Stabilize Security for BusinessObjects Reports When Queries Come from Multiple Systems

  • by Manoj Kunta, Certified SAP NetWeaver Security Architect
  • August 1, 2012
See how to simplify the security setup for SAP BusinessObjects reports when a user is reporting from SAP NetWeaver BW or from a non-SAP system. A common challenge a security administrator faces is to build security for reports for different types of users coming from multiple applications or systems and to keep that security setup in sync at all levels.
Key Concept

Security measures are required when users log in to SAP NetWeaver Portal to access SAP BusinessObjects reports. To successfully secure these reports, the security administrator has to build security around SAP NetWeaver Portal, BusinessObjects applications, BusinessObjects content such as groups and folders, and InfoProviders, BEx queries, and InfoObjects.

Various types of users access sensitive data by executing BEx queries, SAP BusinessObjects reports, or Portal iViews for SAP NetWeaver BW. The security administrator must build and sync the security setup for users in multiple applications, so that:

  • An end user in SAP NetWeaver BW remains an end user in BusinessObjects and SAP NetWeaver Portal
  • Users see the same data if a report is executed in SAP NetWeaver BW, BusinessObjects, or SAP NetWeaver Portal

I show a unique way of implementing security in an SAP NetWeaver BW system that is then inherited by BusinessObjects and SAP NetWeaver Portal. It ensures a common and synchronized security setup. This solution uses a concept called shell roles, which function as groups in SAP NetWeaver Portal and BusinessObjects. For more information on shell roles, see the sidebar, “Behavior of Shell Roles.”

My method secures report navigation and report data down to the InfoObject level. You can extend it to reporting on non-SAP data and data in other SAP systems, such as ERP Central Component, ERP Human Capital Management, Advanced Planning & Optimization, Customer Relationship Management, and Supplier Relationship Management.

Manoj Kunta

Manoj Kunta is a certified SAP NetWeaver security architect specializing in security implementations for SAP NetWeaver BI, BusinessObjects, SRM, CRM, and GRC 10. He does independent consulting as a subject matter expert in SAP security and SAP GRC audit compliance and is currently working as a security architect at Mylan Inc. He worked earlier with SAP America as a senior technology consultant, and was the author of SAP NetWeaver BI Security - Best Practices, a document given to clients who implemented SAP NetWeaver BW.

If you have comments about this article or would like to submit an article idea, please contact the BI editor.

See more by this author


No comments have been submitted on this article. 

Please log in to post a comment.

To learn more about subscription access to premium content, click here.