Access Violation Administrator messages appear when users without write access to User objects log in using ECC
Affects Release version(s): 11
Error Message :
U00004519 Access violation details: Used filter: ' USER/XYZ/XYZ//////' .
U00004505 Access violation: User: 'XYZ/XYZ' Object: ' XYZ/XYZ' Access type: 'W' Reason: prohibition in authorization profile: 'XYZ/XYZ'.
In the Enterprise Control Center (ECC) the Admin receives the following Access Violation messages when a user logs on to the application without having access to ones User object or when opening an object to which no write access exists:
12.07.2016 09:27:23 - U00004505 Access violation: User: 'XYZ/XYZ' Object: ' XYZ/XYZ' Access type: 'W' Reason: prohibition in authorization profile: 'XYZ/XYZ'.
When logging in to the Java User Interface (UI) no messages are printed.
Investigation
- Set the following Authorizations for a User:
<Please see attached file for image>
- Log in to ECC with the User and these rights settings
- Check the Logfiles (WP) - the Access violation messages are also inside
- Set the following settings in the Java-UI for the Client via Options | Settings | Message Window:
Set a checkmark at "Everything in the current Client"
Set a checkmark at "Administrator messages"
Set a checkmark at "Security messages"
<Please see attached file for image>
- Additionally, set in the UC_CLIENT_SETTINGS of this user to the following:
<Please see attached file for image>
- Login to ECC with the User
Cause type:
Defect
Root Cause: Access violation messages displayed when they shouldn’t be: 1) when users with no write access to an object open it and 2) when users logged in to the AWI and have no write access to the User object.
OS Version: N/A
Update to a fix version listed below or a newer version if available.
Fix Status: Released
Fix Version(s):
Automic Web Interface 12.0.2 - Available
Workaround :
N/A