Access Violation Administrator messages appear when users without write access to User objects log in using ECC
Article ID: 87979
Updated On:
Products
CA Automic Workload Automation - Automation Engine
Issue/Introduction
Affects Release version(s): 11
Error Message :
U00004519 Access violation details: Used filter: ' USER/XYZ/XYZ//////' .
U00004505 Access violation: User: 'XYZ/XYZ' Object: ' XYZ/XYZ' Access type: 'W' Reason: prohibition in authorization profile: 'XYZ/XYZ'.
In the Enterprise Control Center (ECC) the Admin receives the following Access Violation messages when a user logs on to the application without having access to ones User object or when opening an object to which no write access exists:
When logging in to the Java User Interface (UI) no messages are printed.
Investigation
Error Message :
U00004519 Access violation details: Used filter: ' USER/XYZ/XYZ//////' .
U00004505 Access violation: User: 'XYZ/XYZ' Object: ' XYZ/XYZ' Access type: 'W' Reason: prohibition in authorization profile: 'XYZ/XYZ'.
In the Enterprise Control Center (ECC) the Admin receives the following Access Violation messages when a user logs on to the application without having access to ones User object or when opening an object to which no write access exists:
12.07.2016 09:27:23 - U00004519 Access violation details: Used filter: ' USER/XYZ/XYZ//////' .
12.07.2016 09:27:23 - U00004505 Access violation: User: 'XYZ/XYZ' Object: ' XYZ/XYZ' Access type: 'W' Reason: prohibition in authorization profile: 'XYZ/XYZ'.
12.07.2016 09:27:23 - U00004505 Access violation: User: 'XYZ/XYZ' Object: ' XYZ/XYZ' Access type: 'W' Reason: prohibition in authorization profile: 'XYZ/XYZ'.
When logging in to the Java User Interface (UI) no messages are printed.
Investigation
- Set the following Authorizations for a User:
<Please see attached file for image>
- Log in to ECC with the User and these rights settings
- Check the Logfiles (WP) - the Access violation messages are also inside
- Set the following settings in the Java-UI for the Client via Options | Settings | Message Window:
Subscribed messages:
Set a checkmark at "Everything in the current Client"
Set a checkmark at "Administrator messages"
Set a checkmark at "Security messages"
Set a checkmark at "Everything in the current Client"
Set a checkmark at "Administrator messages"
Set a checkmark at "Security messages"
<Please see attached file for image>
- Additionally, set in the UC_CLIENT_SETTINGS of this user to the following:
SECURITY_AUDIT_FAILURE | HOST_ACCESS,LOGON,OBJECT_ACCESS,USER_PRIVILEGES
<Please see attached file for image>
- Login to ECC with the User
With this additional settings the output are also printed to the message window.
Cause
Cause type:
Defect
Root Cause: Access violation messages displayed when they shouldn’t be: 1) when users with no write access to an object open it and 2) when users logged in to the AWI and have no write access to the User object.
Defect
Root Cause: Access violation messages displayed when they shouldn’t be: 1) when users with no write access to an object open it and 2) when users logged in to the AWI and have no write access to the User object.
Environment
OS Version: N/A
Resolution
Update to a fix version listed below or a newer version if available.
Fix Status: Released
Fix Version(s):
Automic Web Interface 12.0.2 - Available
Fix Status: Released
Fix Version(s):
Automic Web Interface 12.0.2 - Available
Additional Information
Workaround :
N/A
N/A
Attachments
Feedback
Yes
No
Powered by
