-
Products and Technology
By Category
-
Groups
Activity Groups
Industry Groups
Influence and Feedback Groups
Interest Groups
Location Groups
Customer Only Groups
- Developers
- Partners
- Events
- Help Center
- Topic Pages
-
Explore SAP
Products
Learning and Support
-
- Products and Technology
- Groups
- Developers
- Partners
- Events
- Help Center
- Topic Pages
-
Explore SAP
- Explore SAP
-
Products
- Products
- SAP Business Suite
- Artificial Intelligence
- Business applications
- Data and analytics
- Technology Platform
- Financial Management
- Spend Management
- Supply Chain Management
- Human Capital Management
- Customer Experience
- SAP Business Network
- View products A-Z
- View industries
- Try SAP
- Partners
- Services
- Learning and Support
- About
- SAP Community
- Groups
- Interest Groups
- Application Development and Automation
- Discussions
- Re: Authorization Object Error
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Authorization Object Error
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2008 Mar 06 3:22 PM
- SAP Managed Tags
- ABAP Development
Hi,
I have created my own Auth Field "MY_TCODE" of data element TCODE in su20. Then I created one Object Class and created one Auth Object "ZTCODE_AO" in su21 with 2 Auth. Fields: ACTVT and MY_TCODE. Also I set permitted activities as 01, 02, 03, 16.
I created two users "USR1" and "USR2" in SU01. and I created 2 roles ZUSR1_ROLE and ZUSR2_ROLE in PFCG and assigned only these corr roles to the corr users. ( No other profiles or roles are assigned for the user )
1) for ZUSR1_ROLE, I assigned auth obj "ZTCODE_AO" with all activities for a user defined tcode "ZTR". So the user has all the rights.
2) for ZUSR2_ROLE, I dint assign the auth obj. So the user has no authorization.
In my code for transaction "ZTR":
DATA: p_tcode type sy-tcode.
p_tcode = sy-tcode.
AUTHORITY-CHECK OBJECT 'ZTCODE_AO'
ID 'ACTVT' FIELD '01' " Create or Generate access
ID 'MY_TCODE' FIELD p_tcode.
IF sy-subrc EQ 0.
CALL SCREEN 100.
ELSE.
MESSAGE 'You are not authorized to view this transaction' TYPE 'E'.
ENDIF.
Now my problem is when I login with the user id "USR1", I am getting this msg: "No authorization to read file /usr/sap/trans70/sapnames/USR1". When I proceed and execute the tcode, I am unable to use the transaction.
Kindly help me where I have done the mistake.
Regards,
SAP Lover.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2008 Mar 06 3:53 PM
- SAP Managed Tags
- ABAP Development
Hi,
Specify a message class in the report heading and then call the messages using the same class. So that the processing will be more effective.
As in ur example specified call the error message using a message class as shown below.
IF sy-subrc EQ 0.
CALL SCREEN 100.
ELSE.
message e000(zz) with 'You are not authorized to view this transaction'.
ENDIF.
Regards,
Kishore.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2008 Mar 06 5:00 PM
- SAP Managed Tags
- ABAP Development
Kishore,
My prob is not about the message. I could not use the transaction. For USR1 it should allow to use and for user USR2, it should not allow. But for USR1, it is not allowing to use.
Regards,
SAP LOver.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2008 Mar 06 9:28 PM
- SAP Managed Tags
- ABAP Development
For authorization on transaction code , please use S_TCODE authorization object .
The procedure you have used for authority check seems perfect to me.
The message "No authorization to read file /usr/sap/trans70/sapnames/USR1" has something to be done with BASIS. Try resolving it with your BASIS team.
regards,
G@urav.
Bluesky