Start of Content Area

Background documentation Authorizations  Locate the document in its SAP Library structure

Use

SAP ERP Central Component uses the authorization concept of SAP NetWeaver Application Server. Therefore, the security recommendations and guidelines for authorizations that are described in the Security Guide for SAP NetWeaver Application Server for ABAP also apply to SAP ERP Central Component. You can use authorizations to restrict the access of users to the system, and thereby protect transactions and programs from unauthorized access.

The SAP NetWeaver Application Server authorization concept is based on assigning authorizations to users based on roles. For role maintenance in SAP NetWeaver Application Server for ABAP, use the profile generator (transaction PFCG), and in SAP NetWeaver Application Server for Java, the user management console of User Management Engine (UME) . You can define user-specific menus using roles.

Standard Roles and Standard Authorization Objects

SAP delivers standard roles covering the most frequent business transactions. You can use these roles as a template for your own roles.

For a list of the standard roles and authorization objects used by the subcomponents of SAP ERP Central Component, see the section of this document relevant to each component.

Example For information on roles and authorizations in Travel Management (FI-TV) see the section Accounting under Financial Accounting.

 

Note Before using the roles listed, you may want to check whether the standard roles delivered by SAP meet your requirements.
For more information about the authorization concept at SAP, see:

§         SAP Service Marketplace at service.sap.com/securityguide in SAP NetWeaver Security Guide ® Security Guides for the SAP NetWeaver Products ® SAP Web Application Server Security Guide ® SAP Web AS Security Guide for ABAP Technology ® SAP Authorization Concept

§         SAP Help Portal at help.sap.com ® Documentation ® SAP NetWeaver ® Release/Language ® Security ® Identity Management ® Users and Roles (BC-SEC-USR) ® SAP Authorization Concept ® Organizing Authorization Administration ® Organization if You Are Using the Profile Generator ® Role Maintenance

Authorizations for Customizing Settings

You can use customizing roles to control access to the configuration of ERP Central Component in the SAP Customizing Implementation Guide (IMG). For information on creating roles, see SAP Help Portal at help.sap.com ® Documentation ® SAP NetWeaver ® Release/Language ® Security ® Identity Management ® Users and Roles (BC-SEC-USR) ® SAP Authorization Concept ®Organizing Authorization Administration ®Organization if You Are Using the Profile Generator ® or Organization without the Profile Generator

 

End of Content Area