- SAP Community
- Products and Technology
- Additional Q&A
- AC10.0/10.1 - Access Request - read single roles a...
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
AC10.0/10.1 - Access Request - read single roles associated to composite roles for BRF+ routing role
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
on 04-05-2016 1:59 PM
Hello folks,
I am about to customize a line item brf+ routing rule for access requests which contain single roles but composite roles as well.
Though i was able to get a working rule for the single roles handling the composite roles does make some trouble.
To resolve the issue i have only two question.
- If the Request does contain a composite roles and is getting splitted in Line Items for the routing rule does the LineItem GRAC_S_REQUEST_RULE_LINE store the name of the composite role in the component name ROLE_NAME?
- Is there any function module or table which shows/stores the association between single and composite roles?
Thank you in advance.
Regards, Andreas
Accepted Solutions (1)
Accepted Solutions (1)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Andreas,
Table AGR_AGRS in the connected system contains the relationship between the Composite and its component roles. When you do your role import and select the backend system as your Role Authorization source, this table is among those checked. We have had several instances where the import of a Composite role failed, and after some investigation, we determined that the import failure was caused by AGR_AGRS not showing the same list of component roles as we had listed in the import file ( in Column X) and actually in the Composite at that time.
Gretchen
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hello Gretchen,
Amazing, thank you!
Though after some testing and working with the rule i found out that the function module i was using (GRAC_IDM_RISK_WITH_NO_SERVICES) was storing not only the single role name but also the name of the associated composite role in the request. This enabled me to avoid to challenges with the authorization source.
Have a good day, Andreas
Answers (0)
- Composite Data Source Configuration in Optimized Story Experience in Technology Blogs by SAP
- SAP Fiori for SAP S/4HANA - Composite Roles in launchpad content and layout tools in Enterprise Resource Planning Blogs by SAP
- Set active page within a composite widget in SAC in Technology Q&A
- Deleting of composition data after successful data upload from Intelligence authoring system in Enterprise Resource Planning Q&A
- What’s New in SAP Analytics Cloud Release 2024.07 in Technology Blogs by SAP
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.