Show TOC Start of Content Area

Background documentation Authorizations  Locate the document in its SAP Library structure

Applications and components deployed on SAP NetWeaver Application Server (AS) Java can use the following approaches to authorization checking:

·        Assign activities to individual users based on roles

      Control the use of objects using Access Control Lists (ACLs).

Role-based Authorization

Applications deploy authorizations in Java EE security roles or user management engine (UME) actions depending on the decision of the developer. The JEE security roles and UME actions can be bundled by the developer or the administrator into UME roles. The administrator then assigns these roles to the users.

ACL-based Authorizations

ACLs limit access to individual objects. The AS Java does not provide a user interface to manage ACLs, but it does provide APIs for reading, writing, and authorization checks of ACLs.

More information

      Authorization Concept of the AS Java

      Standard UME Roles

      Standard UME Actions

      Standard Java EE Security Roles

 

End of Content Area