Community
Application Development and Automation Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

SU21

Former Member

‎2007 Dec 10 4:59 AM

0 Likes
1,388

what is the funcion module created in SU21.

Is this funtion module is comparing checking the authorisation for the value that we pass through our program with the values of authorisation/ roles assigned to that user

3 REPLIES 3
Read only

daixiong_jiang3
Active Participant

‎2007 Dec 10 5:20 AM

0 Likes
1,171

SU20---Maintain Authorization Fields

SU21---Maintain Authorization Objects

When we need to do a authority check by ourselves,we should define severial data fields we want to check,this can be done in se11 &SU20, then we consolidate these fields into one authority-check object using SU21,at the same time some permitted values will be defined.

then in the Z* program, we can use the following statement to do an authority-check:

AUTHORITY-CHECK OBJECT 'S_CARRID'

ID 'CARRID' FIELD carr

ID 'ACTVT' FIELD '03'.

IF sy-subrc <> 0.

MESSAGE 'No authorization' TYPE 'E'.

ENDIF.

Read only

Former Member
In response to daixiong_jiang3

‎2007 Dec 10 5:25 AM

0 Likes
1,171

i dont have authorisation for accessing the SU20 and SU21 thats why i was asking the funcion module directly to see how the authority-check statement is workin comparing the values passed in the program with the user master data maintained already

Read only

Former Member

‎2007 Dec 10 8:04 AM

0 Likes
1,171

If you think an authorisation failure is happending in a transaction, run the transaction, then run transaction SU53, this will show any failures along with the authorisation object and value which failed.