- SAP Community
- Groups
- Interest Groups
- Application Development
- Discussions
- Table Level Security
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Table Level Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-06-2009 4:49 PM
I am working with the EH&S system and need to find a way to restrict access to certain data. An example would be restricting the ability to view composition data. (Stored in table ESTVP). Does anyone have any idea how to do this?
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-06-2009 5:05 PM
I would investigate the possibility of moving that table to its own authorization group and then limiting access to that authorization gruop.
Two things to be concerned about, off the top of my head:
Current access to that table would suddenly stop.
Would SAP have an issue with customers moving delivered tables to custom auth groups.
On the security side, you would have to modify any current roles that need access to this table to include the new auth group if any.
Create a new role or modify existing ones for the users that need to access this table.
J.
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-06-2009 5:05 PM
I would investigate the possibility of moving that table to its own authorization group and then limiting access to that authorization gruop.
Two things to be concerned about, off the top of my head:
Current access to that table would suddenly stop.
Would SAP have an issue with customers moving delivered tables to custom auth groups.
On the security side, you would have to modify any current roles that need access to this table to include the new auth group if any.
Create a new role or modify existing ones for the users that need to access this table.
J.
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-06-2009 5:19 PM
Hi James,
You can do this with the auth object S_TABU_DIS , with corresponding auth group and actvity.
If the users are directly accessing the table through SM30, SE16 or SE11 .. etc, you can better have an table transaction created for this table (an abaper could help you in creating this) and can restrict the access by assigning to the appropriate roles.
Nanda
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-28-2009 10:09 AM
Dear James,
Table level security is provided mainly by three authorization objects S_TABU_DIS, S_TABU_LIN , S_TABU_CLI .
S_TABU_DIS is used to restrict the acces to a table through the authorization group assigned to that table and the activity give.
S_TABU_LIN ,, If you want to secure more i.e , table for specific company code , you can use S_TABU_LIN where you will specify the Organizational criteria to restrct the access.
S_TABU_CLI can be used to restrict the cross client table access
Thank you
- SAP Managed Tags:
- Security
