-
Products and Technology
By Category
-
Groups
Activity Groups
Industry Groups
Influence and Feedback Groups
Interest Groups
Location Groups
Customer Only Groups
- Developers
- Partners
- Events
- Help Center
- Topic Pages
-
Explore SAP
Products
Learning and Support
-
- Products and Technology
- Groups
- Developers
- Partners
- Events
- Help Center
- Topic Pages
-
Explore SAP
- Explore SAP
-
Products
- Products
- SAP Business Suite
- Artificial Intelligence
- Business applications
- Data and analytics
- Technology Platform
- Financial Management
- Spend Management
- Supply Chain Management
- Human Capital Management
- Customer Experience
- SAP Business Network
- View products A-Z
- View industries
- Try SAP
- Partners
- Services
- Learning and Support
- About
- SAP Community
- Groups
- Interest Groups
- Application Development and Automation
- Discussions
- Re: Authority_check_tcode Function module
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Authority_check_tcode Function module
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2010 Sep 16 6:23 PM
- SAP Managed Tags
- ABAP Development
I am calling a custom trasaction from within a report program. If the security roles have already been set up fo rthe custom transaction,Is it required to perform an explicit authority check using FM AUTHORITY_CHECK_TCODE. Is there any benefit in doing that.
Example code
call function AUTHORITY_CHECK_TCODE
call transaction ZXYZ.
You comments are appreciated.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2010 Sep 16 6:29 PM
- SAP Managed Tags
- ABAP Development
If you have that code in the program, people with only SA38/SE38 authorization and do not have ZXY T-code authrization, can not run the program. It gives more restrictions.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2010 Sep 16 7:01 PM
- SAP Managed Tags
- ABAP Development
Normally when custom transaction is created, the scope of people who are going to use it will be restricted to whom received proper authorization entry in their profile. In simple words, it is Basis team who determines who can access the transaction. So authorization check is right there, no need to add any custom one.
In contrary, when you call transaction from within the program it is likely that tcode authorization check is skipped. Actually it is up to configuration made in SE95 (as far as I remember there should be some global check box saying whether to check auth or not). Unless someone changed that setting, there will be no check made by default during CALL TRANSACTION. So checking this authorization yourself is proper way of ensuring unathorizated access to tcode is not made.
To conclude, yest this is good approach:)
Regards
Marcin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2010 Sep 17 5:06 AM
- SAP Managed Tags
- ABAP Development
Hi,
The CALL TRANSACTION function module will not perform an authority check on the t-code being called unless you
call function module AUTHORITY_CHECK_TCODE prior to the CALL TRANSACTION.
This is explained in OSS Note: 696574 as follows:
No authorization check is performed with CALL TRANSACTION - in contrast to when you start the transaction directly.
If the same authorizations are to be checked for CALL TRANSACTION as when starting the transaction directly, the function module AUTHORITY_CHECK_TCODE must be called before CALL TRANSACTION. This performs exactly the same authorization checks as when the transaction is called directly.
Hope this helps.
Regards,
Soumya.
Bluesky