Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

how to Authorisation Object

Former Member

‎05-27-2008 9:30 AM

0 Kudos

Hi Guys,

In transaction ME51n i want to give authorisation to users based on cost center. how can i do this. do i have to create an authorisation objct for this.

please give me detail step by step way to create authrisation object.

<removed_by_moderator>

Regards,

Quavi

Edited by: Julius Bussche on May 27, 2008 11:10 AM

6 REPLIES 6

Bernhard_SAP
Employee
Employee

‎05-27-2008 9:51 AM

0 Kudos

Hi Abdul

use transactionSU21. Enter an approproate auth.object class (doubleclick) or create an own(create button.

Then in the class press the create button, enter name, text, class, enter required fields (from SU20), create documentaton, possible allowed activites). Save.

Pls do not forget, to enter the object in SU24 after you have added your coding with the additional authority-check....

b.rgds, bernhard

l_borsboom
Active Participant

‎05-27-2008 10:45 AM

0 Kudos

Most imortant: you need to check whether an authorization check (AUTHORITY-CHECK statement in ABAP) on cost centers is built in the ME51N code. You can check this with either transaction S_ALR_87101287 or with report RPR_ABAP_SOURCE_SCAN.

According to my findings no additional checks are built in. You still can look for an appropriate user/customer exit (SMOD/CMOD)

Good luck!

Kind regards,

Lodewijk

Former Member
In response to l_borsboom

‎05-27-2008 11:21 AM

0 Kudos

Hi Lodewijk,

In addition to user/customer exits you can also use enhancement points - these are like user exits on steroids & can be very useful for including additional validations in standard transactions.

Not sure if it applies in this scenario but another option to look into.

Former Member
In response to l_borsboom

‎05-27-2008 12:13 PM

0 Kudos

Another aspect to consider is that if there already is an SAP standard auth object with fields which can do the control and is possibly already used in the auth concept to control the access in the same way it is intended to control in the exit or enhancement, then preference should be given to the standard option before creating an own one.

At least that is what we try to do.

Cheers,

Julius

Former Member

‎05-27-2008 10:50 AM

0 Kudos

Just to add!!

If you want to create your own Auth object, then follow up the document which shows the steps with screenshots.

https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/a92195a9-0b01-0010-909c-f330ea4a...

Rakesh

l_borsboom
Active Participant
In response to Former Member

‎05-27-2008 10:55 AM

0 Kudos

That's a nice document!