Application Security Query

This portal allows a security administrator to review application security configurations across users, user groups and the various types of application components they secure.

While application security is configured at the granular level of an application service and its access modes, it is more intuitive to review access rights to top level broader components:

  • Menu line. Several application services may be related to a single menu line and impact the ability to properly leverage various aspects of its functionality:

    • The application service of the transaction page or portal, which also controls the visibility of the menu line or its ‘search’ part when the line is composed of ‘add’ and ‘search’ items.

    • The application services associated with any zones on that portal.

    • The application service of the underlying maintenance object when applicable, which also controls the ‘add’ item of the menu line.

    • The application services of business objects for the underlying maintenance object.

    • The application services of portals used to maintain these business objects.

    • The application services of related portals.

    • The application services of related maintenance objects, their business objects and portals.

    • and more

    You may review the list of application services associated with a menu line on the Application Security tab on the Menu portal.

  • Sidebar Zone. This is a regular or context sensitive zone that the user has access to on the sidebar area.

  • System. This is a Toolbar or other system wide option a user is allowed to use.

  • Batch Control. This is a batch process a user is allowed to submit.

  • Report Definition. This is a report a user is allowed to submit.

  • Web Service. This is a web service a user is allowed to invoke.

  • Miscellaneous. This is a special service that a user is allowed to invoke.

  • Internal. This is an internal item that is secured by default but is assumed to be called in a context that does not require security check.

  • Unclassified. Some application services may not be related to any type of application component and as such remain unclassified. For example, there are situations where previously released services are enhanced to be associated with dedicated application service in a later release. In this situation the services may retain their original or even custom application service and the new application services may appear as not associated with any component.

Refer to Secured Objects and Application Services for details about the types of objects that may be secured.

Open this page using Admin > Security > Application Security Query.