Show TOC

Background documentationAuthorizations

 

The different activities that you can carry out in BRFplus are covered by the SAP authorization concept. This means that you can assign different access rights to rule modeling and execution to the people who work with BRFplus.

Integration

The different authorization objects described in the Features section below are assembled in the predefined user role BRFplus Administrator (SAP_BC_FDT_ADMINISTRATOR) that is shipped with BRFplus.

Features

For BRFplus, the following authorization objects exist:

  • FDT_ADMN: You use this authorization object to control the access to various administration and monitoring tools. These tools are only needed by developers and system administrators.

  • FDT_WORKB: You use this authorization object to control user access to the BRFplus workbench. For a user who has been granted authorization to start the workbench, you can fine-tune the user's access to the different workbench tools like XML data transfer or web service generation.

  • FDT_OBJECT: You use this authorization object to control the authorization to display, create, change, or delete objects in BRFplus (including functions, expressions, expression types, filters, and applications).

  • FDT_TRACE: You use this authorization object to control the authorization to display, create, or delete the trace information recorded for the execution of a function in BRFplus.

  • FDT_PROC: You use this authorization object to check if a user is allowed to process the rules associated with a BRFplus function.

    Note Note

    Currently, this authorization check is only executed if a function is triggered via a web service or a function module, and the user has activated the authorization check during the generation of the web service or function module.

    End of the note.

Activities

Create the user profiles you require and then assign authorization objects to these profiles. Then assign the newly created user profiles to possible users.

Note Note

You can find further information on the activities associated with the different authorization objects in the online documentation on the authorization objects themselves. You can call this up in the maintenance transaction Role maintenance (PFCG).

End of the note.

More Information

BRFplus Administrator