Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Custom Transactions

Go to solution
Former Member

‎02-25-2009 11:02 PM

0 Kudos

What is the best practice for security around custom transactions? Should I ask the developers to include the authority-check as part of the code? Should I always add auth objects in SU24 for all custom transactions? What else should be done in terms of securing custom transactions?

Thanks,

Bliss

1 ACCEPTED SOLUTION

Go to solution
Former Member

‎02-26-2009 2:57 AM

0 Kudos

Hi,

It is always recommended to included AUTHORITY CHECK in the program. Once the custom transaction code is created, you can include the object thru SU24.

However, if you are modifying an existing transaction (adding object in su24 for the existing tcode), ensure to retransport them to production and regenerate the roles. Else, the changes will not be imparted to the existing roles.

Hope this helps you.

Regards,

Raghu

1 REPLY 1

Go to solution
Former Member

‎02-26-2009 2:57 AM

0 Kudos

Hi,

It is always recommended to included AUTHORITY CHECK in the program. Once the custom transaction code is created, you can include the object thru SU24.

However, if you are modifying an existing transaction (adding object in su24 for the existing tcode), ensure to retransport them to production and regenerate the roles. Else, the changes will not be imparted to the existing roles.

Hope this helps you.

Regards,

Raghu