Till now we have created users and group in the CMC and mapped these groups to application and content rights. All data for these users and groups are maintained in the BOBJ CMS. Since a common configuration of BOBJ reporting is to use the BOBJ frontend with a SAP BW Backend, BOBJ also allows us to import backend roles and users to the CMS. The attributes of these users and groups can not be changed in the CMC but they can be assigned to other CMS resources like groups, content and application rights. In fact, a user so imported into the CMC can login into the BOBJ launchpad or CMC with the SAP BW Backend credentials. This set up is known as SAP Authentication and this post will go over the steps that are needed to get this working. Continue reading “SAP Authentication in CMC”
Just like rights for content, Business Objects also allows us to set the rights that users have for specific application types. These basically control what a user can do on a particular application. Some examples would include the ability to create or change the design of a report or even to filter a report output. Its a best practice to maintain content rights and application rights in separate groups. Continue reading “Application Rights in BOBJ”
BOBJ is a reporting tool and an end user would typically use the BI launchpad to execute reports assigned to her. After logging in the BI launch pad screen would look something like the one below.
As you can see the content that the user sees is grouped into a hierarchy of folders. During developement of reports need to be added to folders and the correct folders need to be assigned to the correct set of users. This is the most common example of authorizing access to content in BOBJ and we in the next few paragraphs we would be looking at the security configuration to set it up. Continue reading “Accessing Content Objects”
Each of the applications in the BOBJ suite which are administered through the CMC exposes different rights on themselves to control which actions a user can perform on them. Access Rights can be of different types depending on the type of Content Management System (CMS) object they are defined on.
- General – These are most general rights and shared by the other InfoObject types in the CMC. As the name suggests they are general in nature and allow users to view, edit or delete objects.
- Application – These are rights exposed by the different applications managed in the CMC and control access to the individual applications.
- Content – These rights control access to content like folders and the reports contained their-in
- System – These are core objects in the CMS like users, group, connections and universes and are used by one or more applications.