10-04-2010 3:43 AM
I am keen to hear from forum members on the best approach for adding SU24 proposals / defaults to custom and/or SAP standard ABAP webdynpros ? I have seen 3 options used:
1. manually inserted auth objects i.e. don't rely on SU24
2. use dummy Z t-codes to propose auth objects via SU24
3. generate a hash table entry for the webdynpro (function module AUTH_TRACE_WRITE_USOBHASH) so that it can then be found as a TADIR service in SU24 and auth objects added
Does anyone know the SAP recommendation for this ?
10-04-2010 11:29 PM
Hi,
there is 4th option. Activate temporally parameter auth/authorization_trace and run all you web dynpro applications. This will create a record for each authorization check performed in you application in transaction SU22. Then maintain default values and move them to SU24. It's better than using AUTH_TRACE_WRITE_USOBHASH because you don't need to enter manually all related authorization objects.
Option 1 - really bad option
Option 2 - this was my first workaround until I found FM AUTH_TRACE_WRITE_USOBHASH
Option 2 - this was my second workaround until I learned about auth/authorization_trace. BTW my assumption is that kernel directly calls FM AUTH_TRACE_WRITE_USOBHASH which is reason why I couldn't find any usage of this FM.
Cheers
10-06-2010 12:16 PM
Hi Martin, thankyou for the 4th option. With increasing use of WDA I wonder whether SAP have a plan to make the integration into role builds simpler going forward - it has proved very hard to get an answer on this. Meantime its option 3 & 4 for me.
Cheers