Skip to Content
author's profile photo Former Member
0
Former Member
Jul 14, 2011 at 10:15 PM

Interaction of BW Roles and BWA Explorer Security

40 Views

We secure all our BW users via roles these roles have Analysis

authorizations embedded in them which restrict access to specific

infoproviders and values in these based on authorization relevant

infobjects.

When we try to create a BWA Explorer object in RSDDTPS we are forced to

assign a userid and an analysis authorization directly in

the "Authorizations" tab. Our security group only wants to have too

assign roles to users either via SU01 or CUA.

Configuration

BO 2008 Enterprise Server (connected to BW system)

BW system (Netweaver 7.01 EHP1)

BWA 7.2

1) How can we create BWA Explorer objects on a infoprovider without

directly assigning users in Authorization Tab and how can we make the

system ignore whatever is on this tab and base access to a BWA explorer

object on the roles assigned to the user via SU01/CUA.

2) If a User has roles assigned in BW that give them access to a

specific infoprovider will this automatically also give them access to

a BO Server published BWA explorer object built on that infoprovider.

Related to this do we also need import the same roles and assign to the

user in CMS server with link to BWA Explorer Server or does the user

automatically get access to BWA Explorer as long as BWA Explorer is

published on BO Server.

3) If the user in BW is assigned roles that limit values based on an

authorization relevant object is this restriction enforced in the

values returned in published BWA Explorer for the user. Example

Authorization Relevant object is Profit Ctr and the user has two value

roles one contains access to all profit center that role up to a

hierarchy node limited to the USA and the other contains hierarchy

analysis authorization limiting access to all profit centers rolling up

to hierarchy node representing Europe. When a user access's the BWA

Explorer object which contain profit ctr will the values be limited

only to USA AND Europe Profit centers or will the BW value based

security be ignored.

Please provide advice on above questions and document resources on how

BW role based security interacts with BWA Explorer.