Additional Blogs by SAP
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Assign HANA privileges to User Role

former_member195421
Participant
‎09-30-2014 10:07 AM


Hi ,


Here in this blog I am trying to explain HANA Authorization concepts with an example that might be helpful to those who started learning HANA as like me .

If you alike to learn more on the topic please refer HANA security guide or Developer guide .


When a user accesses the SAP HANA database using a client interface (for example, ODBC, JDBC, or HTTP), his or her ability to perform database operations on database objects is determined by the privileges that he or she has been granted.All the privileges granted directly or indirectly (through roles) to a user are combined. This means that whenever a user tries to access an object, the system performs an authorization check on the user, the user's roles, and directly granted privileges.



Several Privilege types are used in SAP HANA


1. System Privilege

System privileges control general system activities, are mainly used to authorize users to perform administrative actions,

Including:

  • Creating schemas
  • Managing users
  • Performing data backups

2. Object Privilege

Object privileges are used to allow access to and modification of database objects, such as tables and views.

3. Package Privilege

Authorizations assigned to a repository package are implicitly assigned to the design-time objects in the package as well as to all sub-packages. Users are only allowed to maintain objects in a repository package if they have the necessary privileges for the package in which they want to perform an operation.


4. Analytic Privilege

Analytic privileges are used to grant different users access to different portions of data in the same view depending on their business role.

5. Application Privilege

In SAP HANA Extended Application Services (SAP HANA XS), application privileges define the authorization level required for access to an SAP HANA XS application.



1.    Right click on the Users menu and select “New User”




2. Name the User “USER1”  & Maintain password



3.  Execute

4.  Login to the HANA System using the new user


5. Try to execute a SELECT on table in a Catalog

6.Create Role with appropriate privilege to execute the SELECT and Assign to USER1


7. Enter the container (Your Project folder) and Role name


8. Enter the package name and object privilege as shown below



9. Activate





10 . Check the created role in the system view





11. Grant the role created to the user USER1








12 . Execute the SELECT operation






13. Check if user has access to “CONTENT” Folder





14. Assign the appropriate privilege to the Role already created and Activate






15.  Check to open the content folder




16. Add Package privilege to the role created




17.  Check the Content folder






18. Try to Create a Schema





19. Provide System privilege “CREATE SCHEMA” to the role



20. Execute SQL console for Creating the schema






21. Try to access an application on top of XS







22. Provide application privilege to the role

24. Login to the application after obtaining the application privilege

2 Comments
Popular Blog Posts