Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

authorization question

Go to solution
Former Member

‎10-30-2008 3:59 PM

0 Kudos

Hi,

Assume i build authoriztion object in su21 and and i give permition for display, generate, change ...

how i belong it for users ,

i assuming that i link it to the Rols but how ?

some rols i give permition (with the object i build) display and others rols to change ?

like that it works?

Regards

1 ACCEPTED SOLUTION

Go to solution
former_member1061482
Participant

‎10-30-2008 5:34 PM

0 Kudos 
Assume i build authoriztion object in su21 and and i give permition for display, generate, change ...

How/why do you give permission? You do it for "some" action through "some" Z T-code(customized T-code).

The custom auth object (that you created using SU21) is used within the program of the Z T-code under "Authority Checks"

some rols i give permition (with the object i build) display and others rols to change ?

As per the requirement, as to whether you want the user to display, change etc through the custom T-code which you have created.

Search more about Authority Checks in this forum/help.sap.com .

8 REPLIES 8

Go to solution
ThomasZloch
Active Contributor

‎10-30-2008 4:09 PM

0 Kudos

I'm sure they will be happy to answer your question in

Thomas

Go to solution
Former Member

‎10-30-2008 4:15 PM

0 Kudos

Hi Ricardo,

Post the same question in SAP Netweaver platform you will get quick response.

and one suggestion please when you post any thread make sure in which forums your are posting. Hope you follow the advice.

Cheers!!

VEnk@

Edited by: Venkat Reddy on Oct 30, 2008 9:45 PM

Go to solution
Former Member

‎10-30-2008 4:31 PM

0 Kudos

Couldn't you put in a little bit of effort before asking these questions? I have been deleting many of your threads because they are classed as Interview Questions => see [the rules|https://www.sdn.sap.com/irj/sdn/wiki?path=/display/home/rulesofEngagement].

I will move this one to the security forum for you, but I must warn you that you will either be shown SAPHelp links (which you could very easily have found yourself) or you will be told to stop being lazy.

Please think twice before opening a question =>

1) Has someone asked it before?

2) Can I find it on my own?

However that you are making authority-checks at all in your program is a step in the right direction.

Please respect the forum rules!

Julius

Go to solution
former_member1061482
Participant

‎10-30-2008 5:34 PM

0 Kudos 
Assume i build authoriztion object in su21 and and i give permition for display, generate, change ...

How/why do you give permission? You do it for "some" action through "some" Z T-code(customized T-code).

The custom auth object (that you created using SU21) is used within the program of the Z T-code under "Authority Checks"

some rols i give permition (with the object i build) display and others rols to change ?

As per the requirement, as to whether you want the user to display, change etc through the custom T-code which you have created.

Search more about Authority Checks in this forum/help.sap.com .

Go to solution
Former Member
In response to former_member1061482

‎10-30-2008 9:46 PM

0 Kudos

HI friends,

i have FM (WebService) and i want to give it authorization,

for some user to display and other to change ?

what is the step that i have to do .

i now that i have to build authority object in su21 ,and use authority check commend in the fm ,but how i link it to different type of users ?

Regards

Go to solution
former_member1061482
Participant
In response to former_member1061482

‎10-31-2008 8:07 AM

0 Kudos

You want to give different set of accesses to different set of users..for some display access, for some change access.. etc

For that you need to create different roles.. one role to give change access. The auth object within this role will give access to change (actvt 02) --> assign it to the respective users who need change access

Another role to give display access. The auth object within this role will give access to display (actvt 03)--> Assign this role to those users which need display access.

Go to solution
Former Member
In response to former_member1061482

‎10-31-2008 8:44 AM

0 Kudos

HI Hemant,

Thanks,

If i understand what u write ,

i have to build authorization object with Actv Change display ...

and i have to create rols?i not assign this new object to exist rols?

REgards

Go to solution
Former Member
In response to former_member1061482

‎10-31-2008 9:34 AM

0 Kudos

So is your question how to build a role, or how to build your FM? (both would also make a lot of sense...)

For the role part, see the application help documentation on transaction PFCG for a start.

For the FM part, take a look at how SAP built FM VIEW_MAINTENANCE_CALL for some ideas (exposing the "action" parameter, but checking it on the inside).

Please try to provide sufficient information when asking a question, so that people can sensibly answer it if they try to help you.

Good luck,

Julius