Skip to Content
author's profile photo
Former Member

Confidential documents in KM: How to secure individual employee documents

Hello KM experts!

We store W2 documents that we get from a third party as pdf files in a folder in KM. There are a couple of thousand documents every year that we need to store in KM and make them available for employees. The file names are encrypted and consist of a bunch of numbers - you would not be able to tie a document to an employee by looking at the file name.

The third party company sends us an index file that ties the document name to an employee number.

We upload this index file to a custom table in SAP backend.

We have developed a custom web dynpro application that looks up the employee number of the logged in user at runtime and then gets the associated documents from the custom table and displays the W2 statements for that user.

This is all working according to user requirements.

Here is our issue:

The pdf files are all stored in one folder in KM that has read access for group everyone!

We have disabled the standard navigation iView to ensure nobody can browse the KM folders but the documents itself are still not secure enough.

One could still view somebody elses W2 statement by constructing the correct URL path - it would be tough getting a hit with the encrypted file names but still possible.

Any idea on how we could secure the documents better?

Uploading them to each users personal folder would be an idea but how to go about that? We would need for each year a folder in the personal folder of the user as users can filter W2 statements by year in the custom web dynpro application. In addition we would need to have a program that creates those year folders automatically and based on the index file puts the files into the correct personal folders.

A quite crazy idea that I have is to create a service specific user and assign read access of the W2 folder and all pdf files to only that user. In the web dynpro application I would then access the pdf files only with that service user but I have no idea if that is even feasible.

Sorry for the long description of the problem but any help is appreciated.

I will surely reward points for useful and problem related answers - just dumping some help/SDN links that have nothing to do with the issue will not yield any points!

Thanks,

😊 Harald

Add comment
10|10000 characters needed characters exceeded

  • Follow
  • Get RSS Feed

1 Answer

  • Best Answer
    Posted on Sep 27, 2007 at 09:13 AM

    Hi Harald,

    so you get as well from me a link at sdn.....

    https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/e2ddd63d-0b01-0010-46bb-e092790068cb

    it is a code sample for Implementing a Read-Only Security Manager.

    And don't forget to reward a lot of points.

    All joking aside.

    The main point is what you have mentioned: defining a repository with read permission to everybody means everybody can access the files even they doen't have a role with an Navigation iView. You can as well use Explorer do enter the WebDAV Url to this repository and everybody can access the pdf files.

    There are a few of conceptionals solutions for your issue.

    One solution could be to implement your own security manager. See the URL with a code sample. You have to assign this security manager to your repository instead of using the aclSecurityManager.

    Your own security manager has to read the portal user name, afterwords the employee numer of your W2 table and have a look in your W2 index table if the user is allowed to open the file.

    The advantage of implementing your own security manager is you can now use every portal / km service and iView. That means you can use TREX for indexing, your can use the KM Navigation iView and so on.

    The disadvantage: for every file in the repository the security manager will be called. That's why this coding (of your security manager) must have a (very) good performance.

    Best Regards

    Frank

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member

      Hello Frank!

      Thanks for the link - I already got that one though but still I gave you 'lots' of points for at least taking the time and replying. We disabled WebDAV to prevent users mapping to KM folders.

      It looks like creating your own security manager is the way to go with caching enabled to prevent performance issues.

      If I don't get any other answers then I will close this thread and award you full points.

      Thanks again for your help,

      😊 Harald