Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

ABAP Code To Authenticate Users

Former Member
0 Kudos

Hi,

How can I code a ABAP program/function which will authenticate a user based only on their user id? Do not want to use their password.

I want the entire authentication process to happen in the ABAP code.

Any ideas?

Thanks,

Audrey

6 REPLIES 6

Former Member
0 Kudos

Go to transaction code SE37 and do a search on susr_user*

You may find a function module which may solve your purpose.

Thanks

Former Member
0 Kudos

Your requirement is not clear. The user id of a user running an ABAP will be there in SY-UNAME .

Authority checks command AUTHORITY-CHECK automatically checks the authorization of the user running the report.

You can put your security check using above command .

Cheers

Former Member
0 Kudos

Hi Audrey,

SAP uses authorization objects for authority checks.

You need to create these objects in SAP and check for the authorizations in ur program for this object you created by using the abap statement authority-check.

the auth object can have various parameters, based on which auth is checked. Read sap docu for more info.

Remember 2 reward poitns and close this thread if ur Q is answered.

Rgds,

Prash>

Former Member
0 Kudos

Hi,

To check the authorization of the user of an ABAP program, use the AUTHORITY-CHECK statement:

AUTHORITY-CHECK OBJECT '<object>'

ID '<name1>' FIELD <f1>

ID '<name2>' FIELD <f2>

.............

ID '<name10>' FIELD <f10>.

<object> is the name of the object that you want to check. You must list the names (<name1>, <name2> ...) of all authorization fields that occur in <object>. You can enter the values <f 1 >, <f 2 >.... for which the authorization is to be checked either as variables or as literals. The AUTHORITY-CHECK statement checks the user’s profile for the listed object, to see whether the user has authorization for all values of <f>. Then, and only then, is SY-SUBRC set to 0. You can avoid checking a field by replacing FIELD <f> with DUMMY. You can only evaluate the result of the authorization check by checking the contents of SY-SUBRC. For a list of the possible return values and further information, see the keyword documentation for the AUTHORITY-CHECK statement. For further general information about the SAP authorization concept, refer to Users and Authorizations.

There is an authorization object called F_SPFLI. It contains the fields ACTVT, NAME, and CITY.

SELECT * FROM SPFLI.

AUTHORITY-CHECK OBJECT 'F_SPFLI'

ID 'ACTVT' FIELD '02'

ID 'NAME' FIELD SPFLI-CARRID

ID 'CITY' DUMMY.

IF SY-SUBRC NE 0. EXIT. ENDIF.

ENDSELECT.

If the user has the following authorizations for F_SPFLI:

ACTVT 01-03, NAME AA-LH, CITY none,

and the value of SPFLI-CARRID is not between "AA" and "LH", the authorization check terminates the SELECT loop.

Hope it helps u.

Thanks&Regards,

Ruthra.R

Former Member
0 Kudos

I basically want to the ABAP program to login the user based only on the user name.

I'm writing a custom SSO solution because our 3rd party application doesn't fit into any of the traditional SSO models.

Is it possible to login a user using ABAP?

0 Kudos

I think you can set up a remote enabled FM that logs on a user anonymously and also passes the userid of the user. You would have to set up the destination in SM59. The FM would then have to look at whatever tables you need to need to verify the user yourself.

Rob