cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Roles replication schema

rodrigoalejandro_pertierr
Active Contributor

on ‎04-03-2013 3:01 PM

0 Kudos

Good morning guys,

In the company the frond end team develop an application to allow the load of sales order document without the need to be logged into the SAP system.

the application works perfect, but and issue is still on the table.

As the user can create many documents, and depend the roles he can see more or less details i am traying to know which could be the best way to display to the user the proper FORM depending the roles that it has in the backend, but without the need to propagate the logon ticked to the backend.

for example:

Once the user log into the application, the app check in a DB table the roles that the user has and depend of the roles, it display the proper form.

As consecuense it see three thing:

* many forms could be created

* Validate, in the unique form, with fields display depend of the roles

* create some forms with roles validation.

What do you suggest??

Regards

Rodrigo P-.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

Jelena
Active Contributor
‎04-08-2013 9:10 PM
0 Kudos

Since there has been no response so far, I might not be the only one unable to understand the question. What is "form"? What does it have to do with the mentioned "application" and what does the "application" do exactly? "See more details" - where?

The whole story is very confusing, unfortunately...

Show replies
Show replies
rodrigoalejandro_pertierr
Active Contributor
‎04-09-2013 1:57 PM
0 Kudos

Jalena,

good morning

What i am traying to explain in the previuos post is:

assume

1)in SAP system it is possible to create 10 differents sales order documents.

2)from those documents you have permission to create 3 of them.

3) a front-end application is is developed to allow you to create the SO outside the SAP system.

4) in this application you should have the propers rigth to be able to create only the 3 documents you are allowed and avoid the user complete a document that the system later will tell him that is not allowed.

SO!

I need to figure out how to "take" the roles that exist in the SAP system to the Front-end so, the application will let you see only the document you can create and deny you to access to the others, previous to propagate the credential.

The other thing i need is to figure out the best way and avoid to manage those roles in two differents ways, so the replication of the roles is not a possibility.

I was thinking about to consume a service that return if a user has asocciated a particular role so, the application should allow him to access to an application and the propers action that he can perform.

similar functionality that SAP uses with Process Integration where you can see in the Java stack the ABAP roles

Hope it is more clear now.

Regards

Jelena
Active Contributor
‎04-09-2013 3:08 PM
0 Kudos

Still it's not clear what exactly the "application" is. What is it using to connect to SAP? Web service? Direct RFC call? XI/PI or something like that?

To place an order in SAP, an "application" must somehow log into the SAP system and there should be some kind of a program in SAP as well that would create an order. Authorization check most definitely must occur in SAP in this program. E.g. we have a web service that places orders from a website and it would throw an exception if authorization check did not pass.

This is actually not an SD question, you might need to move it to another forum, but which one - depends on the questions above.

Ask a Question