Show TOC

Background documentationAuthorizations Locate this document in the navigation structure

 

Web Services uses the authorization concept provided by SAP NetWeaver. Therefore, the recommendations and guidelines for authorizations as described in the SAP NetWeaver AS Security Guide Java also apply to Web Services.

The SAP NetWeaver authorization concept is based on assigning authorizations to users based on roles. Use the user administration console of the User Management Engine when maintaining roles for Java.

Roles for the SAP UDDI Server

Role

Description

UDDI_Admin

Role for UDDI Administration

Can create all objects in the UDDI and has access to all data of other users

UDDI_TierN

Can create all objects in the UDDI server without restrictions.

No access to data of other users.

UDDI_Tier1

Can create one business entity, four business services and one hundred tModels.

No access to data of other users.

This role is not intended for work in the Services Registry.
Roles for the Services Registry

Role

Description

SERVICES_REGISTRY_READ_ONLY

Can call Read APIs.

SERVICES_REGISTRY_READ_WRITE

Can call Read and Write APIs.