Regarding Security In SAP XI

HI All,
What is the Purpose of Security in SAP XI ???
When We will USe it And How We Will Use this ????
Regards
Vamsi

Krishna,
If your user id is not secure then you can do any changes in XI. So to control this we need to have some secured roles for every user.
It is used for message level security also. Check this document:
https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/d024ca8e-e76e-2910-c183-8ea4ba681c51
Regards,
---Satish

Similar Messages

  • Regarding security in Xi

    hi
    how can we handle security in Xi,i mean if i connect different systems using Xi
    how can flow of files  from one system to other system be secure.
    regards
    ramakrishna

    HI Ramakrishna
    Check the following links.. you will get the information all about the securities...
    http://help.sap.com/saphelp_nw04/helpdata/en/f7/c2953fc405330ee10000000a114084/content.htm
    Also read thru this link for message level security - https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/d024ca8e-e76e-2910-c183-8ea4ba681c51
    Also find soeminformation in these links
    http://help.sap.com/saphelp_nw2004s/helpdata/en/a8/882a40ce93185de10000000a1550b0/frameset.htm
    /people/aparna.chaganti2/blog/2007/01/23/how-xml-encryption-can-be-done-using-web-services-security-in-sap-netweaver-xi
    You can define a security level for incoming messages handled by certain HTTP-based sender adapters.
    Possible HTTP security levels are (in ascending order):
    -- HTTP without SSL
    -- HTTP with SSL (= HTTPS), but without client authentication
    -- HTTP with SSL (= HTTPS) and with client authentication
    This will clear most of ur doubts
    http://help.sap.com/saphelp_nw04/helpdata/en/14/ef2940cbf2195de10000000a1550b0/content.htm
    Cheers..
    Vasu
    <i>** Reward Points if found useful **</i>

  • Multi-level password security in sap portal

    Hi Experts,
    We have a requirement to implement Multi level password security in SAP Portal. i was looking for any expert who can share their experience how this can be achieved and skills,time and effort required for this one.
    In  one of the sdn discussion i have seen that some body tried to implement Digital certificates (X.509) AND uid/pw  , i am not sure if there were successful.
    Your help in this regard, Really appreciated.
    Thanks
    Chris.
    Edited by: chris n on Aug 26, 2009 10:14 PM

    Hi Michael
    Thanks for the help link.I am a novice wrt IdM concept ,so these queries.
    We have 2 portals and 2 ECC installation configured with IdM.User accesses everything through portal.
    My queries are :
    If the user chages its password on one portal then can same be provisioned across the entire landscape?
    How can we achieve it and where should we define our security policy?
    regards

  • I received a pop up regarding security certificates when opening a PDF document today.  Is it safe to say "yes" to the installation of the security updates?

    I received a pop up regarding security certificates when opening a PDF document today.  Is it safe to say "yes" to the installation of the security updates?

    If you opened it with Adobe Reader, then yes: "Yes" is safe (I just did the same thing one minute ago).

  • Analyzer Security for SAP BPC 7.5 SP6

    Hi ,
    We have recently installed Analyzer add-in on our excel for Adhoc reporting on SAP BPC 7.5 SP6
    But analyzer is not considering the data security restricted for specific region.
    For eg: If a planner is assinged to EUROPE planning role and when he creates reports using analyzer he is able to see the data for all the regions(NA,EMEA,ASIAPAC).
    Is there anyway we can restrict the planners to see the data relevant to their role in Analyzer.
    we had a look at security in Admin client. Is there anyway to handle this.Thanks much.
    Regards,
    Sanjeev

    Hi,
    You can use Bex analyzer for detailed reporting. Both the analyzer and BPC reports can be connected using the normal excel functionalities (in a single excel workbook) so that BPC CV selection will be fed into Bex as variables and relevant data records are displayed in Bex reports. Performance of Bex analyzer is slow. That is one of the main reason it was replaced with BO reporting tools.
    If you are using BPC 7.5NW, then there is a standard functionality called DRILL THROUGH. Using this functionality you can drill down to detailed data in BW.
    Bex and BPC have different authorizations. You can maintain authorizations in BW roles and try to manually replicate same authorizations in BPC (there is also a how-to doc on automating this synchronization).

