Triggering Workflows from SE16

Scheinoha John Scheinoha.John at basco.com
Wed Feb 25 11:44:29 EST 2004 

David,
 
   You can assign an authorization group to an SAP table.  If you use
transaction SE11 for the SAP table, go to Utilities =3D> Table Maintenanc=
e
Generator.  Table authorizations can be maintained here.  These table
authorizations can then be added to the respective roles by you SAP
Authorization Group.  You might also want to look at SAP table TDDAT.=20
This is the table where these SAP table authorization records are kept.=20
Also when you are looking at the Table Maintenance generator via SE11,
if you do the F1 on the Authorization Group field and then select the
SAP help, you will be taken to the BC documentation regarding table
maintenance.
 
   We use the table authorizations to give / deny access to certain SAP
table data to certain groups.
 
 
I hope this helps,
 
 
John Scheinoha
Briggs & Stratton Corporation
(414) 256 - 5136
scheinoha.john at basco.com
 
>>> workflow at quirky.me.uk 02/25/04 09:23AM >>>
Hi David,
I'd have to agree with Heinz on the authorization part. This is
definitely
better than to hook into SE16. Consider the numerous other ways to view
table
contents.
If you're really serious about security you'd be better off considering
a
different approach such as encrypting the data. The en/decrypt routines
can
include auditing. I'm not familiar with SAP offerings in this area, but
worth
some research. Still doesn't stop some techie doing a database dump and
taking
it home to crack though... airtight is all but impossible.
 
Cheers
Mike
 
Bibby, David wrote:
> Heinz,
> It's something our BASIS team are looking into. However, they need
some
> people to have access for support purposes.
> I know it seems a little crazy to restrict access to the data to just
a few
> people and then keep logs on who access the data, but apparently it's
for
> legal reasons that we need to keep audit data.
> Rgds
> David
>
> -----Original Message-----
>> From: Schmidinger, Heinz (Unaxis IT BZ)
> [mailto:heinz.schmidinger at unaxis.com]=20
> Sent: 25 February 2004 13:26
> To: SAP-WUG at MITVMA.MIT.EDU=20
> Subject: AW: Triggering Workflows from SE16
>
>
> Hi Dvid,
>
> can you use authorization to restrict access to table (AO
??TABU_DIS?? or so
> if I rember right) ?
>
>
> regards
>
> Heinz
>
> -----Urspr=FCngliche Nachricht-----
> Von: Bibby, David [mailto:david.bibby at Linklaters.com]=20
> Gesendet am: Mittwoch, 25. Februar 2004 13:08
> An: SAP-WUG at MITVMA.MIT.EDU=20
> Betreff: Re: Triggering Workflows from SE16
>
> Michael
> The requirement is to report on users and support staff accessing
sensitive
> information.
> We have a custom transaction that people use to view and edit the
sensitive
> data. We can amend custom transaction to log when a user views data
through
> this transaction.
> However, anyone who has access to SE16 can easily view this data, and
as
> SE16 is standard SAP we cannot put our own code in there to log what
they
> are doing.
> The reason I asked about workflow, was that I thought if there was a
way of
> triggering a workflow when certain tables were viewed, I could write
this
> information to a log table.
>
> Another option is to upload an audit log file of the SQL trace, but
this
> isn't user friendly. The people using this report are special SAP
users
> within the firm and not technical.
>
> Regards
> David
>
>
> -----Original Message-----
>> From: Michael Pokraka [mailto:workflow at quirky.me.uk]=20
> Sent: 25 February 2004 11:58
> To: SAP-WUG at MITVMA.MIT.EDU=20
> Subject: Re: Triggering Workflows from SE16
>
>
> You mean someone wants to be alerted when people start poking around
in
> things
> they shouldn't?
> If so, I would in any case only consider this to be a half measure as
there
> are many ways to look at a table without SE16....
> Explain your requirement and we may be able to help. Perhaps table
logging
> is
> an alternative.
>
> Cheers
> Mike
>
> Bibby, David wrote:
>> Hi All,
>> Has anyone ever triggered a workflow from a user accessing SE16
e.g.
> triggering a workflow when accessing a particular table in SE16 ? Is
this
> possible ?
>> Many Thanks
>> David
>>
>>
>>
>> ________________________________________________
>> This message is confidential. It may also be privileged or
>> otherwise protected by work product immunity or other legal
>> rules. If you have received it by mistake please let us know
>> by reply and then delete it from your system; you should not
>> copy the message or disclose its contents to anyone. All
>> messages sent to and from Linklaters may be monitored to
>> ensure compliance with internal policies and to protect  our
>> business.
>>
>> Please refer to http://www.linklaters.com/regulation for
>> important information on the regulatory position of the firm.
>>
>>
>
>

More information about the SAP-WUG mailing list