on 09-26-2012 5:00 PM
Hi,
I have been trying to configure Authorizations for the WCL users, but it doesn't seem to work. These are the steps that i followed:
Define Auth Para inside the Parameter set. (i assigned just one control para SOLD_TO as auth para)
In the role under the Authorization tab i went to maintain the Auth Data
under the Event Handler Authorization I added an activity 03 (display) with Parameter=SOLD_TO,Parameter Value=valid sold to code
Assigned the role to the user
But i am unable to limit order visiblitiy. the user who is assigned to the role is still able to view orders for SOLD_TO codes outside the Paramter values defined in the role.
Am I missing some step here?
Regards,
Affan
hi affan,
you also have to adjust your role in TA "pfcg". here you have to select the parameter to be checked as well and the parameter value.
e.g. Event Handler Authorization --> authorization object "X_EM_EH" here you have to specify your SOLD_TO parameter + parameter value.
Regards Marco
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Dear Steffen/Marco,
I have followed exactly the same steps as followed by Affan above
9. I have created new EH with the parameter Z_CHA which is initial set of Info parameter. But still i am able to see all the EH without any filtering.
In the link below that you have shared before it is mentioned to assign Auth Profile to role .
Is it like the auth profile that we create can be assigned to role ? Or
The auth profile that is created while role creation should be inserted into EM customizing where we Define Auth Profile ?
Authorizations and Filters - SAP Event Management Infrastructure - SAP Library
Thanks,
Shubh.
Hello Shubh,
please check if note 1935720 is in your system.
Check also in table /SAPTRX/EH_AUTHR with your EH_GUID if there is one entry for your parameter Z_CHA.
Not the auth profile is assigned to a role. This is only valid for Filter Profiles.
Authorizations work as normal in SAP System. You use just PFCG and create roles and later assign them to users.
Best regards,
Steffen
Dear Steffen,
Thanks for your reply. I am getting the note 1935720 implemented in my system.
In the meanwhile i want to ask how do i make the values dynamic for the user who has signed in , my parameter Z_CHA gets filled with parameter value which is the code for that user ?
As mentioned below i am maintaining the value against X_EM_EH object as hard coded value.
7) The Event Handler Authorization --> authorization object "X_EM_EH" I have specified my Z_CHA parameter + parameter value.
Thanks,
Shubh.
Dear Steffen,
Thanks again , but i have the scenario where the user logs on to the EP Portal and we have the EM link provided to the user.
When the user access the EM portal , there is a background user which hits the EM system . This is because there are thousands of vendor and client does not wants to create there entry in SU01 for systems like ECC , APO and CRM. All the access is done via background user.
This background user should have dynamic authorization based on user who has logged in.
Thanks,
Shubh.
Ok,
in this case you need to write an own logic for that.
You could create a Z-Table with the users and the allowed parameter value. That is something i have already seen in other projects. The check could be done in BADI /SAPTRX/BADI_EH_S
Method AFTER_GET_DATA_DISP
There you have all EM data available before displaying them in the Web Ui.
Best regards,
Steffen
Hi Affan,
was the EH created before you made the authorization customizing? It works only for EH created after you made the settings and assign it to the EH Type.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Steffen,
its not working even for the new event handlers being created. can you clarify the following:
1. The auth para that i not a part of the initial set of control parameters that are added when the EH is created. i.e. it is being added at some later stage. but even after this para is added, the authorizations are not working. Does the Auth parameter have to be present when the EH is created?
2.Is is necessary to for the Auth para to be control para, or can info/system para also be used?
Yes the parameter must be present when you create the EH and it cannot be changed later. At the moment is unfortunately also no standard activity available to change the authorization data.
Info and System parameter can also be used with the same restrictions. You should be able to choose them in the customizing for the Auth. Profile.
Best regards,
Steffen
User | Count |
---|---|
9 | |
4 | |
3 | |
3 | |
2 | |
2 | |
1 | |
1 | |
1 | |
1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.