Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

Create custom authorization field

Former Member
0 Kudos

All,

Can any one give me what are the issues if we create new authorization field in SAP, in security maintanance side.

We have a requirment where we have to have differant wording for actvt field, we have created new table ztact and zactvt for differant wording. is there any problem with it?

standard TACT - actvt

01 create / Generate

we have created new table

01 access first tab

like this we have differant wording.

Appreciated for your help.

16 REPLIES 16

Former Member
0 Kudos

i'm not sure i understood your question ... does 'wording' mean you want a translation for some of the authorization objects and/or fields?

if yes, you could have done so using transaction SE63. have you explored this one? make sure you read its documentation, as this transaction is not self-explanatory.

Bernhard_SAP
Advisor
Advisor
0 Kudos

Hi,

you can simply create the new field in TX SU20. If the behaviour should be the same as field ACTVT, just take over the same settings, for instance input check for F4=TACT.

b.rgds, Bernhard

0 Kudos

Already we have created table and field but I want see what are the issues from Security side for maintanance

0 Kudos

Hi,

well if you have already defined the field successfully, you need to insert it into you authorization objects.

I strongyl recommend, not to insert your z-actvt into SAP standard objects!

After you have defined your objects, oyu have to update the coding of the corresponding transactins/reports, so that your z-authorization objects get checked in the Kernel. (pls refer to the abap-documentation on the statement 'authority-check')

then update the SU24-settings for the transactions where your new object(s) shall be checked.

then test those transactions.

b.rgds, Bernhard

0 Kudos

Bernhard,

I did insert a new Authorization Field name into an SAP Standard Authorization Object.

Do you know how I can remove it?

Thank you,

Angelo

0 Kudos

You could try via version management to activate the previous SAP version of the object?

If it won't let you transport it, you might need to do this manually in each system (if you have version management activated for transports....).

Cheers,

Julius

0 Kudos

>

> You could try via version management to activate the previous SAP version of the object?

Julius,

Can you please provide us with (pointers to) information about this version management?

Thanks,

Jurjen

0 Kudos

Hi Angelo,

as far as I remember it is not possible in standard to remove a single field of an object definition. The system will give you a message stating that the complete object has to be deleted and recreated. Well, thats much effort......

Easier would be to transport the object from a system (QAS?) where you did not modify it back to your DEV. (Transport object=R3TR SUSO <objectname>)

b.rgds, Bernhard

0 Kudos

> Can you please provide us with (pointers to) information about this version management?

Some objects have "versioning". For example from SE38 etc you can display a program and then open the menu to... Versions => Version Management and display previous versions of the program (and reactivate them). Search "OSS" for "VERS_AT_IMP = true" for more infos.

This does however not exist for Authorization Objects.

So I was wrong, or just thinking wishfully...

Cheers,

Julius

Edited by: Julius Bussche on Sep 5, 2008 12:50 PM

0 Kudos

Bernhard,

I modified it in DEV. So if I transport (Transport object=R3TR SUSO <objectname>) your saying I should do it from QAS to DEV.

Can you explain how I could do that? How do I access the object R3TR SUSO?

Thank you for your help?

0 Kudos

Juluis,

Thank you for your response.

So your saying version management does not work for Authorization Objects?

0 Kudos

I deleted your other question so that we can keep the answers together here.

> So your saying version management does not work for Authorization Objects?

I am not saying that it does not work, but rather that it is not available for Authorization Objects.

Perhaps as a work-around you could simply give all roles with this SAP object in it * value for your Z-field. That would effectively deactivate it.

Out of curiosity, which object is it?

Cheers,

Julius

0 Kudos

Hi Angelo,

your basis administrators can help you to create a manual transport in QAS.

SE03->create>I suggest to use 'Transport of copies'>doubleclick on new transport request>press edit button>enter at 'Program ID' R3TR, in 'Object type' SUSO, in 'Object name' the name of the object in question. Save.

Then proceed as per your requirement for the transport ....(ic you have a transportroute from QAS to DEV its no problem, otherwise you can transport it exceptionally (move to the correct import Queue manually and import then.

b.rgds, Bernhard

0 Kudos

Julius,

Thanks. The object is V_VBRK_VKO

0 Kudos

Thanks I will give this a try.

0 Kudos

> V_VBRK_VKO

Okay thanks, I thought it might be some particularly interesting or special object.

Just curious

Julius