  • Objectlevel Security in SAP BI

    Hi Gurus,
    Implementation of Object level security in BI system. Customer is looking to Implement BI security model for a new piece of functionality that they are setting up in BI (Commissions processing) specifically in the area of SD (Sales Distict, Office, Group, etc.).
    Kindly suggest me how do i apply Object level security in BI for large number of People.
    I have 3 characteristics to Restrict in Analysis Authorization.
    0SALES_DIST:  300001,     300002,     300003,     300004
    0SALES_OFF: 3010,     3011,     3012,     3020,     3021,     3022
    0SALES_GRP: 3AA     ,3AB,     3AC,     3AF,     3AG,     3AH
    Kindly suggest me the best method to Implement. System is BI 7.0.

    Hi Syed,
    Analaysis authorizations are more flexible than Hirerachy authorizations.
    However, the solution is simple. You doesn't require to create 100s of Analysis authorization and can use the user exits, or the variables instead. The below articles provides you detailed information on implementing them, which means you can achieve with a single anaysis authorization
    http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/9000928e-dd3d-2e10-9ca1-a00f249305b7?quicklink=index&overridelayout=true
    http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/b0b3fb3f-a21c-2e10-3a9c-efc3e59996a8?quicklink=index&overridelayout=true
    Regards,
    Raghu

  • SAP HANA security issue: SAP DBTech JDBC: [258]

    Hello experts,
    I am trying SAP HANA security features by playing out with a test user (MYTESTUSER) I've previously created. This is the permissions detail I've granted to the mentioned user:
    Granted Roles:
    PUBLIC
    Object Privileges:
    _SYS_BIC : SELECT
    _SYS_REPO : EXECUTE, SELECT
    REPOSITORY_REST (SYS): EXECUTE
    MYSCHEMA : SELECT (Contains source tables for views)
    Package Privileges:
    TEST.MYTEST (Package containing my views)
    Analytic Privileges:
    AP_MYTEST : Contains all my views and a couple restrictions over an attribute.
    What do I expect?: when logging on as MYTESTUSER it should be able to deploy the different folders in SAP HANA Studio, dive into "Content" folder, and even more: reach the package TEST.MYTEST, once there by selecting "Calculation Views" folder then being able to open CV_MYTEST calc view (which was already added into AP_MYTEST shown above).
    What happens as is?: Running as MYTESTUSER I am able to reach the calc view, when opened it is able for view only (its design). When pushing over the button "Open in Data Preview Editor" it trhows me the error:
    Cannot get the data provider outline
    SAP DBTech JDBC: [258]: insufficient privilege: insufficient privilege: Not authorized at ptime/query/checker/query_check.cc:2418
    What is expected?: Running as MYTESTUSER "Open in Data Preview Editor" feature must return and show adequate data from calculated view.
    In consequence:
    What does this error ("Not authorized at ptime/query/checker/query_check.cc:2418") specifically means and how to start addressing it?
    I'm unable to determine what is crashing or in what point it doesn't work. Any clues?
    I've also realized that there's no way out to perform some kind of trace (at least in an easy-known-fashion). Could you also advice? it would be quite important to be able to detect what are specifically the missing authorizations for a performed action. (kinda SU53 in SAP)
    Any clues or advices are welcome. Thanks a lot in advance,
    Bernardo

    Hi Bernardo,
    Can you check whether _SYS_REPO has SELECT access on your schema. Open _SYS_REPO user and check whether your schema is listed under objects privileges or not. If not run the below query.
    GRANT SELECT ON SCHEMA <schema_name> TO _SYS_REPO WITH GRANT OPTION.
    if it doesn't work try to give SELECT and EXECUTE access on both _SYS_BI and _SYS_BIC to your schema and check. And also but default your should have all the privileges on your schema.
    Regards,
    Venkat N.

