Steps to Implement InfoObject Security or field-level security as it is called.
- Making the InfoObject authorization-relevant.
This is done in InfoObject defination in Bex tab. Your business needs will drive which InfoObjects should be relevant for security. Keep in mind this is made to make help to run Business better.
- Next step is to create a custom reporting authorization object.
There is no reporting authorization object provided for InfoObjects. Securing of infoobject is done by creating authorization object. This can be done using transaction RSSM. Only InfoObjects that have been marked Authorization Relevant can be put in a reporting authorization object.
- Adding your new authorization object to a role.
After linking your authorization object to the appropriate InfoCube, you have to manually insert your object into a role.
- Add a variable to the query.
The only way the query can restrict data dynamically is through a variable.
- Finally linking the reporting authorization object to an InfoProvider.
You will impact people currently executing queries for the InfoProvider that is now related to your reporting authorization object. This linkage forces your reporting authorization object to be checked when ANY query tied to the InfoProvider is executed.
Create a Reporting Authorization Object
- Go to SAP Business Information
Warehouse choose Business Explorer >> Authorizations>> Reporting Authorization Objects.
- Choose Authorization Object >> Create.
Enter a technical name and a description for the reporting authorization object. Save your entries. You can only assign those which are previously marked authorization relevant.
- Assign the InfoObject fields to the reporting authorization object:
- Save your entries
|
