Show TOC

Background documentationAuthorizations Locate this document in the navigation structure

 

The authorization concept provided by SAP NetWeaver applies for Web services. Therefore, the recommendations and guidelines for authorizations as described in the SAP NetWeaver AS Security Guide Java also apply to Web Services.

The SAP NetWeaver authorization concept is based on assigning authorizations to users based on roles. Use the user administration console of the User Management Engine when maintaining roles for Java.

Standard Roles for Web Services in the AS Java

Role

Description

SAP_JAVA_WS_ADMIN_TEC

Technical administrator role. Can access all functions in SAP NetWeaver Administrator   SOA   Technical Configuration  :

  • System Connections

  • Destination Template Management

  • SOA Middleware Global Settings

Can read the WSIL document provided by the system.

SAP_JAVA_WS_ADMIN_BIZ

Business user role. Can access all tools in SAP NetWeaver Administrator, tab   SOA   Application and Scenario Communication  

  • Single Service Administration

  • Application Communication

  • Business Scenario Communication

  • Publication Rules

  • User Account Management

Additionally, can access the following tools:

  •   SOA   Logs and Traces  

  • Web Services Navigator

SAP_JAVA_WS_SUPPORTER

Read only access to the following areas in SAP NetWeaver Administrator, tab SOA:

  • Technical Configuration

  • Business and Scenario Communication

  • Logs and Traces

Can access the Web Services Navigator tool.

Can read the WSIL document provided by the system.

SAP_JAVA_WS_TESTER

Tester role. Provides full access to the following tools:

  •   SOA   Logs and Traces  

  • Web Services Navigator

SAP_JAVA_WSIL

For reading the WSIL document provided by the system.

Roles for the SAP UDDI Server

Role

Description

UDDI_Admin

Role for UDDI administration.

Can create all objects in the UDDI and has access to all data of other users.

UDDI_TierN

Can create all objects in the UDDI server without restrictions.

No access to data of other users.

UDDI_Tier1

Can create 1 business entity, 4 business services, and 100 tModels.

No access to data of other users.

This role is not intended for work in the Services Registry.

Roles for the Services Registry

More information: Services Registry Roles