Community
Application Development and Automation Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

Difference between Authorization Object and an Object Class?

Go to solution
Former Member

‎2012 Aug 18 4:04 AM

0 Likes
5,040

Hi,

I've been a Java developer having a limited knowledge about ABAP.

While trying to understand the SAP Authorization concept, I came across the terms Authorization Objects and an Object Class.

Now as per my understanding of Object Oriented concepts, an Object is a run time instance of a Class.

So I'm a bit confused with the term ABAP Objects and an Object Class.

Can someone please answer my following questions:

1. What is the meaning of the term "Object Class" in ABAP?

2. What does Authorization Object mean? Since objects are created at run time, how can we create an object at design time?

Any replies will be of great help.

Regards,

Nitin

1 ACCEPTED SOLUTION
Read only

Go to solution
manish_shankar
Participant

‎2012 Aug 20 8:17 AM

0 Likes
3,053

Authorization Objects: It is a method of restricting users to access any particular application created in the system. It could simply be: denying user for viewing confidential data on-screen or denying access to certain Transactions.

Taking this feature into consideration, SAP gets the flexibility to decide at runtime whether a particular user is supposed to access a given application or not.  

Suppose you have a Z-table in our system that consists of confidential data, which cannot be accessed by all users. Only authorized persons can have access to the data. So, incase these tables are being used in any program, for display/write purpose, that program would be executed only by Authorized users. Please make sure to disable Table Entries, while creating tables, and not to create any Table Maintenance Generator also. Only this program would be used to perform read/write operations on the table.  

SU21 is the T-Code to create authorization object and object class.

Object Class contains one or more Authorization Objects. All authorization objects are allocated to exactly one class. This has no functional but allocating character. We will need this Object class to encapsulate the Authorization object that we will be creating.

3 REPLIES 3
Read only

Go to solution
Former Member

‎2012 Aug 18 8:12 AM

0 Likes
3,053

Hi

     Nitin

     Difference is very clear :

     we use this authoirzation objects to check whether the user is having an authoirzation to run perticular transaction, to view perticular data or to edit perticular view etc.

     while Object class is nothing but class similar to class in other languages like (Class you must have used in java ) .you can create this class by transaction SE24 in sap and define methods and attributes of the class. and the instance of that class is obviously created at runtime to call that method of perticular class.

For more detail please visit :

     http://wiki.sdn.sap.com/wiki/display/ABAP/What+are+Authorization+Objects

     http://help.sap.com/saphelp_nw04/helpdata/en/c3/225b5c54f411d194a60000e8353423/content.htm

Please revert back.

Regards,

     Aaradhana

Read only

Go to solution
Former Member

‎2012 Aug 18 9:53 PM

0 Likes
3,053

Hi Nitin,

Object Class : Are more or less the same classes (conceptually) that you define in Java.

In ABAP Classes can have Attribute, Methods and Events along with there visibility.

Here Attribute, Method and Visibility are same as Java (Conceptually), we have some thing new called Event, since Event does not exist in Core Java Classes.

Events can also be understood as  some sort of Method, which will be triggered on specific user action, may be Mouse Click.

Authorization Object : These are a set of fields that is used to check whether current user has authorization to execute any particular action in the System.

Authorization can be checked on any level, based on Business Requirement, may be Plant or Company Code or some other transaction or Business Area.

Java Handles these things in the name of JAAS.

Hope I am clear with my ideas,

In case of any doubt, kindly post.

Read only

Go to solution
manish_shankar
Participant

‎2012 Aug 20 8:17 AM

0 Likes
3,054

Authorization Objects: It is a method of restricting users to access any particular application created in the system. It could simply be: denying user for viewing confidential data on-screen or denying access to certain Transactions.

Taking this feature into consideration, SAP gets the flexibility to decide at runtime whether a particular user is supposed to access a given application or not.  

Suppose you have a Z-table in our system that consists of confidential data, which cannot be accessed by all users. Only authorized persons can have access to the data. So, incase these tables are being used in any program, for display/write purpose, that program would be executed only by Authorized users. Please make sure to disable Table Entries, while creating tables, and not to create any Table Maintenance Generator also. Only this program would be used to perform read/write operations on the table.  

SU21 is the T-Code to create authorization object and object class.

Object Class contains one or more Authorization Objects. All authorization objects are allocated to exactly one class. This has no functional but allocating character. We will need this Object class to encapsulate the Authorization object that we will be creating.