Professional Documents
Culture Documents
SAP Business Planning and Consolidation, version for SAP NetWeaver | 10.1
PUBLIC
Original content:
https://help.sap.com/docs/SAP_BUSINESS_PLANNING_AND_CONSOLIDATION,_VERSION_FOR_SAP_NETWEAVER/8314dccf627e488d9e029009a0d9e05d?
locale=en-US&state=PRODUCTION&version=10.1
Warning
This document has been generated from the SAP Help Portal and is an incomplete version of the official SAP product documentation. The information
included in custom documentation may not re ect the arrangement of topics in the SAP Help Portal, and may be missing important aspects and/or
correlations to other topics. For this reason, it is not for productive use.
This is custom documentation. For more information, please visit the SAP Help Portal 1
1/18/2023
Introduction
The application uses the same user management and authentication mechanisms provided with the SAP NetWeaver platform, in particular the SAP
NetWeaver Application Server ABAP. Therefore, the security recommendations and guidelines for user administration and authentication as described in the
SAP NetWeaver Application Server ABAP Security Guide also apply to this.
For more information, see the SAP NetWeaver Application Server ABAP Security Guide on SAP Help Portal at http://help.sap.com SAP NetWeaver .
In addition to these guidelines, there is information about user administration and authentication that speci cally applies to the application in the following
sections:
User Management
This lists the tools to use for user management and the types of users required.
This section also contains information about setting up users and teams in the following topics:
Setting Up Teams
User Management
Use
User management for the application uses the mechanisms provided with the SAP NetWeaver Application Server ABAP, for example, tools, user types, and
password policies.
This table shows the tools to use for user management and user administration in the application.
User and role maintenance with SAP NetWeaver AS For more information about user and role -
ABAP (Transactions SU01, PFCG) administration of AS ABAP, see SAP Help Portal at
http://help.sap.com SAP NetWeaver
User Types
The user types required for the application include the following:
Individual users
Standard Users
The application does not require the creation of additional dedicated users for any special purposes. Its use is possible via user accounts created for regular
users by assigning the necessary application-related authorizations to them.
This is custom documentation. For more information, please visit the SAP Help Portal 2
1/18/2023
The application does not deliver additional user data synchronization related features in addition to those available in the SAP NetWeaver platform. It also
does not impose any special needs or restrictions, which would limit the usage of related NetWeaver tools.
Recommendation
We recommend that the application is used in an environment where the same users exist throughout all the connected systems in the landscape.
SAML 2.0
Note
SAML support is only available on SAP NetWeaver ABAP or Java 7.02 or higher.
For more information about the supported mechanisms, see SAP Help Portal at http://help.sap.com SAP NetWeaver .
After session timeout, the web session correctly expires but the SSO ticket remains valid. If the user sends a new request after the session has expired, the
system authenticates the user through SSO and creates a new session. From the user perspective, it appears that the session has not expired.
In order to have correct session expiration, the administrator must limit the validity period of the SSO ticket (for example, to two minutes, which is the
validity period of reentrance tickets). You set this using the kernel parameter login/ticket_expiration_time in the SAP NetWeaver default.pfl
con guration le, for example, login/ticket_expiration_time=0:02.
For more information about how to set this parameter, see the SAP NetWeaver help at
http://help.sap.com/saphelp_nw74/helpdata/en/22/41c43ac23cef2fe10000000a114084/content.htm .
Use
You can add new users in an environment and assign them to teams, task pro les, and data access pro les.
If you are not using the default task or data access pro les and have not set them up yet, we recommend that you de ne them before adding users. You
might also want to create teams, so that you can assign the newly added users to the appropriate teams.
Alternatively, when you de ne the teams and pro les, you can assign users to them at that time.
Note
Sarbanes-Oxley compliance is a hardcoded behavior in Planning and Consolidation, as the system does not save users' passwords on client machines.
Features
Adding Users
Before you can add a new user, you must have created that user in the ABAP back-end. For more information, see the SAP NetWeaver Security Guide.
This is custom documentation. For more information, please visit the SAP Help Portal 3
1/18/2023
To add users, go to Administration and under the Security section, choose Users. In the Users view, select Add. In the Add User assistant, select the one or
more users to add in the environment and assign one or more teams to the users.
Modifying Users
To modify a user de nition, go to Administration and under the Security section, choose Users. In the Users view, highlight the user and select Edit. You can
then add or remove teams, task pro les and data access pro les for the user.
Removing Users
To remove an existing user, go to Administration and under the Security section, choose Users. In the Users view, highlight the user and select Remove, then
click OK.
Setting Up Teams
Use
You can set up and maintain teams of users. When you assign security to a team, the security works collectively on the team members. This allows you to set
up task and data access security for several users at the same time. Teams are not required to successfully process security.
Features
Adding Teams
To add teams, go to Administration and under the Security section, choose Teams. In the Teams view, select New. In the Add Team assistant, enter an ID and
a description for the team and assign one or more users to it.
Modifying Teams
To add teams, go to Administration and under the Security section, choose Teams. In the Teams view, highlight the team and select Edit. You can then add or
remove users, task pro les and data access pro les for the team.
Removing Teams
To add teams, go to Administration and under the Security section, choose Teams. In the Teams view, highlight the team and select Delete, then click OK.
Assigning one or more team leaders is useful when you want to give them special access rights to the team's folder. You can assign team leaders while you
are de ning or modifying a team. You can choose one or more team members to be a team leader.
This is custom documentation. For more information, please visit the SAP Help Portal 4