Protecting Web Dynpro Applications

Prerequisites

You have determined your authorization strategy.

In your application, decide what you want to protect, how to group your permissions, and what to call them.

More information: Approaches to Protecting Applications .
You have referenced the user management development component tc/je/usermanagement/api in your project.

More information: Defining Development Component Dependencies .

Context

This procedure describes how you can use user management engine (UME) permissions to protect a Web Dynpro application. SAP NetWeaver Application Server (AS) Java extends the permission concept of Java EE. In addition to named permissions, you can create action permissions for your applications.

Procedure

Set the Authentication application property of your Web Dynpro application to true .

Setting this property ensures that the container enforces logon, when a user runs your Web Dynpro application.

More information: Configuring Applications .
Create a permission class for your application project with the following attributes:
- In the Superclass field, enter the name of the super class appropriate to your authorization strategy:
  - For named permissions, enter NamePermission - com.sap.security.api.permissions .
  - For action permissions, enter ActionPermission - com.sap.security.api.permissions .
- Select the Constructors from superclass checkbox.
More information: Named Permissions and Action Permissions .
Create a UME actions project.

More information: Creating Development Components for UME Actions .
Define UME permissions and group them in UME actions.

More information: Creating UME Actions .
Add the current user and permission checks to your application.

More information: Checking Permissions .
Build and deploy the UME actions project along with your application.
On the target AS Java, assign the UME actions to UME roles and assign the UME roles to users.

More information:

SAP Help Portal: Administration of Users and Roles