on 09-19-2015 4:23 PM
I have the following roles assigned to user3:
And keep getting the error:
Checked SU53, user3 need the following:
If I added /UI2/PAGE_BUILDER_CUST and /UI2/TRANSPORT, the error disappear, but user3 now have rights like the administrator, have full access.
I have added user3 to the transport request used by the catalog:
According to the documentation for user role:
User Role
The launchpad user must have the PFCG role SAP_UI2_USER_700 assigned. With this role the user can run the SAP Fiori launchpad on the Personalization level and has authorization to execute the following OData services:
So what is the correct role I need to apply for user3 ?
Thank you
Welly
Hi
Why you have not included any IWSG service as suggested in the below link
Regards,
Sarbjeet Singh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Welly,
For every Fiori user below authorization objects are required in order to create catalogs, groups etc.
s_service (For interacting with your backend odata service)
s_Rfcacl (For interacting with your RFC user, in order to get data from your backend system using same user id)
/ui2/chip (For tile chip errors)
s_pb_chip (For page buider chips)
Assign above authorization to a custom role and assign.
Regards,
Tejas
Thanks Tejas.
Would you know where this information is documented ?
This link only mention about s_service:
Regards
Welly
Hi Welly
Here's some information I provided on another thread for the security permissions
I didn't look at SAP standard roles or refer to documentation. If you use STAUTHTRACE trace to identify the checks you can then get the S_SERVICE values and add them to your role menu (like you already did). That way, you don't need to know the specific S_SERVICE value that is mapped in USOBAUTH table
The other tip is to look at the Gateway Error log. Switch on detailed tracing and it will tell you when you are missing a service, etc. Transaction: /IWFND/ERROR_LOG - Gateway Error Log
Regards
Colleen
Hi Welly;
SAP has also acknowledged the missing authorizations in the standard role.
http://service.sap.com/sap/support/notes/2168841
Regards,
Sarbjeet Singh
User | Count |
---|---|
101 | |
13 | |
13 | |
11 | |
11 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.