User Management 
Available User Stores and Corresponding Tools
The SAP J2EE Engine supports different user stores for saving the user information. Per default, the active user store is the User Management Engine (UME); as an alternative, you can use the J2EE Engine’s own DBMS user store. However, because the UME is the active user store after the installation, we will focus on the UME users and groups in the sections below.
Standard Users and Groups
The users and groups that are created during the installation depend on the data source used by the UME.
Standard Users
Description |
User for UME with SAP Web AS ABAP as Data Source |
User for UME with Directory Server or Database as Data Source |
Administrator user |
Specified during the installation. Example: J2EE_ADM_<SID> For an Add-In installation, it is J2EE_ADMIN. |
Administrator |
Guest user |
Specified during the installation. Example: J2EE_GST_<SID> For an Add-In installation, it is J2EE_GUEST. |
Guest |
Emergency user |
SAP* |
SAP* |
Communication user (This user is used by the UME to connect to the ABAP data source.) |
Specified during the installation. Example: SAPJSF_<SID> For an Add-In installation, it is SAPJSF. |
Not necessary |
Note the following:
· SAP* is the emergency user which has full administrative authorizations and can be used to reconfigure UME if the configuration is faulty and administrators and users can no longer access applications. To use this user, you must explicitly activate it and specify its password. See Activating the Emergency User in the Administration Manual.
· If you use the DBMS user store, the administrator and guest users are Administrator and Guest respectively. There is no emergency user available. The communication user is also not necessary.
Standard Users
Description |
Group for UME with SAP Web AS ABAP as Data Source |
Group for UME with Directory Server or Database as Data Source |
Administrators |
Specified during the installation. Example: SAP_J2EE_ADM_<SID> For an Add-In installation, it is SAP_J2EE_ADMIN. |
Administrators |
Guest user |
Specified during the installation. Example: SAP_J2EE_GST_<SID> For an Add-In installation, it is SAP_J2EE_GUEST. |
Guests |
Authenticated users |
Authenticated Users |
Authenticated Users |
Anonymous users |
Anonymous Users |
Anonymous Users |
Everyone |
Everyone |
Everyone |
If you use the DBMS user store, the standard groups are Administrators, Guests, and all. There are no groups that correspond to the UME groups Authenticated Users or Anonymous Users.
Administrative Tools
Depending on which user store is active, you have the option of using either the J2EE Engine user management in the Visual Administrator or you can use the UME user management administration console. See the table below:
User Administration Tools and Available Functions
Function |
Visual Administrator |
UME User Management |
UME or DBMS user store |
UME user store only |
|
Create, view, or delete users |
Y |
Y |
Search for users |
Y |
Y |
Import users from external systems |
N |
Y |
Replicate users to SAP systems |
N |
Y |
Lock or unlock users |
Y |
Y |
List locked users |
Y |
Y |
Define password rules |
Y |
Y |
Require password change |
Y |
Y |
Change user passwords |
Y |
Y |
Create, delete and manage groups and their members |
Y |
Y |
Assign a public-key certificate to a user |
Y |
Y |
Assign roles to users |
Y |
Y |
Change the user store |
Y |
N |
User Management Tasks
In
this document, we only describe the most frequently needed user managements
tasks and only describe them when using the Visual Administrator. For more
information about the additional tasks or when using the UME user management administration console, see 
Users and
Authorizations in the Administration Manual.
See also:
The tasks described in this topic include:
¡ View, create and delete users
¡ Lock or unlock users
¡ Change a user’s password
¡ Create or delete groups
¡ Assign or remove members to/from groups
· Mapping Security Roles to Users or Groups
This topic describes how to assign security roles to users so that only authorized users can access applications or other resources on the J2EE Engine.
·
Standard Users
and Groups in the SAP Web AS Security Guide for Java
Technology.