Show TOC

Monitoring RolesLocate this document in the navigation structure

Use

The access to the PI monitoring tools available in SAP NetWeaver Administrator can be managed using a set of user roles and actions.

Features

Actions

Every role could have different actions assigned. The available actions are as follows:

  • For displaying monitoring data, users should be assigned at least the display action.

  • For executing administrative actions, users should be assigned the modify action.

  • For displaying message payload data, users should be assigned the payload action.

  • For editing message header data, users should be assigned the edit_header action.

  • For editing message payload data, users should be assigned the edit_payload action.

Roles

The list below provides information about the available roles and the actions they provide:

  • The SAP_XI_ADMINISTRATOR_J2EE role provides the display, modify, and payload actions.

  • The SAP_XI_DISPLAY_USER_J2EE role provides the display action.

  • The SAP_XI_DEVELOPER_J2EE role provides the display and modify actions.

  • The SAP_XI_CONFIGURATOR_J2EE role provides the display and modify actions.

  • The SAP_XI_CONTENT_ORGANIZER_J2EE role provides the display and modify actions.

  • The SAP_XI_MONITOR_J2EE role provides the display, modify, and payload actions.

  • The SAP_XI_MESSAGE_MODIFY role provides the edit_header and edit_payload actions.

  • The SAP_XI_PCK_MONITOR role provides the display and payload actions.

  • The SAP_XI_PCK_ADMIN role provides the display, modify, payload, edit_header, and edit_payload actions.

  • The SAP_XI_RWB_SERV_USER role provides the display action.

  • The SAP_WS_ADMIN_BIZ_GLB role provides the display, modify, payload, edit_header, and edit_payload actions.

  • The SAP_WS_CONFIG_BIZ_GLB role provides the display, modify, payload, edit_header, and edit_payload actions.

  • The SAP_JAVA_NWADMIN_LOCAL_READONLY role provides the display and payload actions.

Roles per Actions

The table below provides a summary of the roles and actions:

Actions

Roles

display

SAP_XI_DISPLAY_USER_J2EE, SAP_XI_RWB_SERV_USER

display and modify

SAP_XI_DEVELOPER_J2EE, SAP_XI_CONFIGURATOR_J2EE, SAP_XI_CONTENT_ORGANIZER_J2EE

display and payload

SAP_XI_PCK_MONITOR, SAP_JAVA_NWADMIN_LOCAL_READONLY

display, modify, and payload

SAP_XI_ADMINISTRATOR_J2EE, SAP_XI_MONITOR_J2EE

edit_header and edit_payload

SAP_XI_MESSAGE_MODIFY

modify, display, payload, edit_header, and edit_payload

SAP_XI_PCK_ADMIN, SAP_WS_ADMIN_BIZ_GLB, SAP_WS_CONFIG_BIZ_GLB

More Information
  • In addition to the roles and actions described above, you can also use dedicated actions to set which monitoring applications the user would be able to access. For more information, see PI Plug-In Actions .

  • The user roles in AS ABAP that are required to use the tools intended for monitoring the Integration Engine can be managed using transaction PFCG. For more information about these user roles, see the security guide for SAP NetWeaver Process Integration.

  • For more information about managing users and roles in AS Java, see User Management of the Application Server Java .

  • In message monitoring for adapter engines, you can restrict access to the message payload for certain types of messages. To do this, you have to create your own actions and group them into roles. For more information, see SAP Note 1370334 Information published on SAP site.