Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

External user ids

Former Member

‎03-15-2012 7:42 PM

0 Kudos

Hi All,

We are planing to setup the external user ids in cfolders.

Proposal is, unquie user id -> Ztest1, ztest2...

Disadvantage of this approach is :  One user id can be used by many people, No Accountability.

Is there any best approach, where we can have accountablity and count of user id should be less.

Thanks,

Sri


5 REPLIES 5

Former Member

‎03-15-2012 10:13 PM

0 Kudos

Hi Sri

Please could you explain further what you are doing as I don't follow the scenario?

What are "cfolders"?

Kind regards

David

mvoros
Active Contributor
In response to Former Member

‎03-15-2012 10:34 PM

0 Kudos

Hi David,

cFolders is a collaboration solution from SAP.

I've never worked with this solution but I understand question correctly then requirement is to have accountability and not have a separate account for each user. This does not sound right. If every user does not have separate account then how you can differentiate between two users using same account.

Cheers

Former Member
In response to Former Member

‎03-15-2012 10:43 PM

0 Kudos

Hi Martin

Thanks!  I should have Googled "cFolders" before replying. I have never heard of this so I'll stepback from the post as being too ignorant to assist!

Kind regards

David

Former Member

‎03-19-2012 11:21 AM

0 Kudos

Hi Sri,

I hope the concept of Fire Fighter id's can help you here.

SAP Firefighter allows the assignment of an "emergency user" to normal support users, giving them extended access for exceptional circumstances. There is notification associated with the use of this extended access and all activities are logged during its use to reduce the risk of unauthorized activities taking place

Please find the below link for more details on fire fighter.

http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/e08f16fb-6264-2a10-e996-97a404134...

I hope it is helpful.

Former Member

‎03-21-2012 9:54 PM

0 Kudos

Sri,

I have implemented SAP cFolders with a mix of Internal and External Users. We are integrated with in Identity Management solution with centralized authentication and an SAP Portal. If you are looking to achieve accountability and non-repudiation, then you must have named accounts. Additionally with named accounts you can provide the ACL authorizations to the cFolder objects. The implementation of Firefighter IDs is most likely not possible since (1) Firefigher IDs are Service Accounts and wont accept / pass logon tickets for SSO (2) will need to know the password to re-authenticate once you lauch the cFolder Web Application from the backend (3) or if cFolders is integrated with a Portal there will be no way to launch cFolders using a Firefighter ID without getting onto the Portal first with the Firefighter ID.

On a side note you can't have accountability without having a way to uniquely identifiy the users (basic security principle). If you are looking for ease of administration and simplicity of design, you could implement named accounts for specific groups and have a single-point-of-contact for that account, someone who is accountable for all activities. For example CompanyA  (Key Contact 1), CompanyB (Key Contact 2), CompanyC (Key Contact 3).

You may also want to consult your organization's legal department for advice on adhering to all ecommerce / electronic transmission laws that is required for your oganization / industry / country / etc.

There are other considerations within IT when "External Access" is brought up which I didnt highlight here. Hope some of this helps.

Matt