  • SSL (http https) security in SAP

    Hello. Can you help me??
    It is a scenario, that we have to enable a secure meassage communication.
    An encryption have to be used and may be authorization(log and pass) or digital certificates. Can u help me or just point the most information.
    Thanks a lot.

    Configuring the SAP Web AS for Supporting SSL-SSL
    Regards
    Kasi

  • Regarding Adding multiple SAP Scripts in one Transaction

    Hi All,
    I have a requirement where i will have to develop one custom transaction which will have multiple SAP Script Forms to it.
    The scenario is as below:
    First i will have to create a Program with Selection-Screen with 10 Radio buttons in one Block - Here Each Radio Button indicated Diffrent FORM[SAP SCRIPT].
    Down to it i will create another Block with some selection-screen fields. Like Order Type, Order No, Customer PO number, SOLD TO, BILL TO, SHIP TO etc.
    And based on Radio button selected allowed order types will vary!
    So after selecting one Form[Radio button] and enetring other selection fields once i press execute button.
    i need to display list of Orders in ALV List output with check boxes for each record in the List Output.
    Here all the radio button Forms are related to <b>Sales Order document and Delivery document</b>
    So do we need to create new ALV List Report (or) We can use submit <b>VF31</b> transaction's program <b>[sd70av3a]</b>.
    After we are displayed with orders in the output.
    Then we should provide a functionality as such if user selects mutiple Orders/Check boxes he should be able to view multiple Orders one after other, and simultaneously generate PDF Files for Each Order Selected and attach them in Mail send them to Block of users.
    Can anybody give there sujjestions.
    Without generating spool request no's is it possible to generate PDF files for SAP SCript output!
    Is it possible to Generate & attach one/multiple PDF files to mail ID and send them to list of users!
    Can anybody give inputs.
    Thanks in advance.
    Thanks & Regards,
    Prasad.

    hi prasad,
    There is one concept called Print Work Bench(PWB) to print the multiple scripts or smartforms which r assigned to a same transaction.
    If u need the info related to PWB shoot me a test mail to [email protected]
    i will send u the same
    fot the same u can check the below link also
    http://help.sap.com/saphelp_nw04/helpdata/en/64/bf2f12ed1711d4b655006094192fe3/content.htm
    <b>Prasad i didn't get the mail from you plz check it once again</b>
    If u find it useful plz mark the points
    Regards,
    Naveen
    Message was edited by: NAVEENKUMAR GUDURI

  • Regarding Security in OBIEE

    Hi,
    We have 4 regions like UK, India, US, Japan.. when ever UK users logins to OBIEE the dashboard should get defaulted to UK region and user should see UK reports only.
    Similarly if a Japan, US users logins he should see reports corresponding to his region.
    At present we have a prompt where user select the region from the prompt . How to implement the security for this..
    Thanks

    Hi,
    Do the following steps and let me know if it was helpful:
    1. Create a separate table say table1 which will contain the USERID and REGION columns.
    Eg. User1 Region1
    User1 Region2 and so on
    2. Import the table in the physical layer. No need to create BM for it.Check in and save.
    3.Go to Manage - Variables and create a Session - Initialization Block with connection pool pointing to above table and query as select 'REGION1' ,REGION from table1 where USERID=(':USER')
    4. After the block is created go to Business Model and the table in which you want to implement the security.
    Table - Sources - Content tab - add the following in the where clause
    MAINTABLE.REGION IN (VALUEOF(NQ_SESSION."REGION1"))
    Save the rpd. Log in and check if it is working.
    Regards,
    Swati

