-
Products and Technology
By Category
-
Groups
Activity Groups
Industry Groups
Influence and Feedback Groups
Interest Groups
Location Groups
Customer Only Groups
- Developers
- Partners
- Events
- Help Center
- Topic Pages
-
Explore SAP
Products
Learning and Support
-
- Products and Technology
- Groups
- Developers
- Partners
- Events
- Help Center
- Topic Pages
-
Explore SAP
- Explore SAP
-
Products
- Products
- SAP Business Suite
- Artificial Intelligence
- Business applications
- Data and analytics
- Technology Platform
- Financial Management
- Spend Management
- Supply Chain Management
- Human Capital Management
- Customer Experience
- SAP Business Network
- View products A-Z
- View industries
- Try SAP
- Partners
- Services
- Learning and Support
- About
- SAP Community
- Groups
- Interest Groups
- Application Development and Automation
- Discussions
- authorization group
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
authorization group
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2008 Jun 18 8:59 AM
- SAP Managed Tags
- ABAP Development
- Security
Hi,
I want to know about authorization group attributes like when it is created who is created.
can anyone give me idea?
thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2008 Jun 18 10:06 AM
- SAP Managed Tags
- ABAP Development
- Security
hello,
All authorization objects stores in TPGP table.
First create a entry in the TPGP table ( for ex. zv30_320 is a entry) .
Go to se 38 -> ur report -> menu -> goto -> attributes -> authorization group -> give that created entry ( zv30_320 here).
Thus we can create the authorization objects.
2 way:
using company code activity and object id programatically we can create the authorization object.
Which method u required plz let me know.
So that i can come in detailed.
OR
SU20 and SU21 are useful for creating FIELD and Object authorizations. i need to create authorization Group for DB Maintenance
reward me points if it is useful.
Thanks,
Sridhar.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2008 Jun 18 10:08 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2008 Jun 18 10:10 AM
- SAP Managed Tags
- ABAP Development
- Security
Authorization Gropu is required to restrict access to Reports( thorugh object S_PROGRAM) and also restrict acces to Tables (through object S_TABU_DIS)
For Tables:
- S_TABU_DIS is checked anytime someone looks at data in a table
directly (with one of these transactions - SE16/SE16N, SE17, SM30,
SM31 - or the Implementation Guide).
S_TABU_DIS has two fields: Activity and Authorization Group.
TheAuthorization Group field is mapped to which tables a user can
access. The mapping is performed in table TDDAT. Table TDDAT
maps the Authorization Group to a list of tables.
You can create a new Authorization Group using Transaction SE54.
For Reports:
You can use the authorization object S_PROGRAM to control the
authorization to execute a program. S_PROGRAM uses the following
fields:
- User Action determines if you can start the program and schedule it to
run in batch mode, and what variants you can use.
- Authorization Group determines which programs you can execute.
The Authorization Group field comes from the authorization group in the
attributes of an ABAP program.
For this authorization object to be effective, ABAP programs must have an
authorization group assigned to them in the attributes of the program. If a
program does not have an authorization group assigned, the system does
not carry our a check for S_PROGRAM. For this reason, you may want to
always assign an authorization group to programs created by customers.
With the RSCSAUTH program, you can assign an authorization group
to all executable programs or to individual programs or program groups.
This ensures effective protection.
Hope it helps.
Please award points if it is useful.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2008 Jun 18 10:10 AM
- SAP Managed Tags
- ABAP Development
- Security
Authorization Gropu is required to restrict access to Reports( thorugh object S_PROGRAM) and also restrict acces to Tables (through object S_TABU_DIS)
For Tables:
- S_TABU_DIS is checked anytime someone looks at data in a table
directly (with one of these transactions - SE16/SE16N, SE17, SM30,
SM31 - or the Implementation Guide).
S_TABU_DIS has two fields: Activity and Authorization Group.
TheAuthorization Group field is mapped to which tables a user can
access. The mapping is performed in table TDDAT. Table TDDAT
maps the Authorization Group to a list of tables.
You can create a new Authorization Group using Transaction SE54.
For Reports:
You can use the authorization object S_PROGRAM to control the
authorization to execute a program. S_PROGRAM uses the following
fields:
- User Action determines if you can start the program and schedule it to
run in batch mode, and what variants you can use.
- Authorization Group determines which programs you can execute.
The Authorization Group field comes from the authorization group in the
attributes of an ABAP program.
For this authorization object to be effective, ABAP programs must have an
authorization group assigned to them in the attributes of the program. If a
program does not have an authorization group assigned, the system does
not carry our a check for S_PROGRAM. For this reason, you may want to
always assign an authorization group to programs created by customers.
With the RSCSAUTH program, you can assign an authorization group
to all executable programs or to individual programs or program groups.
This ensures effective protection.
Hope it helps.
Please award points if it is useful.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2008 Jun 18 10:13 AM
- SAP Managed Tags
- ABAP Development
- Security
Hi,
Authorization Groups: -
Authorization groups are used to group the logically related objects.
· In the table maintenance screen, an entry for the authorization group should be created.
· While creating the program the authorization group should be specified in the attributes screen of the program.
· In the view TRDIR, we can get the list of all the objects associated to the authorization group.
for more information go through this links:
http://www.sapmaterial.com/authorization_checks.html
http://help.sap.com/saphelp_sm32/helpdata/en/6e/eb949c2d7911d4b5bf006094192fe3/content.htm
http://help.sap.com/saphelp_46c/helpdata/EN/35/26b17fafab52b9e10000009b38f974/content.htm
Regards
Adil
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2008 Jun 18 10:13 AM
- SAP Managed Tags
- ABAP Development
- Security
Hi,
you can use transaction SE54 or simply in the program attribute you can type in a name for the group and it will get created into TPGP table.
you can also use program RSCSAUTH to assing authorization group to programs.
Eg: How to add Materials to Authorization group
Goto SPRO==>Logistics - General==> Material Master ==> Tools ==> Maintain Authorizations and Authorization Profiles
Thanks
Vikranth
Bluesky