Auth Objects & Programs

Sorry wrong forum...
Hi,
checking with suim I found out in wich program is used one specific auth. object.
Is there some table where I can find this information Programs->Auth. Objects?
Thanks.
FedeX
Edited by: FedeX on Nov 4, 2008 4:35 PM

Hello FedEx,
Table TSCTA is what you are looking for --- I have also included a very helpful link to the SAP Help Page to help you with a few other questions you might have regarding authorization.
http://help.sap.com/saphelp_nw04s/helpdata/en/52/67129f439b11d1896f0000e8322d00/content.htm
Cheers,
Nate

Similar Messages

  • Auth Objects in ABAP Programs

    Dear All,
    how could I find the auth object being validated in programs?
    Using SU24 I am able to find transactions checking auth object...but I am not quit sure sure if there are some other programs using/checking those auth objects.
    In general I want to check one specific auth object where is used/checked.
    I will appreciate your help.
    Regards
    FedeX

    Please use the standard report RSABAPSC to check the authority check statements used in the program for any TCode. Also you can look into ABAP codes in more details by using the program RSANAL00.
    Regards,
    Dipanjan

  • (+) add auth object to a transaction but as it is already in z-program  I

    I have a transaction containing a z-program with an added authorisation check (object V_VBAK_VKO). I guess this change shoud appear in transaction “su24”.
    Of course there is possibility to add auth object to a transaction but as it is already in z-program  I assume this is not needed.
    What is your opignion?

    what you have in your z-program is the function authority-check 'yaddayadda'. this will work, of course - but you should activate it in SU24 so that everyone can see there's an object added to the transaction (not every security admin will or can read abap.coding). also it enables that the security admin will receive this object every time he/she adds your z-transactio to a new role as a suggestion (so it will not be forgotten).
    it's more transparent this way - for sec-admins, non-abapers and end-users ...

  • Help need in creation of auth object

    Hi all,
    can anyone assist me in creating an auth object to restrict users based on plant.
    I would appreciate i anyone of you could send me screen shots of the procedure.
    My email id is
    <b><removed by moderator></b>
    Thanks
    Venki

    Hi,
    Basically you can use derived role and restric users based on plant...
    Other than standard objects do you want to create auth objects.
    For more information on you can follow link. info on objects
    http://help.sap.com/saphelp_47x200/helpdata/en/ea/e9b0054c7211d189520000e829fbbd/frameset.htm
    Cheers
    Soma

  • Re : select-options in abap-objects program

    Dear friends,
                      I want to give select-options in abap-objects program. How to give that.
                                 Thanking You
    with regards,
    Mani

    In the transaction SE24, enter your class name, click modify.
    in the tab named "Types" you have to declare two types. By example, if you want to receive one select-options that in your program that uses this class is declared like:
    " P_SAKNR FOR SKAT-SAKNR".
    you've got to declare two types in the class:
    a- TYPES:  begin of E_S_SAKNR,
                          sign(1),
                          option(2),
                          low(10),
                          high(10),
                      end of E_S_SAKNR.
    b - TYPES E_T_SAKNR type standard table of E_S_SAKNR.
    so, in the class method that you want to receive P_SAKNR as importing parameter. You got to do this:
    method TEST importing ET_SAKNR type E_T_SAKNR.
    now, in the implementation of this method you should be able to use ET_SAKNR as the same way as you usually use a parameter or a select-option. You could use it in a select with the operator IN by example..

  • BW Authorizations/Report. Auth Object/KF's vs. Calc. KF's

    We implemented a custom/reporting auth. object to protect key figures (1KYFNM) and it works well. The issue is that our user community never ceases to come up with new and even more creative requirements.
    Let me illustrate the latest requirement:
    I have locked-down access to certain key figures (let's call them 'KF A' and 'KF B') and therefore subsequently secure all combinations involving either one of the two meaning calc. KF D (KF A plus KF C) is locked down as well. I also need to mention that users are supposed to be able to create their own ad-hoc queries, which eliminates the option of limiting them to a query or set of queries that accomplish the following requirement.
    There are certain totals, which are calc. KF's that the users are allowed/required to see even though they are not supposed to see what makes up these numbers (they should see calc. KF K which is made up of KF A, KF B, and KF H, etc. but not KF A and KF B).
    Without the option of providing the users with rather static queries, I see another option as calculating 'KF K' (from the previous example) at the time of the load and just making it another key figure in the cube which then can be excluded from the auth. check previously mentioned based on the naming convention. The problem with that is that this will make reporting rather inflexible, increase load times as this calculation is rather complicated, and it will also create redundant information in an environment that is already experiencing substantial growth and volume.
    Does anyone see any other solution?
    Thanks,
    Joerg

