Community
Application Development and Automation Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

supress authentication check from within ABAP code

Former Member

‎2011 Jan 17 11:31 AM

0 Likes
566

Hi,

we want all users to update their email-address in their own sap profile. (a self service)

By default, in the screen "System"->"User Profile"->"Own Data", he can update all except his email-id.

For this, we have written an abap report.


DATA: p_smtp TYPE TABLE OF bapiadsmtp WITH HEADER LINE,
      p_return TYPE TABLE OF bapiret2 WITH HEADER LINE,
      p_addressx TYPE bapiaddr3x.

data: p_uname TYPE xubname.
PARAMETERS:   p_email TYPE ad_smtpadr OBLIGATORY.
      
      
      p_uname = sy-uname. "logged in user

      p_smtp-e_mail = p_email.
      p_smtp-std_no = 'X'.
      p_smtp-home_flag = 'X'.
      p_smtp-consnumber = '001'.

    p_addressx-e_mail = 'X'.

    CALL FUNCTION 'BAPI_USER_CHANGE'
      EXPORTING
        username = p_uname
        addressx = p_addressx
      TABLES
        return   = p_return
        addsmtp  = p_smtp.

when we execute this report, with all rights, it works fine.

but a normal user when he executes, he is getting this error:

"You are not authorized to change users in group"

the su53 screen shows:

Authorization check failed Object Class BC_A Basis: Administration Authorization Obj. S_USER_GRP User Master Maintenance: User Groups Authorization Field ACTVT Activity 02 Authorization Field CLASS User group in user master maintenance <Dummy>

the point here is we cannot add User Maintenance rights to all our normal users.

is there any way, within the report (code) we can suppress the authentication check, programatically just while calling 'BAPI_USER_CHANGE', so that the user will be able to update his email-id.

thanks in advance,

Madhu_1980

3 REPLIES 3
Read only

former_member201275
Active Contributor

‎2011 Jan 17 11:38 AM

0 Likes
512

Here are 2 useful links:

http://www.sapdev.co.uk/fmodules/fms_updateaddress.htm

If these don't help the noly thing I can suggest is that you write your own bdc program.

Regards,

Warren.

Read only

brad_bohn
Active Contributor

‎2011 Jan 17 4:04 PM

0 Likes
512

Why don't you just log the requests and run a job at frequent intervals with an appropriate user ID that calls the BAPI? Typically, self-service stuff like this (address changes, email changes, password resets) are done from an external app or portal and the underlying comm user that connects to the system has the authority to make the change.

Read only

Former Member
In response to brad_bohn

‎2011 Jan 18 5:20 AM

0 Likes
512 
@Brad Bohn :
>>Why don't you just log the requests and run a job at frequent intervals with an appropriate user ID that calls the BAPI?

thanks for this idea, your idea meets atleast partially the requirement.