SAP NetWeaver Application Server (AS) Java delivers default security policy profiles. The security policy profiles are used to distinguish normal dialog users from technical users used to access a specific service or to conduct system-to-system communication. It determines, for example, whether the password of a user can expire, or if it must be changed after the initial logon. The security policy also determines if the user can log on or not. You can only modify the Default profile and any custom profiles you create.
The table below provides an overview of the default security policy profiles.
Profile Name |
Description |
---|---|
Default |
Used for regular generic users. The profile can be displayed and modified. Users of this type have the following characteristics:
|
Technical User |
Used for system-to-system communication. The profile can be displayed, but not modified directly. Changing the Default security profile results in corresponding changes in the Technical User security profile. The properties for the Technical User security profile can be changed using the UME properties. However, the property for password expiration does not affect the validity of the password in the Technical Users profile. Users of this type have the following characteristics:
|
Internal Service User |
Used to perform internal operations, for example PCD ACL operations for a portal. The profile cannot be displayed or modified. Users of this type have the following characteristics:
|
Unknown |
Not a profile, but a category for AS ABAP user types that cannot be mapped to one of the UME listed above.
|
The standard users created during installation vary depending on the data source that you use.
For more information and standard naming conventions, see Standard Users and Standard User Groups .
Changing the Security Policy
Using identity management of the AS Java, you can freely change the security policy of users with the Default, Technical User, or a custom security policy to Default, Technical User, or another custom security policy. You cannot change the security policy of users with the Internal Service User security policy. You can change the security policy of users with the Unknown security policy to Default, Technical User, or a custom security policy, but you cannot change it back again, unless you change the user type in ABAP user management.