Executing transactions through workflow log bypass SAP security?
skidmore.s@pg.com
skidmore.s at pg.com
Mon Jun 21 14:39:56 EDT 2004
Hello Fellow WF'ers,
We are on SAP 4.5B, and a user recently brought an issue to my attention
regarding security. In our production system this user currently does not have
access to a certain transaction (to post an invoice in my case). However, we
executing the same transaction through the WF log, she is able to execute it
(and post the invoice). I had a quick check and the method/task are setup as
dialog with that user as a recipient. I also checked the method, and it is
doing a straight call transaction.
I didn't think that executing items from the workflow log skipped any of the
base SAP security checks. My next steps are to run a trace with my security
contacts, but is there anything anyone can think that would be allowing this?
Thanks,
Sheldon Skidmore
More information about the SAP-WUG
mailing list