on 05-02-2005 3:07 PM
Dear experts,
Could someone of you help me on how to go about mainitaining authorizations at query level. I have a Query which is accessed by different vendors through a portal. I should ensure that necessary authorizations are maintained so that one vendor should not be able to view unintended data.
Any insights on this are highly appreciated...
Kind Regards,
Shravan
Hi Shravan,
your problem can be solved in two steps: first of all define a Profile to see data and than integrate a Custom Authorization Object to restict on the basis of one (or more) Characteristic values (eg. each vendor is responsible for one or more Area and must see only tese data) using TCode RSSM.
About authorizations you can find some good docs in service.sap.com/bw under InfoIndex -> Authorizations
Hope it helps
GFV
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Gianfranco, Ashwin,
Thank you very much for the links...
Gianfranco, your suggestion of defining a profile and adding custom authorization objects is not very clear to me. I am new to the authorization concept. I would appreciate if you could be little more descriptive. I am going through the links.
Kind Regards,
Shravan
Lat's say you successfully defined a Profile that allows some users to execute Queries on specified InfoProvider (or Queries ...). This Profile must include some Standard Authorization Objects as S_RS_CUBE, S_RS_COMP, S_RS_COMP1, ...
A Custom Authorization Object allows you to controll Authorizations on the basis of Characteristic Values.
Let's say you have 2 VENDOR 1 and 2 and 4 Area: A1 and A2 that do belong to VENDOR 1 and A3 and A4 that do belong to VENDOR 2. You wolud like to give VENDOR 1 the visibility of his Areas, while VENDOR 2 can't see the same.
For this purpouse you can define (in RSSM) a Custom Authorizaton Object, based on the Characteristic Area (the InfoObject must be mared as authorization relevant ...). In RSSM you set those InfoProvider that must be checked against you Auth Obj: when you activate such a control the defined Profile will stop working and the user will see a message like "No Authorization ...". You should modify your Profile, adding the Custom Authorization Object ...
Hope it's clear.
GFV
Hi shravan !
you use the help links that are given above there it is clearly explained about every thing. after reading them you can easily follow what GFV has said. there is a example given by sap in the link provided above. which gives a overview of how the compleate authorizations work
the procedure for doing what is suggested by GFV is explaine exactly in the following link
http://help.sap.com/saphelp_bw31/helpdata/en/a0/48f438f3422f2ce10000000a114084/content.htm
with regards
ashwin
It looks like i am abit late. i was actually refereing to gfv's first post.
Message was edited by: Ashwin Kumar Gadi
Hi shravan!
this can be achieved easily with implementation of reporting authorizations on the queries you wish using transaction RSSM and PFCG.
here are links to the topic reporting authorizations.
http://help.sap.com/saphelp_bw31/helpdata/en/be/076f3b6c980c3be10000000a11402f/frameset.htm
Bex authorizations
http://help.sap.com/saphelp_bw31/helpdata/en/80/1a689ae07211d2acb80000e829fbfe/content.htm
check the example given there for more clear understanding of this concept
hope it helps
with regards
ashwin
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
88 | |
10 | |
10 | |
9 | |
7 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.