Welcome to the session Operational Analytics with ODP- Modeling Authorizations



Similar documents
Understanding BEx Query Designer: Part-2 Structures, Selections and Formulas

SAP HANA Live & SAP BW Data Integration A Case Study

Step by Step Procedures to Load Master Data (Attribute and Text) from FlatFile in BI 7.0

1... Overview of Project Portfolio Management with SAP Requirements Scenario for Project Portfolio Management

Step by Step Guide to Extract Batch Master Data via Generic and Classification Datasource to BW

Compounding in Infoobject and Analyzing the Infoobject in a Query

Setup Guide Central Monitoring of SAP NetWeaver Proces Integration 7.3 with SAP Solution Manager 7.1. Active Global Support February 2011

Understanding OLAP Processor and RSRT

Understanding DSO (DataStore Object) Part 1: Standard DSO

How to Implement the X.509 Certificate Based Single Sign-On Solution with SAP Netweaver Single Sign-On

Understanding BW Non Cumulative Concept as Applicable in Inventory Management Data Model

SAP BW Data Source Enhancement

An Overview of SAP BW Powered by HANA. Al Weedman

SAP" Interactive Forms by Adobe*

Company Setup 401k Tab

Step By Step Procedure to Create Logical File Path and Logical File Name

Step by Step guide of Report-to- Report Interface in BW Reporting

Sitecore E-Commerce Cookbook

Prerequisite: Bank statement file loaded from bank.

Business Process Change Analyzer How-to guide

Query OLAP Cache Optimization in SAP BW

Doña Ana County, NM Interactive Zoning Map

SAP BW 7.4 Real-Time Replication using Operational Data Provisioning (ODP)

ProjectWise Explorer V8i Client Installation

Solution Manager 7.1 Technical Monitoring Unified Dashboard Configuration Guide

Organizational Management- Organizational Structure Creation

Configuration and Utilization of the OLAP Cache to Improve the Query Response Time

How-To Guide SAP NetWeaver Document Version: How To Guide - Configure SSL in ABAP System

SAP NetWeaver Developer Studio 7.30 Installation Guide

How To Manage Work Mode On An It Calendar On An Apa System

DBACockpit for Oracle. Dr. Ralf Hackmann SAP AG - CoE EMEA Tech Appl. Platf. DOAG St. Leon-Rot 02. July 2013

Open Items Analytics Dashboard System Configuration

SAP BW on HANA : Complete reference guide

StreamServe Persuasion SP4 StreamServe Connect for SAP - Business Processes

Cisco - Configure the 1721 Router for VLANs Using a Switch Module (WIC-4ESW)

Application Development

ABAP How To on SQL Trace Analysis

Welcome to the topic on creating key performance indicators in SAP Business One, release 9.1 version for SAP HANA.

Ingo Hilgefort. Integrating SAP. Business Objects BI with SAP NetWeaver. Bonn Boston

Extend the SAP FIORI app HCM Timesheet Approval

Tutorial Build a simple IBM Rational Publishing Engine (RPE) template for IBM Rational DOORS

How to Load Data from Flat Files into BW PSA

Embedding Crystal Reports inside ECC ALV Reports

DEPLOYMENT GUIDE DEPLOYING F5 WITH SAP NETWEAVER AND ENTERPRISE SOA

Business Planning and Consolidation

Transfer of Archived SAP ERP Data to SAP NetWeaver BW. Using PBS archive add ons

How to Create User-Defined Fields and Tables

Creating Content Using SO10 Objects and Text Symbols

U.S. FDA Title 21 CFR Part 11 Compliance Assessment of SAP Records Management

How-To Guide SAP Cloud for Customer Document Version: How to Perform Initial Load of data from SAP ERP to SAP Cloud for Customer

Animating in Inventor Studio the basics

Contents. Using Web Access Managing Shared Folders Managing Account Settings Index... 39

Data Integration using Integration Gateway. SAP Mobile Platform 3.0 SP02

SAP CRM-BW Adapter an Overview

ABAP Course. ABAP Objects and Business Server Pages. Product: All. Level: Beginner. Focus: Programming. Version: 1.0

Juniper Networks Secure Access. Initial Configuration User Records Synchronization

Microsoft Office 2007 Orientation Objective 1: Become acquainted with the Microsoft Office Suite 2007 Layout

SAP HANA als Entwicklungsplattform. Matthias Kupczak HANA Center of Excellence (CoE) Switzerland SAP Forum Juni 2013

Foglight. Dashboard Support Guide

Microsoft Dynamics GP. Not For Profit Accounting

How to Configure an Example SAP Cloud Applications Studio (PDI) Solution for SAP Cloud for Customer

BEx Ad Hoc Query Fundamentals Part III

A database is a collection of data organised in a manner that allows access, retrieval, and use of that data.

Welcome to the topic on approval procedures in SAP Business One.

Business Scenario Using GP/Web Dynpro with Back and Forth 3 Level Process and Dynamic Approvers in a Loop

TIME MANAGEMENT TIME MANAGEMENT. Document : UM_TM.doc Revision : 24 May 2007 Last printed: 2007/05/24 12:32 PM

SAP CRM Campaign Automation

SAP BW - Excel Pivot Chart and Pivot Table report (Excel)

ABAP for Functional Consultants

Web Dynpro: Multiple ALV Grids and Layouts in ALV

Business Portal for Microsoft Dynamics GP Field Service Suite

Scan Physical Inventory

Sample- for evaluation purposes only. Advanced Crystal Reports. TeachUcomp, Inc.