  • Question regarding Authorizations in SAP CRM 7.0

    Hello,
    The problem is this:
    We have a client who will use two ways of accessing SAP CRM 7.0 data -
    1. CRM Web UI
    2. Mobile devices via standard SAP CRM BAPIs
    Now the situation is that the client wishes to control display authorizations based on the Business Role. Certain Business Roles can allow its User to see Accounts where the User is also Employee Responsible and certain other Business Roles can allow its User to see all those Accounts that are associated with that Role. In summary Business Roles control what an User can see.
    This has already been implemented for the CRM Web UI using the Access Control Engine (ACE).
    Now the questions are:
    1. How do we implement this for BAPI Access?
    2. Should we recreate what has been achieved by ACE, via PFCG Authorization Profiles?
    3. Can we not reuse what has been done by ACE?
    4. What are the runtime APIs that allow somebody to use the authorization checks of ACE?
    5. Does the standard Function Module CRM_ORDER_CHECK_AUTHORITY_ACE help in this regard?
    Any help here will be greatly appreciated. Please let me know if you need any clarifications.
    Thanks in advance.
    Best regards,
    Sudhi

    Hello,
    Normally, some notes are recommended in addition to the current support package implementation because they were developed to solve any known issues. These known issues occurred as side effect of any note which belongs to the implemented support package.
    If you take a look at older release notes, you will see the same.
    This is a part of implementation stack.
    1345085  SAP SRM 7.0 SP Stack 04 (09/2009):Release & Information Note 
    1365574  SAP SRM 7.0 SP Stack 05 (12/2009):Release & Information Note   
    1436687  SAP SRM 7.0 SP Stack 06 (03/2010):Release & Information Note 
    Kind regards,
    Ricardo

  • Help needed regarding BADI in SAP-CRM 2007.

    hi all,
    i need some help regarding BADI for new creation and enhancement.
    plz help, you will be rewarded accordingly.
    regards.
    raman.

    Hi Raman,
    visit this link
    http://help.sap.com/saphelp_nw70/helpdata/en/32/a83942424dac04e10000000a1550b0/content.htm
    http://help.sap.com/saphelp_crm40/helpdata/en/c3/69bf4abf1045e0966badb60d6160dd/content.htm
    Regards
    Anup.

  • This is regarding CBMA in SAP PI 7.3.1. I have set up the alert mail using default java mail client.I do receive the alerts via mail. But my requirement is to direct all the mails to Business workplace inbox in ECC.

    This is regarding CBMA in single stack SAP PI 7.3.1. I have set up the alert mail using default java mail client.I do receive the alerts via mail. But my requirement is to direct all the alert mails to Business workplace inbox in ECC.
    So I need to set up PI to redirect mails to ECC Business workplace user inbox (sbwp). From here rules are set up & routed per distribution list.
    Please guide me how I can achieve this requirement.

    Hi,
    yes, it is a little bit different. This is the issue.....  
    But I am not sure if your links will help:
    1) /people/william.li/blog/2008/02/13/sap-pi-71-mapping-enhancements-series-using-graphical-variable
    is about a different solution. I do not need to count the number of lines of the source message.
    And the second variable is about concat line by line from unbound node to unbound node.
    My issue is:
    Souce:
    Message line (0...unbound) ! ! ! ! ! ! ! !
    .    ResultLine   (1..1)
    Mapping:
    =>   ResultLine1
           ResultLine2
           ResultLine........          => into UDF to an element  (1..1) in one mapping operation.
    So that all "ResultLine"s are included.
    The result is explained in the given link for Mail attachment with UDF.
    So I am not sure how to use this thread for my issue.
    In the comments of that blog Christoph Gerber writes that the new variable feature can only handle single values.
    So it is not suitable for my purposes as I have a list of values here that needs to be moved into the target message field.
    2) http://wiki.sdn.sap.com/wiki/display/Java/UsingEditJavaSectioninMessageMapping
    shows where to find the button "Java section" which is not available here in 7.1
    3) /people/sap.user72/blog/2005/10/01/xi-new-features-in-sp14
    too is about the nice little button for Java Section that is no longer existing on PI 7.1 screen for mappings.  
    So my issue is: How to replace the Java section function with global variables in PI 7.1?
    Best regards
    Dirk

  • Difference between SAP CRM Security and SAP ECC 6.0 security

    Hi
    I have extensively worked on SAP ECC security but haven't have chance to work on CRM Security.
    Can anyone please let me know the difference between CRM security compared to  ECC security.
    Thanks...

