Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Authorization checks vs ST01 data

Go to solution
Former Member

‎10-28-2008 1:50 PM

0 Kudos

Experts. My 1st post.

I Just tried to find on the forum about my issue and could not find anything.

Question: How could ST01 shows that the user passed on the authorization check if he have authorization to a fixed value different?

The user have VKORG assigned as MX* on 2 different roles. Using SE16 and AGR_1252 on both roles i have the value MX*.

Opened the ST01 and set for the user received the message below. See that the first line have VKORG= ;

20:18:34:342 AUT. - - - V_VBRK_VKO RC=0 VKORG= ;ACTVT=19;

20:18:34:434 AUT. - - - V_VBRK_VKO RC=0 VKORG=MX02;ACTVT=01;

20:18:34:434 AUT. - - - V_VBRK_FKA RC=0 FKART=F2;ACTVT=01;

20:18:35: 4 AUT. - - - P_ORGIN RC=0 INFTY=0001;SUBTY=' ';AUTHC=R;PERSA=;PERSG=;PERSK=;VDSK1=;

20:18:35: 7 AUT. - - - P_ORGIN RC=0 INFTY=0002;SUBTY=' ';AUTHC=R;PERSA=;PERSG=;PERSK=;VDSK1=;

20:18:35:11 AUT. - - - P_ORGIN RC=0 INFTY=0900;SUBTY=' ';AUTHC=R;PERSA=;PERSG=;PERSK=;VDSK1=;

20:18:36:133 AUT. - - - V_VBRK_VKO RC=0 VKORG=MX02;ACTVT=01;

20:18:36:133 AUT. - - - V_VBRK_FKA RC=0 FKART=ZLAT;ACTVT=01;

20:18:37:888 AUT. - - - S_CTS_ADMI RC=0 CTS_ADMFCT=TABL;

The problem is that the user while execution a procedure to create a few invoices have them with ZERO "0" Value on them.

On most cases there is no problem with it, this happens sometimes.

Sorry if I Could not express right and will put more information if needed.

Regards.

Vladimir

1 ACCEPTED SOLUTION

Go to solution
Bernhard_SAP
Advisor
Advisor

‎10-28-2008 2:47 PM

0 Kudos

Hello Vladimir,

the value MX* covers also MX02. so the user is authorizted for MX02....

In the moment I cannot see an issue with the result of ST01, which you have copied here into yur post. Looks correct for me....

b.rgds, Bernhard

4 REPLIES 4

Go to solution
jurjen_heeck
Active Contributor

‎10-28-2008 2:07 PM

0 Kudos

> 20:18:34:342 AUT. - - - V_VBRK_VKO RC=0 VKORG= ;ACTVT=19;

I think (not completely sure here) the authorization check above just checks the activity and does not bother about the value of the VKORG field.

Another possibility is that some authority-checks have been switched off for this transaction. Have a look in transaction SU24. If an authority-check is disabled it will always show up in the trace with RC=0, regardless of the users' actual authorizations.

Jurjen

Go to solution
Bernhard_SAP
Advisor
Advisor
In response to jurjen_heeck

‎10-28-2008 2:48 PM

0 Kudos

> 

> > 20:18:34:342   AUT.	  - - -	V_VBRK_VKO RC=0	VKORG= ;ACTVT=19;
> 
> I think (not completely sure here) the authorization check above just checks the activity and does not bother about the value of the VKORG field. 
>

Hi Jurjen,

you are right. This is a typcal case for the check for value 'dummy'.

b.rgds, Bernhard

Go to solution
Bernhard_SAP
Advisor
Advisor

‎10-28-2008 2:47 PM

0 Kudos

Hello Vladimir,

the value MX* covers also MX02. so the user is authorizted for MX02....

In the moment I cannot see an issue with the result of ST01, which you have copied here into yur post. Looks correct for me....

b.rgds, Bernhard

Go to solution
Former Member

‎10-28-2008 2:50 PM

0 Kudos

If the issue is that you want to prevent users from posting a zero value invoice, then you will need to look in the IMG customizing for an option (and in the ERP Finance forums).

I am not aware that you can control this using authorizations. At least, not without adding your own code somwhere.

Cheers,

Julius