Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Email sent from a particular background job should not be able to be viewed in SOST tcode by anyone

shiva_repala
Discoverer

‎11-28-2017 3:11 PM

0 Kudos

I have a background job scheduled for a sap query and an email is sent every time BG job is executed, the email is setup in 'SM36' in the option 'spool list recipient' button ,

now the emails from this BG job are confidential hence i have to make a restriction that no one should be able to view those emails in SOST tcode

No enhancements can be done for SOST as it is giving a message that this is a central basis component and cannot be enhanced

3 REPLIES 3

raymond_giuseppi
Active Contributor

‎11-28-2017 3:51 PM

0 Kudos

Not sure this is possible in SOST.

The send requests overview (transaction SOST) enables you to display and manage all messages sent using SAPconnect.

Consider to only give access to SOSG to restricted set of users?, but IMHO forget it for any SAP_ALL user, so consider encryption of the sent data?

If a user is only allowed to select send requests of certain users or groups, you can use transaction SOSG for this. This transaction is the same as transaction SOST, however it also performs additional authorization checks. To be able to use this transaction, a user must not have ADMINISTRATOR authorization in authorization object S_OC_ROLE. Authorization to select users or groups in transaction SOSG is controlled through authorization object S_OC_SOSG. For more information, see the documentation for this authorization object. In transaction SOSG, using input help for the Sender field displays only those users or groups for which the current user has display authorization.


umayaraj
Participant

‎11-30-2017 7:27 AM

0 Kudos

hi shivateja Repala,

step 1

first you need to create a traction code for "RSSOSOSTSTAT" program ,T-Code like "ZSOST".

step 2

change implicit enhancement in below include program with sample code also i given..( i implemented control in my company)

step 3

Include: RSSOSOSTF02 

*$*$-Start: (1)---------------------------------------------------------------------------------$*$*
ENHANCEMENT 1  ZU_SOST.    "active version
IF SY-UNAME NE 'ABAP' AND SY-UNAME NE 'BASIS' AND SY-UNAME NE 'DDIC'  AND SY-UNAME NE 'SAP*' AND SY-UNAME NE 'SULECS' AND SY-UNAME NE 'LECS_CEO' AND SY-UNAME NE 'MMUSR02'.
IF SY-UNAME NE g_sender AND g_sender IS NOT INITIAL.
  MESSAGE 'Do not try to change user name' TYPE 'I' DISPLAY LIKE 'E'.
ENDIF.
g_sender =  SY-UNAME .
ENDIF.


IF SY-UNAME = 'MMUSR02'.
    IF 'MMUSR01' = g_sender OR 'MMUSR02' = g_sender OR 'MMUSR03' = g_sender OR
      'MMUSR04' = g_sender OR 'MMUSR05' = g_sender OR  'MMUSR06' = g_sender .
      IF g_sender = ''.
        g_sender = SY-UNAME .
      ENDIF.
      ELSE.
        g_sender =  SY-UNAME .
        MESSAGE 'Do not try to change user name' TYPE 'I' DISPLAY LIKE 'E'.
    ENDIF.
  ENDIF.
ENDENHANCEMENT.

step 4

Include:RSSOSOSTF05

*$*$-Start: (1)---------------------------------------------------------------------------------$*$*
ENHANCEMENT 2  ZU_SOST.    "active version
IF SY-UNAME NE 'ABAP' AND SY-UNAME NE 'BASIS' AND SY-UNAME NE 'DDIC'  AND SY-UNAME NE 'SAP*' AND SY-UNAME NE 'SULECS' AND SY-UNAME NE 'LECS_CEO' AND SY-UNAME NE 'MMUSR02'.
g_mode = 'B'.
      append: 'JOBS'       to gt_exclude_sosb,
              'TRACESET'   to gt_exclude_sosb,
              'TRACEDISP'  to gt_exclude_sosb,
              'SNDP'       to gt_exclude_sosb,
              'SPSEL'      to gt_exclude_sosb,
              'SXPARAMS'   to gt_exclude_sosb,
              'SETWAIT'    to gt_exclude_sosb,
              'SETMIME'    to gt_exclude_sosb,
              'SCOT'       to gt_exclude_sosb,
              'SXIN'       to gt_exclude_sosb.
ENDIF.
ENDENHANCEMENT.

step 5:

Include:RSSOSOSTF01

(1)---------------------------------------------------------------------------------$*$*
ENHANCEMENT 3  ZU_SOST.    "active version
IF SY-UNAME NE 'ABAP' AND SY-UNAME NE 'BASIS' AND SY-UNAME NE 'DDIC'  AND SY-UNAME NE 'SAP*' AND SY-UNAME NE 'SULECS' AND SY-UNAME NE 'LECS_CEO' AND SY-UNAME NE 'MMUSR02'.
  g_admin = ''.
  ENDIF.
ENDENHANCEMENT.

that above code are use to prevent from other user mail view in single user.

you can modify code as per your requirement

thanks an d regards,

Umayaraj.B

roberto_vacca2
Active Contributor

‎12-07-2017 2:07 PM

0 Kudos

Hi.

There's a parameter "SENSITIVITY" somewhere to set on "confidential email". (it depends on the technique you're using)

Once it's on, nobody will see email content from sost, except the creator I suppose.

To avoid mail directly in SOST output list , then you should act like someone already told you here.

Hope to help.