Community
Application Development and Automation Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

re: authorization object

Go to solution
Former Member

‎2005 Dec 06 8:59 AM

0 Likes
981

Hi,

I have created authorizatin field for authorization object and class. So now how can i add this authorizationh object for a particular user.

rgds

p.kp

1 ACCEPTED SOLUTION
Read only

Go to solution
Former Member

‎2005 Dec 06 9:04 AM

0 Likes
928

Hi paluri,

1. what i understand is that u

want to provide rights to a user

for your authoirsation object.

(not how to use in abap using authority-check)

2. well for that u have to assign

thru roles:

use tcode PFCG.

in that u have to select/enter a role

3. There after u can add a authorisation

object manually and provide

the rights - field wise.

Probably the basis team might help you for this.

regards,

amit m.

7 REPLIES 7
Read only

Go to solution
Former Member

‎2005 Dec 06 9:04 AM

0 Likes
928

Where ever you need to restrict..

by providing the piece of code...

in initalization

authority-check object 'V_VTTK_SHT'

id 'ACTVT' field '02'

id 'SHTYP' dummy.

if sy-subrc <> 0.

message e059(zz).

endif.

Read only

Go to solution
Former Member

‎2005 Dec 06 9:04 AM

0 Likes
929

Hi paluri,

1. what i understand is that u

want to provide rights to a user

for your authoirsation object.

(not how to use in abap using authority-check)

2. well for that u have to assign

thru roles:

use tcode PFCG.

in that u have to select/enter a role

3. There after u can add a authorisation

object manually and provide

the rights - field wise.

Probably the basis team might help you for this.

regards,

amit m.

Read only

Go to solution
Former Member

‎2005 Dec 06 9:10 AM

0 Likes
928

Hi

for a particular user we have three ways of authorization check:

<b>Authorization </b>

Enter in the user master record or part of an authorization profile. An authorization comprises complete or generic values for the authorization fields in an authorization object. The combination determines the activities with which a user can access certain data.

Maintenance in transaction SU03 or generation from transaction PFCG (profile generator for role maintenance).

<b>Authorization Profile </b>

Grouping of several individual authorizations or further authorization profiles. Can be entered in the user master record instead of individual authorizations. An authorization can be assigned to authorization profiles as often as you wish.

Maintenance in transaction SU02 or generation from transaction PFCG (profile generator for role maintenance).

<b>User Master Record </b>

The existence of a user master record is a prerequisite for logon to an SAP system. The master record determines which actions a user is allowed to execute and which authorizations they are assigned. Default settings, such as the format in which decimal places are displayed in lists, are also stored in the user master record. An authorization profile can be assigned to users as often as you wish.

Maintenance in transaction SU01.

Hope this helps

Regards

Amit

Read only

Go to solution
Former Member
In response to Former Member

‎2005 Dec 06 9:34 AM

0 Likes
928

Hi,

amit i added that authorized object into the role and i generated that role. Then other than me able to access that field.

rgds

p.kp

Read only

Go to solution
Former Member

‎2005 Dec 06 9:38 AM

0 Likes
928

Hi again,

1. well, it depends

to which which users

this Role has been assigned to.

This information is available in the same tcode

PFCG.

Regards,

Amit M.

Read only

Go to solution
Former Member
In response to Former Member

‎2005 Dec 06 9:54 AM

0 Likes
928

Hi,

I created authorization object zemp and added the dataelement for that empno. And i added

AUTHORITY-CHECK OBJECT 'ZEMP'

ID 'EMPNO' FIELD A.

IF SY-SUBRC <> 0.

MESSAGE E000(ZEN).

ENDIF.

But for what field values i can restrict the user and how can i add those restricted values to that object.

rgds

p.kp

Read only

Go to solution
Former Member

‎2005 Dec 06 10:06 AM

0 Likes
928

Hi again,

1. use tcode PFCG

to create/modify role

2. In that there is one tab - AUTHORIZATIONS.

3. In this tab, at below,

there is a Display Button

Click That.

4. A new screen will come.

5. From this screen u can ADD the authorisation object.

6. When adding, it will also ask

the Values of the respective fields,

for which the user needs to be given authorisation.

eg. for field BUKRS, it will ask

1000, 1100, etc.

-

7 In your program u can restrict the user

only by checking the value of that field.

Authority-check.

eg user has entered 1100 in bUKRS,

and he does not have right for 1100,

sy-subrc <> 0,

check here, and proceed accordingly.

8. u can give warning/error message etc.

9. I still feel, that basis team might help

u with PFCG tcode

(bcos it is their daily routine job)

Hope it helps.

regards,

amit m.