SAP User Experience, Design, and Web Technologies

SAP Portal 7.3 Updates: Role Granularity

SAP has introduced a bunch of new functionalities in latest ramp-up release of 7.3 version. There are a lot of existing functionalities which are no more available. See the list of those removed functionalities before you start exploring SAP Netweaver Portal 7.3

Role granularity is a great concept, at least on paper. However, if we take a closer look into this concept of granularity, I must say, it was available earlier too but it was not mentioned clearly or given a specific name.

Let me explain first of all what role granularity is all about?

In Portal 7.3, there are two UME actions defined one is Read Only Action and the other one is Super Admin Action. You can control access to any std. portal application or service by assigning any of these actions. Say if you want only administrators to access and execute certain application, you can define an application specific role and assign Super Admin Action to it, there by making that application out of reach of normal users.

I can see one great extension of this concept in restricting access to internet users and giving access to intranet users. Though I have not tried and tested this functionality yet, but this should work if I granularity works the way it is defined.

How Security Zone’s different from Role Granularity?

Security Zones are the level of security assigned to the application. There are three zones defined and you can choose which one of them your application to reside in. However, there’s no role level security zones defined. These are application level specific. For e.g. if you want only administrators should be able to change or modify the application, then you can define high security zone in sharing reference property of your portal component.

Role granularity on the other hand, is a macro level security, But one major advantage of it is you can control micro level or granular security with newly added UME actions.

Leave a Reply

Your email address will not be published. Required fields are marked *