- SAP Community
- Groups
- Interest Groups
- Application Development
- Discussions
- authorization checks
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
authorization checks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-17-2007 7:41 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-17-2007 7:53 AM
Hi,
goto se38, take change, press pattern, mark authority object, insert the one you want to use ( for example: F_LFA1_BEK).
In the editor inserte the parameters. If you don't know them,
take doubleclick in the object and you will get more ninformation.
If you don't know the usage of the statement authority object, press F1 on
it and you get the Docu.
Hope it helps.
Regards, Dieter
- SAP Managed Tags:
- ABAP Development,
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-17-2007 7:46 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-17-2007 7:48 AM
Hi,
In general different users will be given different authorizations based on their role in the orgn.
We create ROLES and assign the Authorization and TCODES for that role, so only that user can have access to those T Codes.
USe SUIM and SU21 T codes for this.
Much of the data in an R/3 system has to be protected so that unauthorized users cannot access it. Therefore the appropriate authorization is required before a user can carry out certain actions in the system. When you log on to the R/3 system, the system checks in the user master record to see which transactions you are authorized to use. An authorization check is implemented for every sensitive transaction.
If you wish to protect a transaction that you have programmed yourself, then you must implement an authorization check.
This means you have to allocate an authorization object in the definition of the transaction.
For example:
program an AUTHORITY-CHECK.
AUTHORITY-CHECK OBJECT <authorization object>
ID <authority field 1> FIELD <field value 1>.
ID <authority field 2> FIELD <field value 2>.
...
ID <authority-field n> FIELD <field value n>.
The OBJECT parameter specifies the authorization object.
The ID parameter specifies an authorization field (in the authorization object).
The FIELD parameter specifies a value for the authorization field.
The authorization object and its fields have to be suitable for the transaction. In most cases you will be able to use the existing authorization objects to protect your data. But new developments may require that you define new authorization objects and fields.
http://help.sap.com/saphelp_nw04s/helpdata/en/52/67167f439b11d1896f0000e8322d00/content.htm
To ensure that a user has the appropriate authorizations when he or she performs an action, users are subject to authorization checks.
Authorization : An authorization enables you to perform a particular activity in the SAP System, based on a set of authorization object field values.
You program the authorization check using the ABAP statement AUTHORITY-CHECK.
AUTHORITY-CHECK OBJECT 'S_TRVL_BKS'
ID 'ACTVT' FIELD '02'
ID 'CUSTTYPE' FIELD 'B'.
IF SY-SUBRC <> 0.
MESSAGE E...
ENDIF.
'S_TRVL_BKS' is a auth. object
ID 'ACTVT' FIELD '02' in place 2 you can put 1,2, 3 for change create or display.
The AUTHORITY-CHECK checks whether a user has the appropriate authorization to execute a particular activity.
This Authorization concept is somewhat linked with BASIS people.
As a developer you may not have access to access to SU21 Transaction where you have to define, authorizations, Objects and for nthat object you assign fields and values. Another Tcode is PFCG where you can assign these authrization objects and TCodes for a profile and that profile in turn attached to a particular user.
Take the help of the basis Guy and create and use.
Regards,
Priyanka.
- SAP Managed Tags:
- ABAP Development,
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-17-2007 7:50 AM
Hi rakesh,
AUTHORITY-CHECK OBJECT '<object>'
ID '<name1>' FIELD <f1>
ID '<name2>' FIELD <f2>
.............
ID '<name10>' FIELD <f10>.
by using above syntax we can check authorization.suppose if you want to create authorization object go with su21 tcode.
- SAP Managed Tags:
- ABAP Development,
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-17-2007 7:53 AM
Hi,
goto se38, take change, press pattern, mark authority object, insert the one you want to use ( for example: F_LFA1_BEK).
In the editor inserte the parameters. If you don't know them,
take doubleclick in the object and you will get more ninformation.
If you don't know the usage of the statement authority object, press F1 on
it and you get the Docu.
Hope it helps.
Regards, Dieter
- SAP Managed Tags:
- ABAP Development,
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-17-2007 7:55 AM
the below link will give u the concepts right:
www.geocities.com/SiliconValley/Grid/4858/sap/Basis/AuthIntro.htm
Regards.
Aparna
- SAP Managed Tags:
- ABAP Development,
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-17-2007 7:57 AM
Hi,
The main use of Authority Check is to give authorization to the specific users. If Authority check is not given any user can use the program or table.
Ex:- In the below example i am applying the authority check for the specific t_code.
AUTHORITY-CHECK OBJECT 'S_TCODE'
ID 'TCD'
FIELD c_tcode.
IF sy-subrc NE 0.
MESSAGE e000(38) WITH text-002.
ENDIF.
in the above example 'S_TCODE'is the Object name, ‘TCD’ is the object id and c_tcode is the field name which we have used in our program.
Reward points if it is useful....
Thanks & Regards,
Vasudeva Rao.
- SAP Managed Tags:
- ABAP Development,
- Security
