-
Products and Technology
By Category
-
Groups
Activity Groups
Industry Groups
Influence and Feedback Groups
Interest Groups
Location Groups
Customer Only Groups
- Developers
- Partners
- Events
- Help Center
- Topic Pages
-
Explore SAP
Products
Learning and Support
-
- Products and Technology
- Groups
- Developers
- Partners
- Events
- Help Center
- Topic Pages
-
Explore SAP
- Explore SAP
-
Products
- Products
- SAP Business Suite
- Artificial Intelligence
- Business applications
- Data and analytics
- Technology Platform
- Financial Management
- Spend Management
- Supply Chain Management
- Human Capital Management
- Customer Experience
- SAP Business Network
- View products A-Z
- View industries
- Try SAP
- Partners
- Services
- Learning and Support
- About
- SAP Community
- Groups
- Interest Groups
- Application Development and Automation
- Discussions
- user management in SAP web AS Java
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
user management in SAP web AS Java
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2011 Aug 29 3:42 PM
- SAP Managed Tags
- Security
My company currently has a user management concept in place for BASIS. These concepts follow the segregation of duties principle. So for example a system administrator can grant rights to end-users but he can't change content himself. This concept was put in place to comply with SOX.
Now my company would like the same principles to be implemented in SAP web AS Java. I have searched the forums, blogs and notes, but i can't seem to find some best practices regarding the matter.
As I have difficulties finding these I am wondering if it is perhaps not needed from a SOX point of view, as the web AS Java doesn't directly access content, does this make sense?
Regardless of the SOX point of view I still believe the problem exists because anyone can mess up your portal environment if the user management is not handled correctly. So does sap have some best practices regarding user management in the web AS Java?
Any feedback on these 2 questions would be great!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2011 Aug 29 5:47 PM
- SAP Managed Tags
- Security
Hi,
In my company, we have decided to use the abap ECC6 system as the UME source for the SAP Portal.
Therefore we did not change anything for our users management : All is done in ECC6.
Regards,
Olivier
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2011 Aug 30 12:48 AM
- SAP Managed Tags
- Security
Hi,
when I hear these types of requirements I always think of IdM. Any IdM (not only from SAP) allows you to easily satisfy all SOX requirements. I understand that implementing IdM solution is not an easy task but you might get additional benefits from it like reduction of service desk calls and so on, not only compliance.
Cheers
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2011 Aug 30 6:30 AM
- SAP Managed Tags
- Security
In Web AS Java, as per my understanding there is no segregation for user management and role management. An admin role is required. However is this system cover under this segregation? I do not think so. As you won't be changing any portal role.
Regards,
Arpan Paik
Bluesky