SWIA - Transaction
Mike Pokraka
asap at workflowconnections.com
Thu Dec 14 10:21:55 EST 2006
No, I meant SWIA should be temporary. You can then do another auth check
the usual way - SU53.
If e.g. the system fails on one check and then checks to see if the user
has admin rights (SWIA) and fails again, SU53 will show SWIA as being the
missing auth. In reality it's the first check you're after. So temporarily
assign SWIA, perform the same action and do another SU53. Users should
definitely NOT have SWIA onm a permanent basis.
On Thu, December 14, 2006 14:46, Swathi_Devireddy wrote:
> Hi Mike,
>
> If my User needs to execute a workitem in SWIA there is a chance he can
execute someone elses workitem.Is there a way to restrict it .
> Where do I do the authorization check
>
> Cheers,
> Swathi
>
> -----Original Message-----
> From: sap-wug-bounces at mit.edu [mailto:sap-wug-bounces at mit.edu] On Behalf
Of Mike Pokraka
> Sent: Thursday, December 14, 2006 7:52 PM
> To: SAP Workflow Users' Group
> Subject: Re: SWIA - Transaction
>
> Hello Swathi,
> Authorisation checks can lie. The system may try SWIA after something else
> has failed, but it will only show the last failed check.
> Give the user SWIA and then do another auth check. you should find a
different object or transaction is needed, after which you can then take
SWIA away again.
> Cheers,
> Mike
>
>
> On Thu, December 14, 2006 12:43, Swathi_Devireddy wrote:
>> Hi,
>>
>>
>>
>> SWIA administrator
>>
>> Transaction SWIA is a powerful transaction which should not be
> allocated
>> to an ordinary user. However, the s_tcode = SWIA is checked when an
approver retrieve a work item from Business Workplace for
> approval.User
>> then needs the right as Workflow Administrator to administer work
> items
>> which is undesirable. Any security mesaure can be applied?
>>
>>
>>
>>
>>
>>
>>
>> Regards,
>>
>> Swathi Devireddy
>>
>>
>>
>> DISCLAIMER:
>> This email (including any attachments) is intended for the sole use of
> the
>> intended recipient/s and may contain material that is CONFIDENTIAL AND
PRIVATE COMPANY INFORMATION. Any review or reliance by others or
> copying
>> or distribution or forwarding of any or all of the contents in this
message is STRICTLY PROHIBITED. If you are not the intended recipient,
please contact the sender by email and delete all copies; your
> cooperation
>> in this regard is appreciated.
>> _______________________________________________
>> SAP-WUG mailing list
>> SAP-WUG at mit.edu
>> http://mailman.mit.edu/mailman/listinfo/sap-wug
>>
>
>
> _______________________________________________
> SAP-WUG mailing list
> SAP-WUG at mit.edu
> http://mailman.mit.edu/mailman/listinfo/sap-wug
>
>
>
> DISCLAIMER:
> This email (including any attachments) is intended for the sole use of
the intended recipient/s and may contain material that is CONFIDENTIAL
AND PRIVATE COMPANY INFORMATION. Any review or reliance by others or
copying or distribution or forwarding of any or all of the contents in
this message is STRICTLY PROHIBITED. If you are not the intended
recipient, please contact the sender by email and delete all copies;
your cooperation in this regard is appreciated.
>
> _______________________________________________
> SAP-WUG mailing list
> SAP-WUG at mit.edu
> http://mailman.mit.edu/mailman/listinfo/sap-wug
>
More information about the SAP-WUG
mailing list