF and saved it on my google drive! Definitely a keeper!

Thanks again,

Yannick C.

Re: UME Security - Java Scheduler 'Action' authorization

Former Member — Thu, 03 Dec 2015 16:34:08 GMT

Hi,

I have the same situation where user needs read only access to tasks in Java scheduler. I checked roles under his profile and found NWA_READONLY which already have NWA_READONLY_JSL action assigned to the role.

While checking the role using dummy user, it gives read only access to the jobs and the scheduler but not to the tasks.

Can anyone help with this.