cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to determine role authorization of user in MAM?

Former Member

on ‎07-06-2006 3:49 PM

0 Kudos

Hi everyone,

I'm new to SAP and SAP MI, and I am currently implementing (or "enhancing") a MAM. I have the following question on user authorization:

  • In terms of role authorizations, does anyone know how I can determine what roles an authenticated user have from SAP? For example, if user A logs into the MI Client, and if this user accesses the MAM, is there a way for the MAM to know what kind of user roles he/she has? Is there a SyncBo that will give me such info? I checked the JavaDocs for the SyncBo's, but they have NO descriptions. The closest thing that I found was in MAM090 (Interface com.sap.mbs.mam.bo.MAM090). There are getter methods for getRoleGen(), getProfileResource(), and getPartnerRole(). Are any of these usable?

  • Are there any good documents that I can look at to determine what each SyncBo's does?

Many thanks!

Jeffrey

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

Former Member
‎07-06-2006 6:28 PM
0 Kudos

Hi Jeffrey!

Here are the 3 different checks you have to look at"Users & Authorizations" for setting up your MAM Users.

(1) SAP Backend:

(1a) The SAP MAM User who synchronizes with the Backend from the MI Client should have all necessary authorizations for Plant Maintenance Components of the SAP System that are associated with your MAM Scenarios.Pl refer to the following SAP Authorization Objects I_ALM_ME ,I_AUART,I_BEGRP,I_BETRVORG,I_CCM_ACT ,I_CCM_STRC,I_ILOA,I_INGRP,I_IWERK,I_KOSTL ,I_QMEL,I_ROUT ,I_ROUT1,I_SOGEN,I_SWERK,I_TCODE ,I_VORG_MEL,I_VORG_MP ,I_VORG_ORD,I_WPS_MEB ,I_WPS_REV in your Backend System and have it assigned to the User Profile, based on your requirement.

(1b) Service User for setting up the MAM & MI Landscape: This user logon info has to be setup in the RFC Destination that is associated with your MAM25 SyncBOs, to logon to the Backend System and this user should have the basic authorizations required to establish the connection.

(2) MI Middleware: The SAP MAM User who synchronizes with the Backend from the MI Client should have the following Authorization Objects assigned to his/her profile. S_ME_SYNC, S_RFC, S_TCODE.

(3) MI Client: Refer to MI Security Guide.Pl note that the MI Client MAM User is same as the Middleware User and the Backend User.You should be taking care of this already.This is just a FYI.

Let me know, if you are looking for any other additional info.

Thank You

Gisk

Show replies
Show replies
Former Member
‎07-06-2006 7:42 PM
0 Kudos

Hi Gisk,

Thank you for the quick response! What I am looking for is from within the MAM application, how I can figure out what Authorization objects a particular user has. The SAP that I'm dealing with has this unique "Manager" and "Employee" role, and we need to enhance the MAM 3.0 SR/2 application so that we display a different message whether the user who logged in is a "Manager" or an "Employee". This is set up as an Authorization. So, is there a way for the MAM to get at this info? If so, do you have any sample code?

Many thanks!

Jeffrey

Ask a Question