04-24-2008 10:57 PM
Hi All,
Can anyone guide me how to set up authc object for locking IT0006 record through portal webdynpro address application?
I have following setup but i am getting "you have no authorization to insert" error message.
Auth Object :P_ORGIN
INFTY : 0006
SUBTY: *
AUTHC: R
PERSA: *
PERSG: *
PERSK: *
VDSK1: *
Auth Object: P_PERNR
AUTHC: E
PSIGN: I
INFTY : 0006
SUBTY: *
If I use "Authc= R, W" in P_ORGIN, I am able to edit the record through portal but it is not locking the record.
Thanks!
Lakshmikandh
04-25-2008 8:39 AM
with the way you've set this up, you will only be able to write locked records for your own PERNR and read all other IT0006 records.
it may be an superfluous question, but are you in fact editing your own PERNR (IT0105 relations etc.)?
04-25-2008 8:39 AM
with the way you've set this up, you will only be able to write locked records for your own PERNR and read all other IT0006 records.
it may be an superfluous question, but are you in fact editing your own PERNR (IT0105 relations etc.)?
04-25-2008 4:53 PM
Yes, Right now we are using for one user for testing. I am not sure what we are missing in auth. If I use PZ02 (address) transaction in R/3 for same user, It's locking the record and working as expected. With same authorization if i use it in webdynpro address application.I am getting 'you do not have authorization to insert' error message.
Thanks!
Lakshmikandh
04-25-2008 5:45 PM
is the personnel number actually assigned to the testuser in IT0105?
and what does the trace tell you?
04-26-2008 5:32 PM
Yes, PERNR is assigned. If I assign W to auth.It is allowing the write the record but it is not locking the record. Below is trace
AUTH
P_PERNR RC=4 AUTHC=W;PSIGN=*;INFTY=0006;SUBTY=1;
P_PERNR RC=4 AUTHC=W;PSIGN=E;INFTY=0006;SUBTY=1;
P_PERNR RC=4 AUTHC=W;PSIGN=I;INFTY=0006;SUBTY=1;
P_ORGIN RC=4 INFTY=0006;SUBTY=1;AUTHC=W;PERSA=;PERSG=;PERSK=;VDSK1=;
P_PERNR RC=4 AUTHC=W;PSIGN=*;INFTY=0006;SUBTY=1;
P_PERNR RC=4 AUTHC=W;PSIGN=E;INFTY=0006;SUBTY=1;
P_PERNR RC=4 AUTHC=W;PSIGN=I;INFTY=0006;SUBTY=1;
P_ORGIN RC=4 INFTY=0006;SUBTY=1;AUTHC=W;PERSA= ;PERSG= ;PERSK= ;VDSK1= ;
P_PERNR RC=4 AUTHC=E;PSIGN=*;INFTY=0006;SUBTY=1;
P_PERNR RC=4 AUTHC=E;PSIGN=E;INFTY=0006;SUBTY=1;
P_PERNR RC=0 AUTHC=E;PSIGN=I;INFTY=0006;SUBTY=1;
P_ORGIN RC=4 INFTY=0006;SUBTY=1;AUTHC=E;PERSA=;PERSG=;PERSK=;VDSK1=;
P_PERNR RC=4 AUTHC=D;PSIGN=*;INFTY=0006;SUBTY=1;
P_PERNR RC=4 AUTHC=D;PSIGN=E;INFTY=0006;SUBTY=1;
P_PERNR RC=4 AUTHC=D;PSIGN=I;INFTY=0006;SUBTY=1;
P_ORGIN RC=4 INFTY=0006;SUBTY=1;AUTHC=D;PERSA=;PERSG=;PERSK=;VDSK1=;
P_PERNR RC=4 AUTHC=D;PSIGN=*;INFTY=0006;SUBTY=1;
P_PERNR RC=4 AUTHC=D;PSIGN=E;INFTY=0006;SUBTY=1;
P_PERNR RC=4 AUTHC=D;PSIGN=I;INFTY=0006;SUBTY=1;
P_ORGIN RC=4 INFTY=0006;SUBTY=1;AUTHC=D;PERSA= ;PERSG= ;PERSK= ;VDSK1= ;
P_PERNR RC=4 AUTHC=S;PSIGN=*;INFTY=0006;SUBTY=1;
P_PERNR RC=4 AUTHC=S;PSIGN=E;INFTY=0006;SUBTY=1;
P_PERNR RC=4 AUTHC=S;PSIGN=I;INFTY=0006;SUBTY=1;
P_ORGIN RC=4 INFTY=0006;SUBTY=1;AUTHC=S;PERSA=;PERSG=;PERSK=;VDSK1=;
P_PERNR RC=4 AUTHC=S;PSIGN=*;INFTY=0006;SUBTY=1;
P_PERNR RC=4 AUTHC=S;PSIGN=E;INFTY=0006;SUBTY=1;
P_PERNR RC=4 AUTHC=S;PSIGN=I;INFTY=0006;SUBTY=1;
P_ORGIN RC=4 INFTY=0006;SUBTY=1;AUTHC=S;PERSA= ;PERSG= ;PERSK= ;VDSK1= ;
RFC 113719 HRXSS_PER_MODIFY Prog:SAPLHRXSS_PER_P0006_USRow:
RFC 336 HRXSS_PER_CHECK Prog:SAPLHRXSS_PER_MACRow:
Thanks!
Lakshmikandh
04-28-2008 3:32 PM
hi again Lakshmikandh,
I'm afraid I cannot replicate your scenario because the environment here does not have the PERNR switch on...
is your testuser only authorized for IT0006? or do the assigned roles contain auhtorizations for more than just this infotype?
if not, you could try assigning read authorization (R,M) for infotype range: 0000-0015 in P_ORGIN.
also, what happens if you use the symmetrical (S) locking type?