Show TOC

Defining User RolesLocate this document in the navigation structure

Prerequisites

You have activated the com.sap.aii.util.server.auth.activation exchange profile parameter.

For more information about activating authorization checks, see:

  • PI: Creating Users with Data-Dependent Authorizations

Context

You define user roles to grant authorizations (such as create, delete, or edit) for a set of objects in the ES Repository.

Procedure


  1. Log on to the ES Builder.

  2. To create a new role or modify an existing role, follow the steps below:

    1. To create a new user role, choose Start of the navigation path Tools Next navigation step User Roles Next navigation step New End of the navigation path.

    2. To edit an existing user role, follow the steps below:

      1. Choose Start of the navigation path Tools Next navigation step User Roles Next navigation step Open End of the navigation path.

      2. Select the user role you want to modify and choose Open .

  3. In the Authorizations screen area, choose Add Authorization .

  4. In the Selection Path and Objects column, specify the objects for which you want to define or restrict authorizations.

  5. In the Actions column, select from the following authorizations:

    • Modify Base Objects

      Use this option to modify objects of underlying-software component versions.

    • Fully Edit

      • Create Objects

      • Change Objects

      • Delete Objects

      Use this option to modify objects of the selected software component version.

  6. Choose Save .

  7. Choose Activate .

Results

After defining user roles in the ES Builder, assign them to users or user groups in the AS Java Identity Management.