SWIA - Transaction

Mike Pokraka asap at workflowconnections.com
Fri Dec 15 04:22:11 EST 2006 

Good point! Much easier...


On Fri, December 15, 2006 08:54, Kjetil Kilhavn wrote:
> I think you will also be able to find out what the problem is if you use
> ST01 to trace authorization checks. Then you shouldn't have to change
> the user's authorizations first.
> --
> Kjetil Kilhavn, Statoil OFT GBS BAS DEV SAP
>
>
>
>> -----Original Message-----
>> From: sap-wug-bounces at mit.edu
>> [mailto:sap-wug-bounces at mit.edu] On Behalf Of Mike Pokraka
>> Sent: Thursday, December 14, 2006 4:22 PM
>> To: SAP Workflow Users' Group
>> Subject: RE: SWIA - Transaction
>>
>> No, I meant SWIA should be temporary. You can then do another
>> auth check the usual way - SU53.
>> If e.g. the system fails on one check and then checks to see
>> if the user has admin rights (SWIA) and fails again, SU53
>> will show SWIA as being the missing auth. In reality it's the
>> first check you're after. So temporarily assign SWIA, perform
>> the same action and do another SU53. Users should definitely
>> NOT have SWIA onm a permanent basis.
>>
>>
>> On Thu, December 14, 2006 14:46, Swathi_Devireddy wrote:
>> > Hi Mike,
>> >
>> > If my User needs to execute a workitem in SWIA there is a chance he
>> > can
>> execute someone elses workitem.Is there a way to restrict it .
>> > Where do I do the authorization check
>> >
>> > Cheers,
>> > Swathi
>> >
>> > -----Original Message-----
>> > From: sap-wug-bounces at mit.edu [mailto:sap-wug-bounces at mit.edu] On
>> > Behalf
>> Of Mike Pokraka
>> > Sent: Thursday, December 14, 2006 7:52 PM
>> > To: SAP Workflow Users' Group
>> > Subject: Re: SWIA - Transaction
>> >
>> > Hello Swathi,
>> > Authorisation checks can lie. The system may try SWIA after
>> something
>> > else has failed, but it will only show the last failed check.
>> > Give the user SWIA and then do another auth check. you should find a
>> different object or transaction is needed, after which you
>> can then take SWIA away again.
>> > Cheers,
>> > Mike
>> >
>> >
>> > On Thu, December 14, 2006 12:43, Swathi_Devireddy wrote:
>> >> Hi,
>> >>
>> >>
>> >>
>> >> SWIA administrator
>> >>
>> >> Transaction SWIA is a powerful transaction which should not be
>> > allocated
>> >> to an ordinary user. However, the s_tcode = SWIA is checked when an
>> approver retrieve a work item from Business Workplace for
>> > approval.User
>> >> then needs the right as Workflow Administrator to administer work
>> > items
>> >> which is undesirable. Any security mesaure can be applied?
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >> Regards,
>> >>
>> >> Swathi Devireddy
>> >>
>> >>
>> >>
>> >> DISCLAIMER:
>> >> This email (including any attachments) is intended for the
>> sole use
>> >> of
>> > the
>> >> intended recipient/s and may contain material that is CONFIDENTIAL
>> >> AND
>> PRIVATE COMPANY INFORMATION. Any review or reliance by others or
>> > copying
>> >> or distribution or forwarding of any or all of the contents in this
>> message is STRICTLY PROHIBITED. If you are not the intended
>> recipient, please contact the sender by email and delete all
>> copies; your
>> > cooperation
>> >> in this regard is appreciated.
>> >> _______________________________________________
>> >> SAP-WUG mailing list
>> >> SAP-WUG at mit.edu
>> >> http://mailman.mit.edu/mailman/listinfo/sap-wug
>> >>
>> >
>> >
>> > _______________________________________________
>> > SAP-WUG mailing list
>> > SAP-WUG at mit.edu
>> > http://mailman.mit.edu/mailman/listinfo/sap-wug
>> >
>> >
>> >
>> > DISCLAIMER:
>> > This email (including any attachments) is intended for the
>> sole use of
>> the intended recipient/s and may contain material that is
>> CONFIDENTIAL AND PRIVATE COMPANY INFORMATION. Any review or
>> reliance by others or copying or distribution or forwarding
>> of any or all of the contents in this message is STRICTLY
>> PROHIBITED. If you are not the intended recipient, please
>> contact the sender by email and delete all copies; your
>> cooperation in this regard is appreciated.
>> >
>> > _______________________________________________
>> > SAP-WUG mailing list
>> > SAP-WUG at mit.edu
>> > http://mailman.mit.edu/mailman/listinfo/sap-wug
>> >
>>
>>
>>
>>
>> _______________________________________________
>> SAP-WUG mailing list
>> SAP-WUG at mit.edu
>> http://mailman.mit.edu/mailman/listinfo/sap-wug
>>
>
>
> -------------------------------------------------------------------
> The information contained in this message may be CONFIDENTIAL and is
> intended for the addressee only. Any unauthorised use, dissemination of
> the
> information or copying of this message is prohibited. If you are not the
> addressee, please notify the sender immediately by return e-mail and
> delete
> this message.
> Thank you.
>
> _______________________________________________
> SAP-WUG mailing list
> SAP-WUG at mit.edu
> http://mailman.mit.edu/mailman/listinfo/sap-wug
>

More information about the SAP-WUG mailing list