Security is an essential element of any information system. BW is no exception to this rule. It uses an R/3 utility called Profile Generator to manage authorization. In this chapter, we will demonstrate how to use this utility.
The foundation of SAP authorization management is based on authorization objects. These objects define what a user can do, and to which SAP objects. Such a definition is called authorization. For example, the authorization in Table 6.1 allows users with that authorization to display and execute – but not change – the queries IC_DEMOBC_Q01 and IC_DEMOBC_Q02. This authorization is defined using authorization object S_RS_COMP.
|S_RS_COMP Field||Field Description||Field Value|
|RSZCOMPID||Name (ID) of a reporting component||IC_DEMOBC_Q01, IC_DEMOBC_Q02|
|RSZCOMPTP||Type of a reporting component||Query|
Multiple authorizations are combined to create an authorization profile. In SAP, an authorization profile is assigned to a user role. Users assigned to the role have the authorizations to execute the defined business activities.
In this chapter, we will use Profile Generator to create user roles and assign users to the roles. In addition, we will demonstrate how to run R/3 transactions and access Web sites from BEx Browser. Although the sales manager described in Chapter 1 may not need this function, we cover it here so that we can introduce an advanced feature powered by the integration of BEx Browser and Profile Generator. Let's start with a demonstration of the Profile Generator.
Part I. Guided Tours
Business Scenario and SAP BW
Creating an InfoCube
Loading Data into the InfoCube
Checking Data Quality
Creating Queries and Workbooks
Managing User Authorization
Part II. Advanced Topics
Aggregates and Multi-Cubes
Operational Data Store (ODS)
Generic R/3 Data Extraction
Appendix A. BW Implementation Methodology
Appendix B. SAP Basis Overview
Appendix C. Glossary
Appendix D. Bibliography