cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Portal Independent Navigation Frame (NWBC): POWL authorization

Go to solution
Former Member

on ‎04-19-2011 9:03 AM

0 Kudos

Hi,

Whenever a user logs on to the Portal Independent Navigation Frame in our system with the standard SAP SRM PFCG roles he can't see/query the POWL document list. The document list doesn't return anything. If the same user has authorization SAP_ALL he can see/query his own documents via the POWL.

SU53 tells me that everything is ok whilst i'm certain that certain authorizations are causing 'empty POWL lists'.

What I've already tried:

- Check SU53, nothing.

- Added roles: SAP_BC_UWL_END_USER, SAP_DAL_ADMIN_WORKFLOW_POW, SAP_S_RFCACL, /SAPSRM/ENTERPRISE_SERVICES, /SAPSRM/ADMINISTRATOR_USR

Inputs very much appreciated.

Kind regards,

Tim

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

yeushengteo
Advisor
Advisor
‎04-19-2011 9:41 AM
0 Kudos

Hi,

is that user a employee in the system too? if yes, can you added the SRM employee role to him/her and try again?

Best regards.

Yeu Sheng

Show replies
Show replies
Former Member
‎04-19-2011 9:52 AM
0 Kudos

Hi.

As stated we're using standard SAP SRM PFCG roles. This user already holds role /SAPSRM/EMPLOYEE he therefore has authorization to shop and to view the POWL interface however no documents are included in the POWL document list if the user is not assigned to profile SAP_ALL.

I'm looking for non SAP_ALL authorization for viewing POWL documents via Portal Independent Navigation Frame.

Kind regards,

Tim

yeushengteo
Advisor
Advisor
‎04-19-2011 10:01 AM
0 Kudos

hi,

Can you check if the assigned ABAP roles already has their corresponding authorization profile generated?

SAP_ALL is an authorization profile which granted all authorization object access.

NWBC is using the ABAP role which has the associated authorization profile containing the relevant authorization objects included for the transaction data access.

Best regards.

Yeu Sheng

Former Member
‎04-19-2011 10:11 AM
0 Kudos

Hi,

Authorization profile was available. Re-generated authorization profile for /SAPSRM/EMPLOYEE role and via 'expert mode' executed 'delete and recreate profile and authorizations'. Same result for both.

I'm using a SRM 7.0 (non EHP1) SP07 system. Do you maybe know of another way to trace the missing authorizations?

Kind regards,

Tim

yeushengteo
Advisor
Advisor
‎04-19-2011 10:56 AM
0 Kudos

Hi,

Using the transaction code PFCG, can you tell me if your Authorization tab is "green" when you are displaying the /SAPSRM/EMPLOYEE role?

A role with properly generated authorization profile must see the Authorization and User tabs in green.

In your case, i feel the authorization profile is not generated correctly yet?

Best regards.

Yeu Sheng

Former Member
‎04-19-2011 10:59 AM
0 Kudos

Hi Yeu,

They are green, the role / authorization profiles are fine.

Can you please check transaction POWL_TYPER in your system and see whether the column role is maintained. In our system this column doesn't contain roles (f.e. /SAPSRM/EMPLOYEE).

Kind regards,

Tim

yeushengteo
Advisor
Advisor
‎04-19-2011 11:17 AM
0 Kudos

Hi,

yes the column is empty.. I doubt this has affected since you are assigning POWL query to the type?

maybe logged an msg to SAP support next since everything seemed in order.

Best regards.

Yeu Sheng

Former Member
‎04-26-2011 1:57 PM
0 Kudos

HI Tim,

The best thing to do to rule in / out authorisations being the problem is to use the ST01 transaction and run it for an authorisation check only.

Then run the POWL refresh and go to the ST01 transaction again and click on the 'Analysis' section. Then look for any non-zero return codes (in light green I think).

Thats how I always check out these issues.

Best regards,

Nick

Answers (1)

Answers (1)

Former Member
‎04-19-2011 4:27 PM
0 Kudos

If you don't mind a little debugging, put an external break point at FM BBP_PROCDOC_GETLIST and see what this FM returns.

Show replies
Show replies
Ask a Question