hi

good

The SAP authorization concept protects transactions, programs, and services in SAP systems from unauthorized access. On the basis of the authorization concept, the administrator assigns authorizations to the users that determine which actions a user can execute in the SAP System, after he or she has logged on to the system and authenticated himself or herself.

To access business objects or execute SAP transactions, a user requires corresponding authorizations, as business objects or transactions are protected by authorization objects. The authorizations represent instances of generic authorization objects and are defined depending on the activity and responsibilities of the employee. The authorizations are combined in an authorization profile that is associated with a role. The user administrators then assign the corresponding roles using the user master record, so that the user can use the appropriate transactions for his or her tasks.

http://help.sap.com/saphelp_nw2004s/helpdata/en/52/671285439b11d1896f0000e8322d00/content.htm

thanks

mrutyun^

Look at the Page http://help.sap.com/ ore use The transaktion

SU53

BY Chris

Hi

Checking User Authorizations in your ABAP Program

How to set Authorization to an ABAP Programs?

Much of the data in an R/3 system has to be protected so that unauthorized users cannot access it. Therefore the appropriate authorization is required before a user can carry out certain actions in the system. When you log on to the R/3 system, the system checks in the user master record to see which transactions you are authorized to use. An authorization check is implemented for every sensitive transaction.

If you wish to protect a transaction that you have programmed yourself, then you must implement an authorization check.

This means you have to allocate an authorization object in the definition of the transaction.

<b>For example:</b>

program an AUTHORITY-CHECK.

AUTHORITY-CHECK OBJECT <authorization object>

ID <authority field 1> FIELD <field value 1>.

ID <authority field 2> FIELD <field value 2>.

...

ID <authority-field n> FIELD <field value n>.

The<b> OBJECT</b> parameter specifies the authorization object.

The <b>ID</b> parameter specifies an authorization field (in the authorization object).

The <b>FIELD</b> parameter specifies a value for the authorization field.

The authorization object and its fields have to be suitable for the transaction. In most cases you will be able to use the existing authorization objects to protect your data. But new developments may require that you define new authorization objects and fields.

Use T/Code SE80 to Create Authorization object.

You can assign Authorization object to a transaction.

Use T/code SE93 and --> Create Ztransation --> Add your authorization object in "Authorization object" field.

Who ever want to execute this transaction must have the authorizations as you have mentioned in ur authorization object.

Authorization groups are created in SE54.

authorization object are assigned to dataelements

wheres are authoriz groups are assigned to tables

<b>reward poinys for useful ans</b>

<i>Regards

Ankit</i>

Hi,

The main use of Authority object Check is to give authorization to the specific users. If Authority check is not given any user can use the program or table.

Ex:- In the below example i am applying the authority check for the specific t_code.

AUTHORITY-CHECK OBJECT 'S_TCODE'

ID 'TCD'

FIELD c_tcode.

IF sy-subrc NE 0.

MESSAGE e000(38) WITH text-002.

ENDIF.

in the above example 'S_TCODE'is the Object name, ‘TCD’ is the object id and c_tcode is the field name which we have used in our program.

Reward points if useful.

Thanks & Regards,

Vasudeva Rao.