cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How can I define payload authorizations in Runtime Workbench?

Go to solution
mario_marschall
Participant

on ‎05-28-2009 12:26 PM

0 Kudos

Hi there,

I am trying to define JAVA-authorizations in our PI-landscape. My recent problem is that I am trying to give our developers the opportunity to read message payloads in the Runtime Workbench.

So far I have only been able to do this with administrator rights and this is no option. In the future I'd even have to distinguish between authorizations for different types of messages (according to namespaces et cetera) like you can do it in ABAP via the authorization object S_XMB_MONI, but first I'd like to at least assign payload authorizations without administrator rights.

Any ideas?

Regards

Mario

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Shabarish_Nair
Active Contributor
‎05-28-2009 12:34 PM
0 Kudos

http://help.sap.com/saphelp_nw04/helpdata/en/89/05793c05f0807be10000000a11405a/content.htm

role SAP_XI_MONITOR should do the trick

Show replies
Show replies

Answers (3)

Answers (3)

Former Member
‎10-04-2009 9:18 PM
0 Kudos

The correct note-number for PI 7.1 "Securing Payloads in Message-Monitoring" is: 1370334

Regards,

Max.

Show replies
Show replies
mario_marschall
Participant
‎07-02-2009 3:04 PM
0 Kudos

Thank you for your answers, but that's not really enough for us. We are already able to restrict the message monitoring regarding header data and payload. What we really want is to seperate the payload authorizations like you can do it in ABAP with the S_XMB_MONI object, so different users are able to view different message payloads.

Any idea on how that could be accomplished would be highly appreciated!

Regards

Mario

Show replies
Show replies
Former Member
‎07-02-2009 3:32 PM
0 Kudos

My last information concerning restricted payload access in the java engine on interface or namespace level is that this is not possible. You can only give the right to access the payload or you deny it. You cannot configure it as detailed as you can in the ABAP stack with the object S_XMB_MONI.

If someone developed custom actions in the UME, please update this thread. I'm interested too in restricting the payload access in the java stack more detailed.

Regards,

Heinrich

Former Member
‎07-02-2009 3:38 PM
0 Kudos

Mario,

On ABAP stack you can follow:

/people/michal.krawczyk2/blog/2006/01/02/xi-sxmbmoni--controlling-access-to-message-display

On JAVA stack you can follow:

/people/sap.user72/blog/2005/11/17/xi-controlling-access-to-sensitive-interfaces

Regards,

---Satish

mario_marschall
Participant
‎07-03-2009 6:19 AM
0 Kudos

Dear Satish,

maybe I misunderstand the blog entry. But how is that supposed to help me separate the viewing authorizations for payloads in the Runtime Workbench? The way I understand it this provides a way to restrict access to services, which is a nice thing, too, but not what I was looking for...

Regards

Mario

former_member200962
Active Contributor
‎07-03-2009 6:29 AM
0 Kudos

Check this SAP Note on what you need to do inorder to enable the user with the view, edit functionality of the payload in RWB:

https://service.sap.com/sap/support/notes/796726

Regards,

Abhishek.

Former Member
‎07-03-2009 6:36 AM
0 Kudos

Mario,

Check this document. Hope this helps:

https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/7e4105db-0601-0010-bf87-bd3f714f...

Regards,

---Satish

mario_marschall
Participant
‎07-03-2009 7:03 AM
0 Kudos

Now that's a little better as it at least deals with viewing authorizations. But as I said before, we've already accomplished that in the ABAP stack. Now I'd like to know how to do this in the Runtime Workbench, but I guess it's just not possible right now...

Former Member
‎07-03-2009 8:17 AM
0 Kudos

The step-by-step guide is nice, yes, but just deals with the ABAP roles. If you want to have this functionality in your JAVA stack with the UME, you have to develop your own actions that maybe fit your demands. In the standard it is not possible for the JAVA stack.

former_member200962
Active Contributor
‎07-03-2009 8:24 AM
0 Kudos

> 

> Now that's a little better as it at least deals with viewing authorizations. But as I said before, we've already accomplished that in the ABAP stack. Now I'd like to know how to do this in the Runtime Workbench, but I guess it's just not possible right now...

there is no configuration to be done in RWB.....however there is some in the VA (i.e. the JAVA stack)....check the note which i have provided in previous reply...

Regards,

ABhishek.

mario_marschall
Participant
‎07-06-2009 7:37 AM
0 Kudos

I still don't think you understand me. I want certain users to be able to view the payload of namespace A and other users to be able to view the payload of namespace B. As far as I know (and according to what other people said in this thread) you can just view payloads or don't view payloads, except if you develop your own actions.xml - which I tried, too, but without any success so far...

Former Member
‎07-15-2009 9:26 PM
0 Kudos

Mario,

I am having this exact problem...have you had any luck getting this to work on your end?

mario_marschall
Participant
‎07-21-2009 7:22 AM
0 Kudos

Sorry, I still got nothing. I did not assign payload rights to any user except some emergency users so they can analyse problems in PROD. I'm still far from satisfied with this, but it'll have to do for now...

Former Member
‎09-28-2009 3:57 PM
0 Kudos

Here is something new. Maybe you can use it. Take a look at the note 1370334 (Securing Payloads in Message-Monitoring) for PI 7.1 or newer and 1162399 for XI 3.0 and 7.0.

Edited by: Heinrich Lieker on Oct 5, 2009 7:51 AM

Mistyped the note number

Former Member
‎05-28-2009 2:31 PM
0 Kudos

Hey

Please have a look at the below link to see how you can restrict access in Integration engine as well as adapter engine

http://help.sap.com/saphelp_nw04/helpdata/en/a0/64f6413a15e23ee10000000a155106/frameset.htm

Thanks

Aamir

Show replies
Show replies
Ask a Question