Hello.

I have a problem with assigning/removing resource with a normal user in
User App.
This error message appears : "Failed to create/remove 1 resource
assignment request(s). You are unauthorized for this operation.".
It works great with User App admin, if I use "Manage" button for
managing resources for my normal user.

How I can grant permissions for normal users ? I found nothing in
documentation (bad search ?), just how to hide/show "Remove" and
"Assign" buttons.

IDM 4.0.2 patch C revision 39446.

This trace appears in User App log :

11:44:30,335 INFO [STDOUT] ERROR [RBPM]
[com.novell.idm.nrf.service.ResourceManagerService: requestResourceAssignment]
[Resource_Request_Failure] Requested by cn=021519P,ou=Identites,o=toto,
Target DN: cn=021519P,ou=Identites,o=toto, Source
DN:cn=PA0001,cn=ResourceDefs,cn=RoleConfig,cn=AppC onfig,cn=UserApplication,cn=DriverSet,ou=DirXML,o= toto,
Request
DN:cn=20131029114430-b44f7f7136db4320b27f3631c67885c2-0,cn=ResourceRequests,cn=RoleConfig,cn=AppConfig,c n=UserApplication,cn=DriverSet,ou=DirXML,o=toto,
Request Category: 15, Request Status: 0, Original Request Status: null,
Correlation ID:
UserApp#ResourceRequest#cbd4f9fa-3143-42c7-9586-0c32bba627ef, Error
Message: null

com.novell.idm.nrf.exception.NrfUnauthorizedExcept ion: User [dn =
cn=021519P,ou=Identites,o=toto] is not authorized to work on resource
assignment [<?xml version="1.0" encoding="UTF-8"?><dsml:entry
dn="cn=20131029114430-b44f7f7136db4320b27f3631c67885c2-0,cn=ResourceRequests,cn=RoleConfig,cn=AppConfig,c n=UserApplication,cn=DriverSet,ou=DirXML,o=toto">
<objectclass>
<oc-value>nrfRequest</oc-value>
</objectclass>
<attr name="nrfRequestDate">
<value>Tue Oct 29 11:44:30 CET 2013</value>
</attr>
<attr name="nrfStatus">
<value>0</value>
</attr>
<attr name="nrfRequester">
<value>cn=021519P,ou=Identites,o=toto</value>
</attr>
<attr name="nrfCategory">
<value>15</value>
</attr>
<attr name="nrfTargetDN">
<value>cn=021519P,ou=Identites,o=toto</value>
</attr>
<attr name="nrfSourceDN">
<value>cn=PA0001,cn=ResourceDefs,cn=RoleConfig,cn= AppConfig,cn=UserApplication,cn=DriverSet,ou=DirXM L,o=toto</value>
</attr>
<attr name="nrfDescription">
<value>Test</value>
</attr>
<attr name="nrfRequestDef">
<value>cn=Deprovisionning
generique,cn=RequestDefs,cn=AppConfig,cn=UserAppli cation,cn=DriverSet,ou=DirXML,o=toto</value>
</attr>
<attr name="nrfApprovers"/>
<attr name="nrfCorrelationId">
<value>UserApp#ResourceRequest#cbd4f9fa-3143-42c7-9586-0c32bba627ef</value>
</attr>
</dsml:entry>
].
at
com.novell.idm.nrf.service.ResourceManagerService. requestResourceAssignment(ResourceManagerService.j ava:671)
at
com.novell.srvprv.impl.servlet.service.GWTResource AssignmentBridge.assignOrRevokeResource(GWTResourc eAssignmentBridge.java:257)
at
com.novell.srvprv.impl.servlet.service.GWTResource AssignmentBridge.revokeResource(GWTResourceAssignm entBridge.java:189)
at
com.novell.srvprv.impl.servlet.service.GWTResource AssignmentBridge.retractResourceAssignmentRequest( GWTResourceAssignmentBridge.java:1250)
at
com.novell.srvprv.impl.servlet.service.GwtServiceR outer.retractResourceAssignmentRequest(GwtServiceR outer.java:1828)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Nativ e Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknow n Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Un known
Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at
com.google.gwt.user.server.rpc.RPC.invokeAndEncode Response(RPC.java:569)
at
com.google.gwt.user.server.rpc.RemoteServiceServle t.processCall(RemoteServiceServlet.java:208)
at
com.google.gwt.user.server.rpc.RemoteServiceServle t.processPost(RemoteServiceServlet.java:248)
at
com.google.gwt.user.server.rpc.AbstractRemoteServi ceServlet.doPost(AbstractRemoteServiceServlet.java :62)
at javax.servlet.http.HttpServlet.service(HttpServlet .java:637)
at javax.servlet.http.HttpServlet.service(HttpServlet .java:717)
at
org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:290)
at
org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:206)
at
com.novell.soa.common.i18n.URILoggerServletFilter. doFilter(URILoggerServletFilter.java:63)
at
org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:235)
at
org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:206)
at
com.novell.soa.common.i18n.BestLocaleServletFilter .doFilter(BestLocaleServletFilter.java:242)
at
org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:235)
at
org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:206)
at
org.jboss.web.tomcat.filters.ReplyHeaderFilter.doF ilter(ReplyHeaderFilter.java:96)
at
org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:235)
at
org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:206)
at
org.apache.catalina.core.StandardWrapperValve.invo ke(StandardWrapperValve.java:235)
at
org.apache.catalina.core.StandardContextValve.invo ke(StandardContextValve.java:191)
at
org.jboss.web.tomcat.security.SecurityAssociationV alve.invoke(SecurityAssociationValve.java:190)
at
org.apache.catalina.authenticator.AuthenticatorBas e.invoke(AuthenticatorBase.java:433)
at
org.jboss.web.tomcat.security.JaccContextValve.inv oke(JaccContextValve.java:92)
at
org.jboss.web.tomcat.security.SecurityContextEstab lishmentValve.process(SecurityContextEstablishment Valve.java:126)
at
org.jboss.web.tomcat.security.SecurityContextEstab lishmentValve.invoke(SecurityContextEstablishmentV alve.java:70)
at
org.apache.catalina.core.StandardHostValve.invoke( StandardHostValve.java:127)
at
org.apache.catalina.valves.ErrorReportValve.invoke (ErrorReportValve.java:102)
at
org.jboss.web.tomcat.service.jca.CachedConnectionV alve.invoke(CachedConnectionValve.java:158)
at
org.apache.catalina.core.StandardEngineValve.invok e(StandardEngineValve.java:109)
at
org.apache.catalina.connector.CoyoteAdapter.servic e(CoyoteAdapter.java:330)
at
org.apache.coyote.http11.Http11Processor.process(H ttp11Processor.java:829)
at
org.apache.coyote.http11.Http11Protocol$Http11Conn ectionHandler.process(Http11Protocol.java:598)
at
org.apache.tomcat.util.net.JIoEndpoint$Worker.run( JIoEndpoint.java:447)
at java.lang.Thread.run(Unknown Source)


Thanks in advance.


Lilian


--
lgallet
------------------------------------------------------------------------
lgallet's Profile: https://forums.netiq.com/member.php?userid=5343
View this thread: https://forums.netiq.com/showthread.php?t=49083