A Few Cool Features in BW 7.4 on HANA that Make a Difference

Response Time Analysis of Web Templates

SAP BUSINESS OBJECT ANALYSIS FOR EXCEL DEVELOPER GUIDE

Business Warehouse BEX Query Guidelines

Implementing and Maintaining Microsoft SQL Server 2008 Integration Services

Visual Studio 2008: Windows Presentation Foundation

LEARNING SOLUTIONS website milner.com/learning phone

SAP HANA implementation on SLT with a Non SAP source. Poornima Ramachandra

Kentico CMS 7.0 User s Guide. User s Guide. Kentico CMS

CREATE AN ANIMATED AQUARIUM IN POWERPOINT

Extractor in R/3 and Delta Queue

Exploring SAP NetWeaver BW on SAP HANA in combination with SAP BusinessObjects BI 4.x

Modeling Guide for SAP Web IDE for SAP HANA

Configuration of Enterprise Services using SICF and SOA Manager

Microsoft Power BI for Office 365 Provisioning Guide

Data Domain Discovery in Test Data Management

StreamServe Persuasion SP5 Control Center

HCM 1: Model Organizational Structure

Working with the ERP Integration Service of EMC Documentum Process Services for SAP

Microsoft Office 2010

Mail Merge Creating Mailing Labels 3/23/2011

Quick Viewer: SAP Report Generating Tool

Budget & Financial Planning Office

Transcription:

Welcome to the session Operational Analytics with ODP- Modeling Authorizations 1

At the end of this module, you will be able to restrict access to the data of a TransientProvider derived from an Operational Data Provider

In order to ensure that Operational Analytics scenarios map the structure of a company and meet the company s requirements access to data of Operational Data Providers (ODPs) can be restricted for analysis purposes. The authorization checks for Operational Analytics are based on the authorization concept of the affected application and defined in search and analytics models which contains the ODP for which you want to restrict data access. Models delivered by SAP may partly deliver authorization checks. If these checks are not sufficient in a customer scenario you can extend the models and add the needed authorization checks. Depending of the authorization concept of the application the checks are defined either using Authorization objects or Access Control Lists (ACLs). 3

After having included the software component of the model you want to extend into your customer-specific software component, you can add authorization checks to your model in the Node Response step. (click animation) On the following slides we go through the steps for authorization checks that are based on ABAP authorization objects. First, we select the node and thereby the ODP for which we want to restrict data access. (click animation) On tab page Authorizations we go to ABAP Auth. Objects. (click animation) 4

If the relevant authorization object is not available in the system yet, we first have to import it. Now, we can create authorization checks by adding a new row to the list, entering a Check-ID, and choosing the authorization object in the ABAP Auth. Obj. Name field. 5

The values for the fields of each authorization object are defined in the Details section of the ABAP Auth. Objects tab page. Let s have a closer look at the details for authorization object F_KNA1_BUK. The values for the authorization fields are defined in the following ways: Fixed value We enter 03 (display) for the ACTVT (activity) field of the authorization object. This step is necessary to ensure that only users who have display authorizations can access data during runtime. Target Attribute Via Select Path we select the ODP field BUKRS from the node as Target Attribut. This step is necessary in order to define the InfoObject for ODP field BUKRS as authorization relevant and to ensure that users during runtime can only access data from company codes for which they are authorized. 6

After having defined the authorization checks, we need to define a Logical Conjunction of the defined checks. The logical conjunction for Analytics determines which authorizations will be checked during runtime for a TransientProvider that is derived from the ODP of this model. All characteristics of a TransientProvider are authorization relevant for which the following applies: the corresponding ODP field is part of an authorization check and this authorization check is part of the logical conjunction for Analytics 7

For our example, in the TransientProvider preview (transaction RSRTS_ODP_DIS) we now can see, that the characteristic 2O0COMP_CODE for ODP field BUKRS is authorization relevant 8

You have to work on two models in order to define authorization checks that are based on Access Control Lists (ACLs). As a prerequisite, for the ACL a DataSource is needed which contains a field for the user. This field is needed to provide information on user assignments. Create a new search and analytics model. Import the ACL DataSource into the model and choose the semantic SAP User ID for the user field. Create an ODP for it. In the model which contains the ODP for which you want to restrict data access define the authorization checks. Here, you first have to define an association to the model with the ACL node. In order to define an authorization check, choose Authorization -> Auth. Paths in the Node Response step. Here, by defining an authorization path you specify the attribute that the system checks for at runtime for a user. After having created all authorization checks in your model, you need to define the logical conjunction as shown on the previous slides. 9

When executing an analytic query all characteristics of a TransientProvider that are authorization relevant will be checked before data access. The query always selects a set of data from the database. If authorization-relevant characteristics are part of this data, you have to make sure that the user who is executing the query has sufficient authorization for the complete selection. Otherwise, the query results won t be displayed due to insufficient authorization. 10

In summary You should now be able to restrict access to the data of a TransientProvider derived from an operational data provider

You can find further information on Modeling Authorizations in the SAP Library for SAP NetWeaver 7.0 including Enhancement Package 3 under http://help.sap.com 12

13

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information