Skip to Content
Former Member
Aug 09, 2006 at 06:57 PM

SAP_J2EE* roles - shouldn't they have authorziations?



We just upgraded to BI (using the portal) and are running into some issues with users.

As I understand it, any user created in the SAP backend system is automatically going to be created in the portal. The roles assigned to the user should contain whatever authorziations they require to execute the various and queries (referring to end users only). Are any SAP_J2EE* roles required to be assigned to the user in order for them to access the portal? The user is assigned the applicable portal role, such as for Business explorer or Business Intelligence. (pcd.. . . )

For example, I created a test user in the backend, Ztestjn, with a BI role assignment and assign a portal role to the ID in the portal. I verified with my own ID that the test ID exists with the selected roles assigned.

When I try to log into the portal with this test ID, it won't allow me to log in. However, when I assign the SAP_J2EE_ADMIN role in the backend to this test ID, I can log into the portal. (I can log in via the backend with this test ID w/o the SAP_J2EE* role assigned)

However, in PFCG, there are no authorizations in the SAP_J2EE_admin role, so it shouldn't make a difference as to whether or not any of the SAP_J2EE* roles are assigned to the user.

Since there may be several culprits as to the issues we are having, I have several questions.

1. Does an SAP_J2EE* role (such as the guest role) need to be assigned to the user in the backend (SU01) in order for it to access the portal?

2. Should there be authorziations (objects, etc), in the SAP_J2EE* role? Ours may have not been imported properly since the role is empty.

Thanks in advance