    I am sorry to say, but instead of giving the guy a decent answer you are starting a fight or discussion about stupid forum points...
    really sad.....
    The big  difference between SAP ECC and SAP CRM Security (up to release 5.0) was the following:
    1) For sure there are very different transaction codes in SAP CRM as compared to SAP ECC in the first place
    2)  If you are familiar with R/3 or ECC authorizations; then you know that already on transaction code level, the 'allowed activity' is controlled on tcode level , whereas in SAP CRM , in most cases the 'allowed activity is not controlled by the Transaction code, but on authorization object level....
    E.g. transaction code BP allows you to create/change/display  any type of Business Partner (e.g; sold-to/ship-to/contact person/employee/customer) which is based on the business partner ROLE concept.... anyway...you can control the allowed activity based on different authorization objects.....
    another example is business transaction processing...which can be launched by:
    a very generic transaction code: CRMD_ORDER
    transaction category related transaction codes :e.g.
          > CRMD_BUS2000126 for activity management
          > CRMD_BUS200115 for Sales processes
    Again...allowed activity is not controlled by the tcode, but on authorization object level...
    3) As of the new WEBCLIENT UI (which is valid as of release CRM2006s/CRM2007/CRM7.0) SAP also invented an extra authorization layer, which is UI COMPONENT LEVEL and logical links....  controlled by object UIU_COMP.
    However, they also introduced the BUSINESS ROLE Concept (e.g; SALESPRO/MARKETINGPRO/...) which defines actually the functionalities, navigation bar, screen configuration, logical links you can use/see within the new WEBclient UI.
    Another thing is that instead of using TRANSACTION CODES, as of these new releases, you are actually using 'external services'....so you do not authorize on tcodes basically....but the logic between tcodes and external services in relation to the authorization objects that are checked is more or less the same....
    STANDARD authorization setup in the new WEBUI client is therefore controlled by both backend authorizations (not UIU component related) and the UIU_COMP (restricting access to workcenters/logical links/...)
    4) Additionally SAP also provides a concept called ACE (which stand for ACCES CONTROL ENGINE)....
    This requires a bit of customizing...and the rest is more or less pure customer development, as you will create your own methods where you'll define a logic which dynamically will verify what kind of access you have for an object....
    You should now that ACE is actually implemented on top of your 'normal' sap crm security setup....
    cheers
    Davy Pelssers

  • Regarding debugging in sap script and smart forms

    hi guys,
    can any one tell me what are the different steps and options available to debug a SAP SCRIPT and a SMARTFORM.
    thank you very much
          pavan

    There is a transaction 'SMARTFORMSTRACE' (or was it 'SMARTFORMS_TRACE') which will give you quite helpful information.
    Try!
    Sorry: Correct name is SMARTFORM_TRACE. You have lots of options for adequate analysis.
    Regards,
    Clemens
    Message was edited by: Clemens Li

Maybe you are looking for

  • HT203167 how can i get my library back if computer crashed and no longer have iPod

    I have lost my library due to a computer crash. I no longer have iPod. Please help me get my apps and music back to mew com puter

  • Web services Problem in SOA suite 10.1.3

    HI every body , I have particular web service which opens fine with 10.1.3 jdeveloper using the partener but when I try to deploy the application with that particular webservice I get this error BUILD FAILED D:\downloads\jdevstudio10131\jdev\mywork\K

  • In u201CReuse_alv_grid_displayu201D

    Normal O/P in GRID 0001 AAA 0001 AAB 0001 AAA 0002 BAA 0002 BAB 0002 BAC But i Client Required like is? how to do so in ALV 'Reuse_ALV_Grid_Display' 0001 AAA AAB AAA 0002 BAA BAB BAC

  • Capture Process Error

    Hi, We are working on Oracle 9i bi-directional Stream replication. After set up, and sufficient amount of testing from our side, we are facing fatal error in Capture process in one of the database. Both the db srvr are having similar set up parameter

  • Images in Mail Merge

    I'm creating a mail merge for a letter. I have inserted an image (my signature). When I go to merge to new document the image changes into a "?" placeholder. What am I missing? Thanks!