Authorizations for Sub-InfoAreas via S_RS_COMP
I though that giving access to a specific InfoArea via S_RS_COMP will also allow accessing all InfoProviders in all InfoAreas below the specified InfoArea node. However, that doesn't seem to work. I cannot access any Queries in any "Sub"-InfoAreas, only if I explicitly specify the InfoArea where the InfoProvider is located.
Is that true? There is no "inheritance" in S_RS_COMP and the InfoArea hierarchy displayed in RSA1 does not have any influence on authorizations? That would mean I have to specify the name of each specific InfoArea on the "lowest level" in S_RS_COMP - or did I miss something?
Thanks in advance!
Sander van Willigen replied
Your understanding is correct, I agree with both statements.
It's a strange situation you mentioned but I expect it can probably be explained. Please try t/code ST01, Trace Components: Authorization Check - All (i.e. all messages, not only errors) or a particular user. Execute a trace for the first query and analyze the log for S_RS_COMP. Execute the trace for the second query and analyze the log for S_RS_COMP. This way you can compare what is different.
Please note that you also have to authorize S_RS_COMP1 and possibly other objects. Please make sure by a proper authorization trace what is causing the authorization error.
If you are not able to solve the issue, please share the authorization traces as an attachment. Then I will have a look to it.