https://community.sap.com/t5/application-development-and-automation-discussions/authorization-for-generic-object-services-gos-payroll-data/m-p/7969899#M1603651 <HTML><HEAD></HEAD><BODY><P>Is there anyway to restrict what people see via GOS? I can't see any authorisations behind it except S_OC_ROLE. Seem users can view payroll details of a workflow agent in the workflow logs(view with technical details). Its a wild shot that an end user will find this information in the container tab but it look like a massive security flaw.</P><P></P><P>I will be interested to know if others have the same problem and how they resolved it.</P><P></P><P>Thanks</P></BODY></HTML> Wed, 15 Jun 2011 14:31:49 GMT Former Member 2011-06-15T14:31:49Z https://community.sap.com/t5/application-development-and-automation-discussions/authorization-for-generic-object-services-gos-payroll-data/m-p/7969899#M1603651 <HTML><HEAD></HEAD><BODY><P>Is there anyway to restrict what people see via GOS? I can't see any authorisations behind it except S_OC_ROLE. Seem users can view payroll details of a workflow agent in the workflow logs(view with technical details). Its a wild shot that an end user will find this information in the container tab but it look like a massive security flaw.</P><P></P><P>I will be interested to know if others have the same problem and how they resolved it.</P><P></P><P>Thanks</P></BODY></HTML> Wed, 15 Jun 2011 14:31:49 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorization-for-generic-object-services-gos-payroll-data/m-p/7969899#M1603651 Former Member 2011-06-15T14:31:49Z https://community.sap.com/t5/application-development-and-automation-discussions/authorization-for-generic-object-services-gos-payroll-data/m-p/7969900#M1603652 <HTML><HEAD></HEAD><BODY><P>anyone else come across this problem?</P></BODY></HTML> Thu, 16 Jun 2011 10:24:58 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorization-for-generic-object-services-gos-payroll-data/m-p/7969900#M1603652 Former Member 2011-06-16T10:24:58Z https://community.sap.com/t5/application-development-and-automation-discussions/authorization-for-generic-object-services-gos-payroll-data/m-p/7969901#M1603653 <HTML><HEAD></HEAD><BODY><P>Hello Savo,</P><P></P><P>please have a look at SAP note 491271.</P><P></P><P>b.rgds, Bernhard</P></BODY></HTML> Thu, 16 Jun 2011 10:57:22 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorization-for-generic-object-services-gos-payroll-data/m-p/7969901#M1603653 Bernhard_SAP 2011-06-16T10:57:22Z https://community.sap.com/t5/application-development-and-automation-discussions/authorization-for-generic-object-services-gos-payroll-data/m-p/7969902#M1603654 <HTML><HEAD></HEAD><BODY><P>This issue relates to authorisations. Depending on infotypes available to the user, they will be able to view data relating to the info type. </P><P></P><P>I will now have to review all authorisations to ensure there is no unauthorised access.</P></BODY></HTML> Fri, 01 Jul 2011 15:03:23 GMT https://community.sap.com/t5/application-development-and-automation-discussions/authorization-for-generic-object-services-gos-payroll-data/m-p/7969902#M1603654 Former Member 2011-07-01T15:03:23Z