Solution : https://service.sap.com/sap/support/notes/860488 (SAP Service marketplace login required)
Summary :
In SAP systems, users face issues while executing queries due to lack of '*' authorization, particularly when using Excluding filters on authorization-relevant characteristics. The problem arises because the system's authorization check unnecessarily demands '*' authorization under these conditions, preventing users from accessing data. This issue occurs due to the way intersections involving Excluding selections are handled during authorization checks. To resolve this, an update suppresses the Excluding selection at intersections, allowing checks on union of including selections only. Implementing SAP Support Packages as outlined (SAPKW30B28, SAPKW31022, SAPKW35014) will address this. In urgent scenarios, direct application of correction instructions is recommended before the full Support Package release.
Key words :
note 836439 sapbwnews bw support package 14 netweaver'04 stack 14, 10 content import support package 22, 0b import support package 28, 50 import support package 14, 1 content support package 22, fixed global filter, 0b support package 28, dynamic filter simultaneously, sapbwnews bw 3, authorization-relevant characteristic
Related Notes :
| 993263 | Authorization problem with query with exclude selection |
| 945207 | X299 Brain in SAPLRRK0, FORM AUTHORITY_08-05- |
| 921820 | Information about authorization concept of BW 3.X systems |
| 844408 | No authorization after deactivating display hierarchy |
| 836439 | SAPBWNews BW Support Package 14 NW'04 Stack 14 RIN |
| 790323 | The log for reporting authorizations in BW |
| 783252 | SAPBWNews BW 3.1 Content Support Package 22 |
| 783170 | SAPBWNews BW 3.0B Support Package 28 |