SAP Authentication in CMC

Till now we have created users and group in the CMC and mapped these groups to application and content rights. All data for these users and groups are maintained in the BOBJ CMS. Since a common configuration of BOBJ reporting is to use the BOBJ frontend with a SAP BW Backend, BOBJ also allows us to import backend roles and users to the CMS. The attributes of these users and groups can not be changed in the CMC but they can be assigned to other CMS resources like groups, content and application rights. In fact, a user so imported into the CMC can login into the BOBJ launchpad or CMC with the SAP BW Backend credentials. This set up is known as SAP Authentication and this post will go over the steps that are needed to get this working. Continue reading “SAP Authentication in CMC”

Application Rights in BOBJ

Just like rights for content, Business Objects also allows us to set the rights that users have for specific application types. These basically control what a user can do on a particular application. Some examples would include the ability to create or change the design of a report or even to filter a report output. Its a best practice to maintain content rights and application rights in separate groups. Continue reading “Application Rights in BOBJ”

Accessing Content Objects

BOBJ is a reporting tool and an end user would typically use the BI launchpad to execute reports assigned to her. After logging  in the BI launch pad screen would look something like the one below.

BI Launchpad - Content Folders with Reports
BI Launchpad – Content Folders with Reports

As you can see the content that the user sees is grouped into a hierarchy of folders. During developement of reports need to be  added to folders and the correct folders need to be assigned to the correct set of users. This is the most common example of authorizing access to content in BOBJ and we in the next few paragraphs we would be looking at the security configuration to set it up. Continue reading “Accessing Content Objects”

Access Levels

Each of the applications in the BOBJ suite which are administered through the CMC exposes different rights on themselves to control which actions a user can perform on them. Access Rights can be of different types depending on the type of Content Management System (CMS) object they are defined on.

  • General – These are most general rights and shared by the other InfoObject types in the CMC. As the name suggests they are general in nature and allow users to view, edit or delete objects.
  • Application – These are rights exposed by the different applications managed in the CMC and control access to the individual applications.
  • Content – These rights control access to content like folders and the reports contained their-in
  • System – These are core objects in the CMS like users, group, connections and universes and are used by one or more applications.

Continue reading “Access Levels”

Creating Users and Groups in CMC

Like most other SAP applications, BOBJ uses a Role Based Access Control Mechanism. To assign roles or rights to a user, a user account needs to be created in CMC. Further users can be assigned to user groups and rights assigned to user groups. Assigning rights to groups is a much better option as it leads to much lesser maintenance than assigning rights to individual users.  We can create users or user groups by navigating to the “Users and Groups” area of the CMC. Continue reading “Creating Users and Groups in CMC”

Introduction to BOBJ

Till a few years back Business Objects used to be a company whose products were used in many enterprise reporting applications. A few years back the compnay was taken over by SAP and incorporated into a large number of existing SAP products. Right now, SAP Business Objects, BO or BOBJ is the frontend reporting component of choice for SAP. Though BOBJ is largely used as the frontend for SAP BW, BOBJ reports can also be integrated with  GRC, GTS, BPC and even ECC. BOBJ can also be used to directly query SAP and non SAP databases. I have been trying to become more familiar with the security features of the BOBJ product suite as a large number of companies are increasingly using BOBJ for their frontend reporting instead of relying on the features of BEX Analyzer. Unfortunately there doesn’t seem to be too many online reources available to learn BOBJ security on our own. Hence this new thread on BOBJ security. Continue reading “Introduction to BOBJ”