Solved: Performance issue with structural authorizations

former_member323222 · ‎2020 May 14

Hi,

In our company, we have an important issue with structural authorizations... let me explain the situation...

The objects added to our structural authorizations are:

As a result, the calls to standard FM like RH_READ_INFTY_1000 or RH_STRUC_GET have a huge delay (20-30 seconds)...

Running the RHBAUS02 report we saw that most of the users have around 30k-40k authorization objects (some of them even 80k-90k)...

Is it normal? What can we do to improve performance? We can't add 5,000 users to SAP Data Memory...

Thanks!

Miguel Angel.

jbm-sceis · ‎2020 May 14

My advice to you, which you may not like, is that the less you use structural authorizations the better. While in concept the structurals are a fantastic idea, in reality it is a performance killer. Try and use standard PFCG authorizations as much as possible and only use structural authorizations where organizational relationships are a necessity to define the security. I normally only use O, S and P object types, but on occasion I will use others depending on the circumstances. Unfortunately you may have to rethink your role strategy at this point. Good luck!

James Murphy

Sandra_Rossi · ‎2020 May 14

Could you trace where the performance issue is, please?

former_member323222 · ‎2020 May 14

Hi Sandra,

When checking the structural authorizations... for instance, when executing the following FM: RH_STRU_AUTHORITY_CHECK.

Miguel Angel.

jbm-sceis · ‎2020 May 14

My advice to you, which you may not like, is that the less you use structural authorizations the better. While in concept the structurals are a fantastic idea, in reality it is a performance killer. Try and use standard PFCG authorizations as much as possible and only use structural authorizations where organizational relationships are a necessity to define the security. I normally only use O, S and P object types, but on occasion I will use others depending on the circumstances. Unfortunately you may have to rethink your role strategy at this point. Good luck!

James Murphy

former_member323222 · ‎2020 May 14

Yes, absolutely agree with you... I used to see O-S-P objects in structural authorizations, but the first time I see all the other objects in it! I noticed it after we developed some Fiori apps, where the performance was extremely bad... and after some analysis, we found all this mess there!

For the moment, I guess the only thing we could do with it is to use SAP Data Memory temporarily and move away as much as we can from structural authorizations... 😞

Just one more question... Is it normal than in reports created directly in SAP backend with ABAP, the performance is much better than with developments calling remote FM from external systems? All should have been checking structural authorizations (calling at the end same standard FM), but when calling them from the backend itself the performance is "acceptable"... and I don't understand the difference...

Thanks!

Miguel Angel.

jbm-sceis · ‎2020 May 14

I have seen that as well. As to the exact cause of the slowdown I would ask your Basis and/or Network teams. There may be firewalls, gateways and overall network latency involved between the two systems. You would need to see how many back and forth messages are involved.

James

By Category

Related Content

Activity Groups

Industry Groups

Influence and Feedback Groups

Interest Groups

Location Groups

Customer Only Groups

Forums

Related Resources

Products

Learning and Support

About

My Account

My Account

Performance issue with structural authorizations