Show TOC

Background documentationGranular Roles and Security in SAP NetWeaver Administrator Locate this document in the navigation structure

 

Users with Application Specific role have special authorizations for accessing the application and performing operations. Similar to the two security roles (NWA_READONLY and NWA_SUPERADMIN), the Application Specific role extends the purpose of granularity providing more restricted and special access to the applications.

Embedded Application Actions

There are two User Management Engine (UME) actions for every Embedded Application.

  • ReadOnly Action — To provide read-only access to the embedded application users

  • SuperAdmin Action — To provide full access to the embedded application users

These actions are attached to a role which is then assigned to a user.

Example Example

LogViewer Application has two actions:

  • NWA_READONLY_LOGV

  • NWA_SUPERADMIN_LOGV

End of the example.

Note Note

You can assign the Embedded Application actions to the Application Specific roles.

End of the note.

The action names of the NetWeaver components are listed below:

Note Note

For NWA_SUPERADMIN role, you assign the security permissions to enable the users with administrative access at the UI level. However, for some applications you need to provide additional permissions (for example, deploy permissions) to perform the administrative tasks. You assign these additional roles using the Embedded Application actions described above. The NWA_SUPERADMIN role does not have access to business-relevant data.

End of the note.

For more information on Java AS security, see SAP NetWeaver Application Server Java Security Guide