You want to introduce secure SAP UI5 Apps with Neptune in your company? But you or your colleagues have reservations about security?

How can we control access and be sure that only priviliged users can open and use the applications?

The Neptune Application Designer Version 3.0 contains tools for creating secure SAP UI5 applications!

Neptune offers a role based authorization concept. Using Neptune Application Management (NAM) you can create policies. They control the access to the apps. You can bind your existing SAP roles to these policies.

Depending on the policy the user can only see elements that where assigned to their SAP role.

NAD Policy – Role assignment

You can create as many policies as you wish and assign them to elements like

• Apps,
• Menus &
• Bundle-Apps

This way you can implement an authority check. (More information about the elements released in Neption 3.0 can be found here)

Note, that by using policies you can only restrict the user from seeing the apps on the launchpad. This offers only a weak protection because the apps can be called by a specific url outside of the bundle app.

In this case you have to implement a check using the Neptune Standard SAP Authorization. The app itself will check which user has called it and which SAP roles he has in the backend. If he has the needed roles, he can access the app. The deciding value here is the S_ICF object and the ICF_VALUE.

The ICF_VALUE that you have defined must be entered in the settings of your app in the Neptune Application Designer into the fieldSAP Authorization.

SAP AUTH using ICF_VALUE in NAD

Now your app is protected against unauthorised calls from the outside. (See: Neptune Support – Authorization)

If you have any problems concerning the security of your app, feel free to contact me using the comment section or email.