Show TOC

Procedure documentationActivating ES Repository Properties for Authorization Locate this document in the navigation structure

 

You activate the ES Repository properties to grant permissions to users or user groups. You define permissions in the ES Builder using authorizations and user roles.

Note Note

If you do not activate these properties, you can still define user roles and authorizations in the ES Repository, but the permissions will not take effect.

End of the note.

Procedure

Perform the following steps to activate authorization checks.

  1. Access the ES Repository system properties as described under Additional Manual Configuration.

  2. Search for the following properties:

    • com.sap.aii.util.server.auth.activation: To define user roles

    • com.sap.aii.ib.server.acl.enable: To define authorizations

  3. Set these properties to true and save your settings.

    Based on the value defined for authorizations and user roles, the system performs the following actions:

    Value of com.sap.aii.ib.server.acl.enable (Authorizations)

    Value of com.sap.aii.util.server.auth.activation (User Roles)

    Action in ES Builder

    False

    False

    Both authorizations and user roles are disabled. All users have permissions to create, edit, and delete objects.

    False

    True

    User roles are enabled.

    True

    False

    Authorizations are enabled. However, if no authorizations are defined, users will not have permissions to create, edit, and delete objects. To perform any of these actions, you should define authorizations.

    True

    True

    Both authorizations and user roles are enabled.

    If authorizations are defined, the system grants permissions based on the defined authorizations and not the user roles. However, if no authorizations are defined, the system checks for the user roles and permissions are granted accordingly.