weird issue: auth check ignoring asterisk

A user in BW 3.5 is assigned one role that has a few auth objects including S_RS_COMP.   He is getting an auth failure that we can see in ST01 trace.  But the role gives all values seen in the ST01 error....the user master is compared, and the role is generated and green status.  This user should NOT get an auth failure, he definitely has all values seen in the failure.   Here is the weird thing, when I  edit the role to remove the asterisk in RSZCOMPTP and replace with explicit values (OWZ, REP), it works.   I can't explain it.   If I put it back to *, it fails.   Is this a bug?  Has anyone else seen something like this?


Helpful Answer