Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

Password Check

Former Member
0 Kudos
197

Hi ,

I want to make my classical report only to be run by a specified person who knows the passwprd . It must first check the password and run , How to get this

1 ACCEPTED SOLUTION

Former Member
0 Kudos
141
try this

Prompt user to enter the password , 

REPORT ychatest.
TABLES : SSCRFIELDS.
PARAMETERS : p_pass(8).

AT SELECTION-SCREEN OUTPUT.

  LOOP AT SCREEN.
    IF screen-name EQ 'P_PASS'.
      screen-invisible = '1'.
      MODIFY SCREEN.
    ENDIF.
  ENDLOOP.

AT SELECTION-SCREEN.
CHECK SSCRFIELD-UCOMM eq 'ONLI'.
  if P_PASS NE 'XXXXX'.
     message e001 with 'You are not allowed to run the report'.
  endif.

Message was edited by:

Chandrasekhar Jagarlamudi

Message was edited by:

Chandrasekhar Jagarlamudi

9 REPLIES 9

Former Member
0 Kudos
141

hi,

what you can do is create a module pool program asking for username and password. then validate the values entered and the let access to the program.

at the starting of the program call that module pool program by using call transaction.

regards,

Navneeth.K

Former Member
0 Kudos
141

Hi,

There won't be such password checks to run the reports

This type of things are controlled by creating authorization objects in each module, so that only the persons who have authorization to that will access the report/program.

see the doc on authorization:

In general different users will be given different authorizations based on their role in the orgn.

We create ROLES and assign the Authorization and TCODES for that role, so only that user can have access to those T Codes.

USe SUIM and SU21 T codes for this.

Much of the data in an R/3 system has to be protected so that unauthorized users cannot access it. Therefore the appropriate authorization is required before a user can carry out certain actions in the system. When you log on to the R/3 system, the system checks in the user master record to see which transactions you are authorized to use. An authorization check is implemented for every sensitive transaction.

If you wish to protect a transaction that you have programmed yourself, then you must implement an authorization check.

This means you have to allocate an authorization object in the definition of the transaction.

For example:

program an AUTHORITY-CHECK.

AUTHORITY-CHECK OBJECT <authorization object>

ID <authority field 1> FIELD <field value 1>.

ID <authority field 2> FIELD <field value 2>.

...

ID <authority-field n> FIELD <field value n>.

The OBJECT parameter specifies the authorization object.

The ID parameter specifies an authorization field (in the authorization object).

The FIELD parameter specifies a value for the authorization field.

The authorization object and its fields have to be suitable for the transaction. In most cases you will be able to use the existing authorization objects to protect your data. But new developments may require that you define new authorization objects and fields.

http://help.sap.com/saphelp_nw04s/helpdata/en/52/67167f439b11d1896f0000e8322d00/content.htm

To ensure that a user has the appropriate authorizations when he or she performs an action, users are subject to authorization checks.

Authorization : An authorization enables you to perform a particular activity in the SAP System, based on a set of authorization object field values.

You program the authorization check using the ABAP statement AUTHORITY-CHECK.

AUTHORITY-CHECK OBJECT 'S_TRVL_BKS'

ID 'ACTVT' FIELD '02'

ID 'CUSTTYPE' FIELD 'B'.

IF SY-SUBRC <> 0.

MESSAGE E...

ENDIF.

'S_TRVL_BKS' is a auth. object

ID 'ACTVT' FIELD '02' in place 2 you can put 1,2, 3 for change create or display.

The AUTHORITY-CHECK checks whether a user has the appropriate authorization to execute a particular activity.

This Authorization concept is somewhat linked with BASIS people.

As a developer you may not have access to access to SU21 Transaction where you have to define, authorizations, Objects and for nthat object you assign fields and values. Another Tcode is PFCG where you can assign these authrization objects and TCodes for a profile and that profile in turn attached to a particular user.

Take the help of the basis Guy and create and use.

reward if useful

regards,

ANJI

Former Member
0 Kudos
141

my report is classical report .....Not module pool program ?

0 Kudos
141

you can call any DIALOG box from your report also..... you need not create module pool program...

Former Member
0 Kudos
141

hi,

ta ies an exec program but for your reqmnt u have to create a module pool pgm and call that one in your standard program(classical report)

regards,

Navneeth.K

Former Member
0 Kudos
142
try this

Prompt user to enter the password , 

REPORT ychatest.
TABLES : SSCRFIELDS.
PARAMETERS : p_pass(8).

AT SELECTION-SCREEN OUTPUT.

  LOOP AT SCREEN.
    IF screen-name EQ 'P_PASS'.
      screen-invisible = '1'.
      MODIFY SCREEN.
    ENDIF.
  ENDLOOP.

AT SELECTION-SCREEN.
CHECK SSCRFIELD-UCOMM eq 'ONLI'.
  if P_PASS NE 'XXXXX'.
     message e001 with 'You are not allowed to run the report'.
  endif.

Message was edited by:

Chandrasekhar Jagarlamudi

Message was edited by:

Chandrasekhar Jagarlamudi

Former Member
0 Kudos
141

hi,

Make use of authorization objects and assign roles to the users so that they wont be able to run the report. Maintaining passwords doesnt do. As ABAP is open source, we can change the values of the variables even in debugging mode. So, validation check also doesnt meet your requirement.

Regards

sailaja.

Former Member
0 Kudos
141

You can craete a transaction for the same. In this transaction check for authorisation object.

Sandeep

Former Member
0 Kudos
141

parameters: pass(10) type c.

at selection-screen output.

loop at screen.

if screen-group3 = 'PAR'.

screen-invisible = 1.

modify screen.

Endif.

endloop.

at selection-screen.

if pass = 'SANTHOSH'.

Message 'Wrong Password' type 'E'.

endIf.

try this

santhosh