https://community.sap.com/t5/application-development-and-automation-discussions/context-sensitive-authorization/m-p/2724274#M632175 <HTML><HEAD></HEAD><BODY><P>hi netra,</P><P></P><P>I can't think of a reason to use ORGIN and ORGINCON simultaneously. </P><P>what's the use of using both types of objects when you can use P_ORGINCON without specifying a PROFL. this will be identical to the P_ORGIN object.</P><P>have you SU24-ed the P_ORGINCON checks yet?</P><P></P><P>also, in your test-environment have you specified structural profiles at all? I would like to know whether that's working correctly as well.</P></BODY></HTML> Fri, 17 Aug 2007 13:15:24 GMT former_member74904 2007-08-17T13:15:24Z https://community.sap.com/t5/application-development-and-automation-discussions/context-sensitive-authorization/m-p/2724273#M632174 <HTML><HEAD></HEAD><BODY><P>Hi all:</P><P>I am looking at whether Context sensitive authorization check is worth implementing in my organization. I have read sap help and some other documentation and all of them seem to suggest that when turning Context switch AUTSW-INCON to 1 we should turn off HR master data switch off AUTSW-ORGIN to 0. They can't be implemented simultenously. However in my case I think I could use if both of these switches are on so I can use context for some roles and not for others. When I tested this in a test client, it seems to be working fine with both switches set to 1. My question to you is: Is this possible and what are some impacts that I my encounter because of this? I would appreciate your input.</P><P></P><P>Thanks,</P><P>Netra</P></BODY></HTML> Thu, 16 Aug 2007 22:51:44 GMT https://community.sap.com/t5/application-development-and-automation-discussions/context-sensitive-authorization/m-p/2724273#M632174 Former Member 2007-08-16T22:51:44Z https://community.sap.com/t5/application-development-and-automation-discussions/context-sensitive-authorization/m-p/2724274#M632175 <HTML><HEAD></HEAD><BODY><P>hi netra,</P><P></P><P>I can't think of a reason to use ORGIN and ORGINCON simultaneously. </P><P>what's the use of using both types of objects when you can use P_ORGINCON without specifying a PROFL. this will be identical to the P_ORGIN object.</P><P>have you SU24-ed the P_ORGINCON checks yet?</P><P></P><P>also, in your test-environment have you specified structural profiles at all? I would like to know whether that's working correctly as well.</P></BODY></HTML> Fri, 17 Aug 2007 13:15:24 GMT https://community.sap.com/t5/application-development-and-automation-discussions/context-sensitive-authorization/m-p/2724274#M632175 former_member74904 2007-08-17T13:15:24Z https://community.sap.com/t5/application-development-and-automation-discussions/context-sensitive-authorization/m-p/2724275#M632176 <HTML><HEAD></HEAD><BODY><P>Thanks Dimitri,</P><P>I understand what you are saying but the roles here are already setup and functioning with P_ORGIN and most of these have manually inserted objects. If I implement just Context then I will need to change all the roles to replace ORGIN with ORGINCON. I think that is a quite a bit of work. If I can have them activated simultaneously then I can only change few roles where the solution is needed. No, I have not started working on SU24 yet and I am not sure how helpful it will be maintain this as most roles have manually inserted objects. And also in my test environment I have str. profile setup and i have specified them in my context object. </P><P>I appreciate your thoughts.</P><P></P><P>Thanks,</P><P>Netra</P></BODY></HTML> Fri, 17 Aug 2007 15:19:38 GMT https://community.sap.com/t5/application-development-and-automation-discussions/context-sensitive-authorization/m-p/2724275#M632176 Former Member 2007-08-17T15:19:38Z https://community.sap.com/t5/application-development-and-automation-discussions/context-sensitive-authorization/m-p/2724276#M632177 <HTML><HEAD></HEAD><BODY><P>hi again Netra,</P><P></P><P>I understand that it will be quite some work changing all P_ORGIN roles to P_ORGINCON. as a matter of fact I'm in the middle of doing so myself...</P><P>what I can tell you however, is that leaving the situation as you describe above, will result in poorer performance because now both objects will be checked at runtime. </P><P>I don't think you will notice on the testenvironment, but it could have a significant impact in a live productive system. </P><P>anyway, good luck on your project and let me know how things work out for you!</P><P></P><P>thanks,</P><P>dimitri</P></BODY></HTML> Mon, 20 Aug 2007 09:53:42 GMT https://community.sap.com/t5/application-development-and-automation-discussions/context-sensitive-authorization/m-p/2724276#M632177 former_member74904 2007-08-20T09:53:42Z https://community.sap.com/t5/application-development-and-automation-discussions/context-sensitive-authorization/m-p/2724277#M632178 <HTML><HEAD></HEAD><BODY><P>Thanks Dimitri. I did not really think about performance issues, thanks! I am going to include ORGINCON and disable ORGIN as you suggested. </P><P></P><P>Thanks again,</P><P>Netra</P></BODY></HTML> Mon, 20 Aug 2007 15:58:31 GMT https://community.sap.com/t5/application-development-and-automation-discussions/context-sensitive-authorization/m-p/2724277#M632178 Former Member 2007-08-20T15:58:31Z https://community.sap.com/t5/application-development-and-automation-discussions/context-sensitive-authorization/m-p/2724278#M632179 <HTML><HEAD></HEAD><BODY><P>Hi:</P><P></P><P>As soon as P_ORGINCON is switched on, old roles using P_ORGIN doesn't work even if P_ORGIN is on too. System starts complaining like "No read authorization for...".</P><P></P><P>So how can you use both at the same time? Roles need to be change? Am I missing something? Help will be appreciated.</P><P>Thanks</P><P>Sukhbir Singh</P></BODY></HTML> Mon, 03 Mar 2008 18:47:46 GMT https://community.sap.com/t5/application-development-and-automation-discussions/context-sensitive-authorization/m-p/2724278#M632179 sukhbir_singh3 2008-03-03T18:47:46Z