on 04-19-2016 1:12 PM
Hey everyone!
I have faced issue regarding Personas authorization object. When I use stauthtrace to evaluate authorization issues user is has while executing transaction, it gives me, inter alia, response that this user has missing authorization for Personas, but this user doesn't need anything else that use and change flavor... why is this an issue here?
Thank you in advance
Hi Diana,
thank you very much for your question. Basically you have to ignore these kinds of failing authority checks. During Personas Runtime / Backend initialization we check the users authorizations and set the corresponding editor and runtime features to enabled or disabled.
For example in case a user opens the Flavor Gallery we always have to check whether the user is a runtime admin and therefore we have to load all flavors available for the current transaction.
I'll check out with our development colleagues whether we can minimize the authorization checks appearing in the log.
Best regards,
Dominik
Personas ABAP Development Lead
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Diana,
can you please implement SAP note 2317313 in SP02 or implement SP03. This should already help minimizing the number of authority checks. I'll investigate further and check whether we can do other changes.
Best regards,
Dominik Ofenloch
Personas ABAP Development Lead
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I'm not across personas but would ACTVT 03 fix the issue. The trace file looks like it's looping through each activity of P_RUNTIME to see if the user has access?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
This error is accurate for all users that have also assigned personas role (copied from /PERSONAS/CONSUMER_ROLE). All they do is logon with their userID into Screen Personas or regular GUI, although all transaction buttons are available and usable, system issues this authorization in SU53 as well as in STAUTHTRACE.
Diana
Hi Diana,
I gave to a test user the Personas consumer role + execution access to SMEN and SU53 - no other access. I ran into the same authorization check not successful as you did.
The case here is that method IS_USER_AUTHORIZED from class /PERSONAS/CL_AUTHMGR_BASE receives all P_ACTVT_RT values (i.e. '*'). Thus, it is execpted that for consumer role, you find the fail for activities 04, 05, 06 and 07.
Regards,
Cris
Hi Diana,
Could you check whether SAP note 2276155 is implemented in the system?
Thanks and kind regards,
Cris
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
76 | |
9 | |
8 | |
7 | |
6 | |
5 | |
5 | |
5 | |
5 | |
5 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.