Application Development and Automation Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 
Read only

authorization concept

Former Member
0 Likes
784

hi experts,

Scenario: I have two users user1 and user2 and a transaction ZS01. user1 can access this transaciton while user2 must not.

Problem: How can i program this using auth concept. As i am new to this i need step by step procedure.

All answers will be rewarded.

saravanan

5 REPLIES 5
Read only

Former Member
0 Likes
697

hi,

check this below link may be helpful for you

Regards,

GUDURI

Read only

Former Member
0 Likes
697

The below code is useful to check if user has the authority to execute transaction.

AUTHORITY-CHECK OBJECT 'S_TCODE'

id 'TCD'

field 'ZS01'.

if sy-subrc ne 0.

  • User does not have authority for transaction zs01!

endif.

You may also refer this link:

http://help.sap.com/saphelp_nw2004s/helpdata/en/9f/dbaccb35c111d1829f0000e829fbfe/content.htm

Thanks,

Santosh

Read only

0 Likes
697

Saravanan, you will have to have your security team include the transaction code in the profile for user 1 and not do it for user 2.

In such a scenario, you do not need any program changes. When user2 tries to execute the tcode , he will get authorziation error

Read only

Former Member
0 Likes
697

Hi Saravanan,

Seems you want to provide access to both users (user 1 and user 2) but both of them should not access the transaction ZS01 at the same time. Is that correct? If yes, you cannot achieve this using auth. concept.

You have to do it through programming only.

Regards

Viswa

(Assign points if helpful)

Read only

Former Member
0 Likes
697

While you might not be able to do this with authorizations, depending on the roles the user has, you can do it another simple way.

Make an entry in table TVARVC (use SE16) where the name is something unique (like the program name) and the low value equal to the user ID. Then within the program add the statement:

SELECT SINGLE * FROM tvarvc

WHERE name = <unique name from above>

AND low = sy-uname.

message --- "you are not authorized to use this program".