Security settings are used to provide additional rules and roles on top of the standard SAP- provided rules and roles.
Security Settings - System Security
Use this tab to configure system security settings that are mobile application-independent. System security settings apply to all applications running on the framework.
Security Check Rule List
• Add Rule button: Press the Add Rule button to add a new system security rule. Fill in the
fields in the Rule Detail section to automatically fill in the fields in this table.
• Delete Rule button: Press the Delete Rule button to delete an system security rule. To
delete a system security rule, press the rectangle to the left of the Rule Type column in the row you wish to delete and press the Delete Rule button.
• Rule Type: Rule Type from the Rule Detail section. This is a non-editable field.
• Object Name: Taken from the Profile field in the Rule Detail section if rule type
• Authorization Field Name: Standard SAP authorization object name. This is a non-
editable field.
• Authorization Field Value: Free-text field. Text entered depends on developer
implementation in SAP. This is a non-editable field.
• System Admin Indicator: When Rule Type: User Role is selected, taken from the System
Admin Indicator field in the Rule Detail section. This is a non-editable field.
Rule Detail - Rule Type: User Role
• Rule Type: User Role: In addition to the standard SAP user profile rules, the user role can
add restrictions on what a user can or cannot see in menus or other mobile application screens.
• Role: User role in SAP. To search for a user role, click on the white box icon to the right of
the Role field to display the Role Selection search window. • Name: Brief description of the role. This is a non-editable field.
• System Admin Indicator: Drop-down menu with four choices:
• System administrator: User role can view system activity and make changes to
system administration setup in the Administration portal.
• System administration - View only: User role can view the system activity in the
Administration portal, but cannot make changes to the setup.
• System configurator: User role can view system configuration and make changes to
the setup in the Configuration portal.
• System configuration - View only: User role can view the system configuration in the
Configuration portal, but cannot make changes to the setup.
Once the System Admin Indicator roles have been configured, the configurations and roles are available in both the Configuration and the Administration & Monitoring portals.
Rule Detail - Rule Type: Authorization Profile
• Rule Type: Authorization Profile: A collection of objects, or roles, such as Technician or
Supervisor.
• Profile: Authorization profile in SAP. To search for an authorization profile, click on the
white box icon to the right of the Profile field. The Profile Selection window displays. • Text: Brief description of the authorization profile. This is a non-editable field.
Rule Detail - Rule Type: Authorization Object
• Rule Type: Authorization Object: Baseline object used across mobile applications
• Authorization Object: Authorization object in SAP.
• Authorization Field: Standard SAP authorization object name
• Authorization Field: Free-text field. Text entered depends on developer implementation
Security Settings - Product Security
Use this tab to configure security settings for a specific mobile application. Security Settings - Product Security
Security Check Rule List
• Add Rule button: Press the Add Rule button to add a new product security rule. Fill in the
• Delete Rule button: Press the Delete Rule button to delete an product security rule. To
delete a product security rule, press the rectangle to the left of the Rule Type column in the row you wish to delete and press the Delete Rule button.
• Product: Mobile application chosen in the Rule Detail section. This is a non-editable
field.
• Rule Type: Rule Type from the Rule Detail section. This is a non-editable field.
• Object Name: Taken from the Profile field in the Rule Detail section if rule type
Authorization Object is chosen. This is a non-editable field.
• Authorization Field: Taken from the Authorization Field selection if rule type
Authorization Object is chosen. Standard SAP authorization object name. This is a non- editable field.
• Authorization Field Value: Taken from the Field Value selection if rule type
Authorization Object is chosen.
Rule Detail - Security Rule Type: User Role
• Product: Select the mobile application that will contain the product security rule.
• Rule Type: User Role: In addition to the standard SAP user profile rules, the user role can
add restrictions on what a user can or cannot see in menus or other mobile application screens.
• Role: Select a user role contained within SAP.
• Name: After the user role is selected, this non-editable field is filled in with the descriptive
name of the user role.
Rule Detail - Security Rule Type: Authorization Profile
• Product: Select the mobile application that will contain the product security rule.
• Rule Type: Authorization Profile: A collection of objects, or roles, such as Technician or
Supervisor.
• Profile: Select an authorization profile contained within SAP.
• Text: After the authorization profile is selected, this non-editable field is filled in with the
descriptive name of the authorization profile.
Rule Detail - Security Rule Type: Authorization Object
• Product: Select the mobile application that will contain the product security rule.
• Rule Type: Authorization Object: Baseline object used across mobile applications.
• Authorization Object: Select an authorization object contained within SAP.
• Authorization Field: Select a field contained within SAP.
• Field Value: Free-text field for additional object configuration. Text entered depends on
Security Settings - Class Handler Security
Use this tab to configure class handler security settings that cross mobile applications, but are only applicable for the selected data object handler chosen in the Rule Detail pane.
Security Settings - Class Handler Security
Security Check Rule List
• Add Rule button: Press the [Add Rule] button to add a new class handler security rule.
Fill in the fields in the Rule Detail section to automatically fill in the fields in this table. • Delete Rule button: Press the [Delete Rule] button to delete an class handler security rule.
To delete a class handler security rule, press the rectangle to the left of the Rule Type column in the row you wish to delete and press the Delete Rule button.
• Class Handler: Taken from the Data Object Handler field in the Rule Detail section. This
is a non-editable field.
• Class Method: Taken from the Handler Method field in the Rule Detail section. This is a
non-editable field.
• Rule Type: Rule Type from the Rule Detail section. This is a non-editable field.
• Object Name: Taken from the Profile field in the Rule Detail section if rule type
Authorization Object is chosen. This is a non-editable field.
• Authorization Field: Taken from the Authorization Field selection if rule type
Authorization Object is chosen. Standard SAP authorization object name. This is a non- editable field.
• Authorization Field Value: Taken from the Field Value selection if rule type
Authorization Object is chosen.
Rule Detail - Security Rule Type: User Role
• Data Object Handler: Select the desired class handler from the drop-down list.
• Handler Method: Select the desired handler method from the drop-down list.
• Rule Type: User Role: In addition to the standard SAP user profile rules, the user role can
add restrictions on what a user can or cannot see in menus or other mobile application screens.
• Role: Select a user role contained within SAP.
• Name: After the user role is selected, this non-editable field is filled in with the descriptive
name of the user role.
Rule Detail - Security Rule Type: Authorization Profile
• Data Object Handler: Select the desired class handler from the drop-down list.
• Handler Method: Select the desired handler method from the drop-down list.
• Rule Type: Authorization Profile: A collection of objects, or roles, such as Technician or
Supervisor.
• Profile: Select an authorization profile contained within SAP.
• Text: After the authorization profile is selected, this non-editable field is filled in with the
descriptive name of the authorization profile.
Rule Detail - Security Rule Type: Authorization Object
• Data Object Handler: Select the desired class handler from the drop-down list.
• Handler Method: Select the desired handler method from the drop-down list.
• Rule Type: Authorization Object: Baseline object used across mobile applications
• Authorization Object: Select an authorization object contained within SAP.
• Authorization Field: Select a field contained within SAP.
• Field Value: Free-text field for additional object configuration. Text entered depends on