- SAP Community
- Groups
- Interest Groups
- Application Development
- Discussions
- Reducing number of analysis authorisations
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Reducing number of analysis authorisations
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-04-2010 9:48 AM
Hello Experts,
I am currently working on BI Security implementation project. We have an hierarchy kind of setup.
The hierarchy as follows:- Business Unit>Area>Sector>Segment>Function. There are thousands and thousands of functions in the system.We have a characteristic for function which has been marked as auth relevant.And the security has been setup around this characteristc.
The business requirement is to have restriction on queries and the function level. We have proposed a solution to create analysis authorisations and restricting at the function level.But this leads upto creation many analysis authrorisations in the system.
Can you propose any other way of implementing the security? Your inputs are highly appreciated.
In anticipation of your reply. Thanks in advance.
Best Regds,
Suyog..
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-04-2010 10:04 AM
If you are facing creating thousands of analysis auths then how about using variables to populate the correct auths at runtime?
You have to get and store the data somewhere, it may be that you have an existing structure that can provide this. For example, you could extract relevant auth data for users from R/3 and use that to populate the variables. This particular scenario may not be suitable in your situation but it illustrates what you can potentially do.
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-04-2010 10:04 AM
If you are facing creating thousands of analysis auths then how about using variables to populate the correct auths at runtime?
You have to get and store the data somewhere, it may be that you have an existing structure that can provide this. For example, you could extract relevant auth data for users from R/3 and use that to populate the variables. This particular scenario may not be suitable in your situation but it illustrates what you can potentially do.
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-04-2010 10:50 AM
Hello Alex/Experts,
Thanks for your prompt inputs. Can you please elaborate a bit more on the solution that you have provided. How will I create variables to populate the correct auths at runtime? And will this result into reduced number of analysis authorisations.
Even if we create a variable we will have to restrict the same based on the possible values and will have to create necessary number of analysis authorisations.
In my scenario, we have a characteristic corresponding to function (the characteristc which we are planning to have restrictions on).
In an hierarchy type scenario is there any way to reduce the number of analysis authorisations or any other approach to implement security.
P.S:- We have an hierarchy as Business unit>Business Area> Sector>Segment>Function and the requirement to is to restrict the queries at the function id level.
Also wanted to know if there is any way other than creating analysis authorisations corresponding to function id?
In anticipation of your reply. Thanks in advance.
Best Regds,
Suyog...
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-04-2010 11:22 AM
Hi Suyog,
Have a look here for info on variables: http://help.sap.com/saphelp_nw04/Helpdata/EN/6d/58f438114ee836e10000000a114084/frameset.htm
Also speak to your BW team , they will be able to help you
>
> Also wanted to know if there is any way other than creating analysis authorisations corresponding to function id?
I have already provided you some info to get started on this.
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-07-2010 7:49 PM
> There are thousands and thousands of functions in the system.
Have you tried an analysis yet of how many could be merged and whether the function within the segment is really usefull? How many functions does a typical user have analysis authorizations for? (I assume you are using the new concept?)
If you have a usable naming / numbering convention then you could additionally consider ranging the analysis authorizations.
If you don't have a reliable variable to work with, then there is the option of generating them from (foreign) data sources which you can build yourself. You might have a lot of analysis authorizations but if the user's query doesn't really need to use them, then I would avoid it.
Generally, I would try to simplify the concept or automate the administration.
Cheers,
Julius
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-25-2010 1:12 PM
Thank you all for your responses, we have shifted from an hierarchy security approach to customer exit variable approach.
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-25-2010 1:14 PM
Thank you all for your responses, we have shifted from an hierarchy security approach to customer exit variable approach.
- SAP Managed Tags:
- Security
