SECURITY_APPLY_ERROR
Hi,experts: I want to encrypt message while transporting B2B data,but the following error message displayed in SXI_MONITOR: <?xml version="1.0" encoding="UTF-8" standalone="yes" ?> - <!--...
View ArticleA_S_ANLGR Missing authorization for company code
Dear All, I am facing issue with authorization object A_S_ANLGR with filed BUKRS in a role for the tcode- AS81.When i give company code or all company codes in the field BUKRS system not allowing me to...
View ArticleBI Security at RSA1 tcode level
Dear All, Would like provide security for BI system at ABAP stack level i mean at modelling level RSA1 tcode.For example restricting from RSA1 tcode like info-object creation, info-object catalog...
View ArticleClik here to view.
Authorization group in OB52
Hi Experts! I am trying to configure extra authorization for a group of users in OB52; this field: But I am really lost about authorizations. Do you have any tutorial so I can follow it and achieve...
View ArticleClik here to view.
UME Security - Java Scheduler 'Action' authorization
Hello Security gurus! Our PI team would like to have access to the NWA Java Scheduler. They currently have the NWA_READONLY role, the only role that we found that provide access to the scheduler is...
View ArticleClik here to view.
BW Analysis Authorization Issue
here is a scenarioInfo provider: ZHRPYO01 (standard DSO) within this DSO there is a characteristic which is set as authorization relevant – 0EMPLSGROUPRoles assigned: ZS:BW-DAT-SAL-PAYROLL-1Query...
View ArticleRecord Management
Hi, I am trying to restrict subcomponents in Record Management. I can achieve this with the S_SRMSY_CL authorisation object, where I restrict the Element Type ID to only those that the users should...
View Articlenew tab in su01 (SNC)
Hi Everyone, I am very new to SAP Security , can any body brief me what is SNC in su01 ? In Practical how it works ?
View ArticleZero-Day exploit at Java lib Common Collections
Hi Gurus, I found the a post stating there is a Zero-Day exploit in the common collections function InvokerTransformer. Found by Gabriel Lawrence and Chris Frohoff shown in their presentation....
View ArticleProblem with SSL Cipher TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Dear experts, our logistic partner recently switched his ssl cipher from TLS_RSA_WITH_AES128_CBC_SHA to TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256. I downloaded the according ssl certificate, but our RFC...
View ArticleUser Composite Role History
Hi Experts, Do you know if it is possible to track the history of composite roles that have been assigned to a user. For single roles there is a table ush04 which shows a history of assigned roles but...
View ArticleMoving Transport request from Dev to Prod
Hello, I think this is the place to put questions on SAP Basis. I need to moved Transport from dev to prod system in ECC. But I do not have auth of STMS in prod to import TR in prod. 1) one way is to...
View ArticleSAP PI Role Upgrade
We are in process of migrating SAP PI(Dual Stack) to SAP PO (Java Stack), We have observed some discrepancy in current world roles and new world roles.And we would like to Keep existing...
View ArticleFind out roles needed
Hi,I am debugging a program and do not have change access in debugging and also for few programs the authority-check is failing.The basis team has asked for a list of roles for which i need access. Can...
View ArticleAcknowledgments to Security Researchers - Previous Months (2014 on wards)
The SAP Product Security Response Team thanks all researchers and security IT professionals that helped with discovering and solving security vulnerabilities. Their findings have helped SAP to maintain...
View ArticleCan we find the auth method used after a user has authenticated ?
When a user is authenticated to an SAP ABAP system, they can use a userid and password, SNC or an SSO2 ticket. Is there a report, or some other way to get a list of user authentications over a period...
View ArticleAcknowledgments to Security Researchers
The SAP Product Security Response Team thanks all researchers and security IT professionals that help with discovering and solving security vulnerabilities. Their findings continuously help SAP...
View ArticleSAP Security Notes December 2015 - Review
SAP has released the monthly critical patch update for December 2015. This patch update closes 26 vulnerabilities in SAP products (19 Patch Day Security Notes and 7 Support Package Security notes), 16...
View ArticleConnection between role, T-code and activity
Hi all, I'm looking for am amswer how to find the connection between role, T-0code and activity, meaning that for exa. if in one role under S_Tcode there are few T-codes, and in all other objects in...
View ArticleClik here to view.
Cloud Identity Service - Customization
I understand Cloud Identity Service offers some possibilities for customization eg. colour theme and email template.I would like to know if it is possible to customize the text shown on the webpage...
View Article