The authorization concept provided by SAP NetWeaver applies for Web services. Therefore, the recommendations and guidelines for authorizations as described in the SAP NetWeaver AS Security Guide Java also apply to Web Services.
The SAP NetWeaver authorization concept is based on assigning authorizations to users based on roles. Use the user administration console of the User Management Engine when maintaining roles for Java.
Role |
Description |
SAP_JAVA_WS_ADMIN_TEC |
Technical administrator role. Can access all functions in SAP NetWeaver Administrator :
Can read the WSIL document provided by the system. |
SAP_JAVA_WS_ADMIN_BIZ |
Business user role. Can access all tools in SAP NetWeaver Administrator, tab
Additionally, can access the following tools:
|
SAP_JAVA_WS_SUPPORTER |
Read only access to the following areas in SAP NetWeaver Administrator, tab SOA:
Can access the Web Services Navigator tool. Can read the WSIL document provided by the system. |
SAP_JAVA_WS_TESTER |
Tester role. Provides full access to the following tools:
|
SAP_JAVA_WSIL |
For reading the WSIL document provided by the system. |
Role |
Description |
UDDI_Admin |
Role for UDDI administration. Can create all objects in the UDDI and has access to all data of other users. |
UDDI_TierN |
Can create all objects in the UDDI server without restrictions. No access to data of other users. |
UDDI_Tier1 |
Can create 1 business entity, 4 business services, and 100 tModels. No access to data of other users. This role is not intended for work in the Services Registry. |
More information: Services Registry Roles