topic Re: Difference between Authorization Object and an Object Class? in Application Development and Automation Discussions

Difference between Authorization Object and an Object Class?

Former Member — Sat, 18 Aug 2012 03:04:14 GMT

Hi,

I've been a Java developer having a limited knowledge about ABAP.

While trying to understand the SAP Authorization concept, I came across the terms Authorization Objects and an Object Class.

Now as per my understanding of Object Oriented concepts, an Object is a run time instance of a Class.

So I'm a bit confused with the term ABAP Objects and an Object Class.

Can someone please answer my following questions:

1. What is the meaning of the term "Object Class" in ABAP?

2. What does Authorization Object mean? Since objects are created at run time, how can we create an object at design time?

Any replies will be of great help.

Regards,

Nitin

Re: Difference between Authorization Object and an Object Class?

Former Member — Sat, 18 Aug 2012 07:12:52 GMT

Nitin

Difference is very clear :

we use this authoirzation objects to check whether the user is having an authoirzation to run perticular transaction, to view perticular data or to edit perticular view etc.

while Object class is nothing but class similar to class in other languages like (Class you must have used in java ) .you can create this class by transaction SE24 in sap and define methods and attributes of the class. and the instance of that class is obviously created at runtime to call that method of perticular class.

For more detail please visit :

http://wiki.sdn.sap.com/wiki/display/ABAP/What+are+Authorization+Objects

http://help.sap.com/saphelp_nw04/helpdata/en/c3/225b5c54f411d194a60000e8353423/content.htm

Please revert back.

Regards,

Aaradhana

Re: Difference between Authorization Object and an Object Class?

Former Member — Sat, 18 Aug 2012 20:53:06 GMT

Hi Nitin,

Object Class : Are more or less the same classes (conceptually) that you define in Java.

In ABAP Classes can have Attribute, Methods and Events along with there visibility.

Here Attribute, Method and Visibility are same as Java (Conceptually), we have some thing new called Event, since Event does not exist in Core Java Classes.

Events can also be understood as some sort of Method, which will be triggered on specific user action, may be Mouse Click.

Authorization Object : These are a set of fields that is used to check whether current user has authorization to execute any particular action in the System.

Authorization can be checked on any level, based on Business Requirement, may be Plant or Company Code or some other transaction or Business Area.

Java Handles these things in the name of JAAS.

Hope I am clear with my ideas,

In case of any doubt, kindly post.

Re: Difference between Authorization Object and an Object Class?

manish_shankar — Mon, 20 Aug 2012 07:17:11 GMT

Authorization Objects: It is a method of restricting users to access any particular application created in the system. It could simply be: denying user for viewing confidential data on-screen or denying access to certain Transactions.

Taking this feature into consideration, SAP gets the flexibility to decide at runtime whether a particular user is supposed to access a given application or not.

Suppose you have a Z-table in our system that consists of confidential data, which cannot be accessed by all users. Only authorized persons can have access to the data. So, incase these tables are being used in any program, for display/write purpose, that program would be executed only by Authorized users. Please make sure to disable Table Entries, while creating tables, and not to create any Table Maintenance Generator also. Only this program would be used to perform read/write operations on the table.

SU21 is the T-Code to create authorization object and object class.

Object Class contains one or more Authorization Objects. All authorization objects are allocated to exactly one class. This has no functional but allocating character. We will need this Object class to encapsulate the Authorization object that we will be creating.