Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

RE: use of SAP_J2EE_ADMIN Role in ABAP while having no permission in UME

Go to solution
sreekanth_sunkara
Active Participant

‎05-07-2010 7:53 PM

0 Kudos

Hi,

i know that if we are using ABAP+JAVA stacks we need to have SAP_J2EE_ADMIN to do administration on J2EE side. i have a question on this.

1. Do we map SAP_J2EE_ADMIN role to a portal role or assigning a user in ABAP with role SAP_J2EE_ADMIN will automatically gives him the ability to create a user in UME or any admin functions in J2EE

2. what happens if user has SAP_J2EE_ADMIN role in ABAP system with out having access to Netweaver J2EE Engine, can he create users in JAVA side without actually logging in there.

i am little confused about this role.

Thanks,

SS

1 ACCEPTED SOLUTION

Go to solution
Former Member

‎05-08-2010 1:09 PM

0 Kudos

>>Do we map SAP_J2EE_ADMIN role to a portal role or assigning a user in ABAP with role SAP_J2EE_ADMIN will automatically gives him the ability to create a user in UME or any admin functions in J2EE

No mapping required. Automatically it will give administration rights

>> what happens if user has SAP_J2EE_ADMIN role in ABAP system with out having access to Netweaver J2EE Engine, can he create users in JAVA side without actually logging in there.

if user has SAP_j2ee_admin in abap side, he can loging to Java URL. He can do all administration tasks, like user creation, role assignment etc in UME.

I hope it clears your doubt.

Best Regards

Imran

6 REPLIES 6

Go to solution
Former Member

‎05-08-2010 1:09 PM

0 Kudos

>>Do we map SAP_J2EE_ADMIN role to a portal role or assigning a user in ABAP with role SAP_J2EE_ADMIN will automatically gives him the ability to create a user in UME or any admin functions in J2EE

No mapping required. Automatically it will give administration rights

>> what happens if user has SAP_J2EE_ADMIN role in ABAP system with out having access to Netweaver J2EE Engine, can he create users in JAVA side without actually logging in there.

if user has SAP_j2ee_admin in abap side, he can loging to Java URL. He can do all administration tasks, like user creation, role assignment etc in UME.

I hope it clears your doubt.

Best Regards

Imran

Go to solution
sreekanth_sunkara
Active Participant
In response to Former Member

‎05-08-2010 4:03 PM

0 Kudos

Ok, thanks for your answer, but this role alone in ABAP side cannot give user more permissions on ABAP side correct?

Thanks,

SS

Go to solution
martin_voros
Active Contributor
In response to Former Member

‎05-08-2010 10:58 PM

0 Kudos

Hi,

by default these roles don't have any menu or any authorizations. That's how they are delivered by SAP. It's also mentioned in OSS note 631583

Cheers

Go to solution
sreekanth_sunkara
Active Participant
In response to Former Member

‎05-11-2010 5:33 PM

0 Kudos

Thanks to everyone who replied me.

Go to solution
Former Member
In response to Former Member

‎05-12-2010 5:55 AM

0 Kudos

One thing very basic you need to know.

If SAP J2EE engine using ABAP as UME datasource (the case of dual stack installation), ABAP roles are mapped to J2EE groups automatically, i.e. if you create a new role Zxxxx in ABAP (ume client), then you will get J2EE group automatically.

Within standard(fresh) installation, java security (administrator) roles are assigned to SAP_J2EE_ADMIN group, that's why when you get SAP_J2EE_ADMIN role assigned in ABAP ume client, can logon to the java stack with administation authorization.

Go to solution
sreekanth_sunkara
Active Participant
In response to Former Member

‎05-12-2010 2:49 PM

0 Kudos

Thank You Denny. Thanks for explaining it more clearly.

Thanks,

SS