SWIA - Transaction

Kjetil Kilhavn KJETILK at statoil.com
Fri Dec 15 03:54:18 EST 2006 

I think you will also be able to find out what the problem is if you use
ST01 to trace authorization checks. Then you shouldn't have to change
the user's authorizations first.
-- 
Kjetil Kilhavn, Statoil OFT GBS BAS DEV SAP

 

> -----Original Message-----
> From: sap-wug-bounces at mit.edu 
> [mailto:sap-wug-bounces at mit.edu] On Behalf Of Mike Pokraka
> Sent: Thursday, December 14, 2006 4:22 PM
> To: SAP Workflow Users' Group
> Subject: RE: SWIA - Transaction
> 
> No, I meant SWIA should be temporary. You can then do another 
> auth check the usual way - SU53.
> If e.g. the system fails on one check and then checks to see 
> if the user has admin rights (SWIA) and fails again, SU53 
> will show SWIA as being the missing auth. In reality it's the 
> first check you're after. So temporarily assign SWIA, perform 
> the same action and do another SU53. Users should definitely 
> NOT have SWIA onm a permanent basis.
> 
> 
> On Thu, December 14, 2006 14:46, Swathi_Devireddy wrote:
> > Hi Mike,
> >
> > If my User needs to execute a workitem in SWIA there is a chance he 
> > can
> execute someone elses workitem.Is there a way to restrict it .
> > Where do I do the authorization check
> >
> > Cheers,
> > Swathi
> >
> > -----Original Message-----
> > From: sap-wug-bounces at mit.edu [mailto:sap-wug-bounces at mit.edu] On 
> > Behalf
> Of Mike Pokraka
> > Sent: Thursday, December 14, 2006 7:52 PM
> > To: SAP Workflow Users' Group
> > Subject: Re: SWIA - Transaction
> >
> > Hello Swathi,
> > Authorisation checks can lie. The system may try SWIA after 
> something 
> > else has failed, but it will only show the last failed check.
> > Give the user SWIA and then do another auth check. you should find a
> different object or transaction is needed, after which you 
> can then take SWIA away again.
> > Cheers,
> > Mike
> >
> >
> > On Thu, December 14, 2006 12:43, Swathi_Devireddy wrote:
> >> Hi,
> >>
> >>
> >>
> >> SWIA administrator
> >>
> >> Transaction SWIA is a powerful transaction which should not be
> > allocated
> >> to an ordinary user. However, the s_tcode = SWIA is checked when an
> approver retrieve a work item from Business Workplace for
> > approval.User
> >> then needs the right as Workflow Administrator to administer work
> > items
> >> which is undesirable. Any security mesaure can be applied?
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >> Regards,
> >>
> >> Swathi Devireddy
> >>
> >>
> >>
> >> DISCLAIMER:
> >> This email (including any attachments) is intended for the 
> sole use 
> >> of
> > the
> >> intended recipient/s and may contain material that is CONFIDENTIAL 
> >> AND
> PRIVATE COMPANY INFORMATION. Any review or reliance by others or
> > copying
> >> or distribution or forwarding of any or all of the contents in this
> message is STRICTLY PROHIBITED. If you are not the intended 
> recipient, please contact the sender by email and delete all 
> copies; your
> > cooperation
> >> in this regard is appreciated.
> >> _______________________________________________
> >> SAP-WUG mailing list
> >> SAP-WUG at mit.edu
> >> http://mailman.mit.edu/mailman/listinfo/sap-wug
> >>
> >
> >
> > _______________________________________________
> > SAP-WUG mailing list
> > SAP-WUG at mit.edu
> > http://mailman.mit.edu/mailman/listinfo/sap-wug
> >
> >
> >
> > DISCLAIMER:
> > This email (including any attachments) is intended for the 
> sole use of
> the intended recipient/s and may contain material that is 
> CONFIDENTIAL AND PRIVATE COMPANY INFORMATION. Any review or 
> reliance by others or copying or distribution or forwarding 
> of any or all of the contents in this message is STRICTLY 
> PROHIBITED. If you are not the intended recipient, please 
> contact the sender by email and delete all copies; your 
> cooperation in this regard is appreciated.
> >
> > _______________________________________________
> > SAP-WUG mailing list
> > SAP-WUG at mit.edu
> > http://mailman.mit.edu/mailman/listinfo/sap-wug
> >
> 
> 
> 
> 
> _______________________________________________
> SAP-WUG mailing list
> SAP-WUG at mit.edu
> http://mailman.mit.edu/mailman/listinfo/sap-wug
> 


-------------------------------------------------------------------
The information contained in this message may be CONFIDENTIAL and is
intended for the addressee only. Any unauthorised use, dissemination of the
information or copying of this message is prohibited. If you are not the
addressee, please notify the sender immediately by return e-mail and delete
this message.
Thank you.

More information about the SAP-WUG mailing list