Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Authorization to Webdynpro page

Go to solution
Former Member

‎06-15-2009 8:32 AM

0 Kudos

Hi,

ABAP team has developed customized webdynpro page which updates project system(PS) tables. When we created testId with no roles/profiles and logged in with the testID, then this page gets executed with updating PS tables. When we took the trace we found all requried objects which are missing. Can anyone help me how to provide authorization to Webdynpro page?

Thanks,

SM

1 ACCEPTED SOLUTION

Go to solution
Former Member

‎06-15-2009 8:41 AM

0 Kudos

Sounds terrible....

You need to check authority (or use coding techniques which does it for you...), but that is irrelevant because you should not be updating SAP tables like this anyway.

Cheers,

Julius

12 REPLIES 12

Go to solution
Former Member

‎06-15-2009 8:41 AM

0 Kudos

Sounds terrible....

You need to check authority (or use coding techniques which does it for you...), but that is irrelevant because you should not be updating SAP tables like this anyway.

Cheers,

Julius

Go to solution
sdipanjan
Active Contributor

‎06-15-2009 9:27 AM

0 Kudos

>

> ABAP team has developed customized webdynpro page which updates project system(PS) tables. When we created testId with no roles/profiles and logged in with the testID, then this page gets executed with updating PS tables.

Why you need to do so??

When we took the trace we found all requried objects which are missing. Can anyone help me how to provide authorization to Webdynpro page?

>

This is not the way to build a role by searching so blindly.... If you are not using any TCode/report etc. to update the database (which is the best feature of SAP compared to other ERP products) then you should try to study other menu assignment possibilities and make those custom developments Interactive.

Regards,

Dipanjan

Go to solution
Former Member
In response to sdipanjan

‎06-15-2009 9:51 AM

0 Kudos

Hi Dipanjan,

Thanks for the reply!

ABAP team are calling transaction CJ20N in code for updating PS tables, but when we tried to login to Webdynpro page with no roles/profiles, we are able to update the PS tables. What we(Security team) or ABAP team needs to do so that it checks for authorization at the time of Login?

Thanks,

SM

Go to solution
sdipanjan
Active Contributor
In response to sdipanjan

‎06-15-2009 10:12 AM

0 Kudos

>

> What we(Security team) or ABAP team needs to do so that it checks for authorization at the time of Login?

>

There is no checks performed during Login from point of view of AS authorization concept. This need to be fixed by ABAP team why it is happening. If the user has no role then there is no way to update any record. So it is not happening by user interaction I believe.

Regards,

Dipanjan

Go to solution
Former Member

‎06-15-2009 1:10 PM

0 Kudos

Hi All,

Check if there is any service (SICF) existing for the same, and if some login details are specified there, it will probably be using authorisations of that particular user, rather than the one who is logged on( with no authorisations at all).

Regards,

Sarita

Go to solution
Former Member
In response to Former Member

‎06-15-2009 1:13 PM

0 Kudos

Yes, that is a good observation!

Also check higher up in the node hierarchy for settings, because they cascade down (lower entries inherit higher node attributes, unless specified specifically).

Cheers,

Julius

Go to solution
Former Member

‎06-15-2009 2:15 PM

0 Kudos

Hi All,

Check if there is any service (SICF) existing for the same, and if some login details are specified there, it will probably be using authorisations of that particular user, rather than the one who is logged on( with no authorisations at all).

Regards,

Sarita

Go to solution
Former Member
In response to Former Member

‎06-15-2009 6:33 PM

0 Kudos

Hi Sarita,

Thts a good point. I checked SICF service for the webdynpro page, but we didnt provide any Logon details here. Still the issue is open

Thanks,

SM

Go to solution
Former Member
In response to Former Member

‎06-15-2009 6:41 PM

0 Kudos

Chech the nodes in the hierarchy. It inherits the credentials...

Cheers,

Julius

Go to solution
Former Member
In response to Former Member

‎06-15-2009 7:00 PM

0 Kudos

Hi Julius,

I checked all the nodes in the hierarchy but nowhere we have maintained user crendentials.

thanks,

SM

Go to solution
Former Member
In response to Former Member

‎06-15-2009 7:24 PM

0 Kudos

I guess you are going to have to post the code of your WDA for us to proceed further...

Cheers,

Julius

Go to solution
Former Member

‎06-15-2009 7:46 PM

0 Kudos

Well if there are no user credentials existing in the service, you can maintain login details in the service itself, and the user should only have roles for which you want users to access( change/display) forthe particular application.

Alternatively, If you want to assign different sort of authorisations like change access to a particular group( say the applictaion develor, or super users) and on other hand only the display access to some other group of users you may use the concept of internet users( which in turn refer to refernce users, that can be many).

you may refer to the link for more info:

http://help.sap.com/saphelp_nw70/helpdata/en/02/4b528c2a8d11d5991f00508b6b8b11/content.htm

http://help.sap.com/saphelp_nw04/helpdata/en/9d/ad58397e9d2d06e10000000a114084/content.htm

Hope this will help!!!

Regards,

Sarita