    Jeorg,
    I'm afraid that there's no special authorization handling for calculated key figures. To my best knowledge, the approach to create another key figure at data load time via transfer rules or update rules would be the only one can work. While this approach may not be flexible, but the load time should not increase significantly if you just add two key figure values into a new one.
    If you find this is approach is unacceptable or it is a common requirement among BW community, you might consider submit such requirement through ASUG BI Group or via OSS development request.
    Thank you for your question and patience.
    Regards,
    Amelia Lo
    SAP NetWeaver RIG, US
    SAP Labs, LLC

  • How can I limit/control the addition of auth. objects to security roles?

    Checking the authorization object S_USER_VAL it seemed that it grants the ability to limit the addition of authorization objects, but I tried using a test ID in sandbox along with a test role, removing the object, creating ranges in order to limit to a certaing type of auth. objects and didn't work. S_USER_AGR will give me access to limit which type of roles I can modify, but I'm looking to restrict the addition of specific security objects to security roles. If anyone knows the answer to this please share! Thanks in advance for your help!!!!
    Edited by: Armando Salas on Nov 29, 2011 7:41 PM

    Hi Armando,
    Try with auth.obj. S_USER_AUT. A suggestion. Search this objects with tcode SU24, for instance, for tcode PFCG and it gives a list with objects.
    I hope this helps you
    Regards
    Eduardo

  • Can we control Work center group links using auth object UIU_COMP

    Hello All,
    We are running into an issue while doing our PFCG role configuration.
    I need to know if we can control Work center group links in a business role through auth object UIU_COMP.
    We can control Workcenter's but not 'Work Center Group Links'.
    Here is what we did:
    - We have a business role Z_RA_DEFAULT.
    - The Nav Bar Profile SRV-PRO for this business role has some work center group links that are checked in menu and visible.
    - I'm trying to find the values in the auth object UIU_COMP to restrict Work center group links.
    - Even though the values Work center group links are in menu and visible,
    I want to remove these Work center group links from the screen using the auth object.
    - If we remove the check from in menu and visible in the business role the Work center group links disapper from the screen.
    Right now this is only way we are able to controle Work center group links.
    Question:
    - Can I use UIU_COMP to restrict Work center group links?
    - any another auth object that controle Work center group links?
    - any document/ website / info  available which tells us what can we restrict with auth object UIU_COMP?
    - or any other way of doing this... like code change, user exit, ....?
    Really appreciate your help.
    Thanks,
    Nasir

    I am not sure if I have understood the issue correctly, but still what stops you from actually creating a clone business role to your existing business role and deactivating the in menu visible work center group links. Use this new business role for users who need to be prevented from viewing the work center groups links in question.
    If you are going to use authorization objects to control the visibility wont it impact all users (still defeating your original purpose?)
    Again apologies in case I have got the question wrong.

  • Is there a listing of all Auth.Objects for SAP and the discription for them

    I would like to know if there is a listing of all the Auth.Objects  for SAP out there somewhere??
    Thank you,
    Robert

    > Auth.Objects  for SAP out there somewhere??
    You want all the customer objects as well in all SAP systems?
    (Or just those in your TOBJ?)
    PS: Please try the F1 key on fields to find their tables (or structures) and give the search a try as well...
    Cheers,
    Julius

  • S_PROJECTS auth object

    I am trying to create a role for IMG display access only
    I made ACTVT in all the Auth objects "03" or "display"
    but in S_PROJECTS auth object, in "activity" there is no "display" , how do I make ACTVT in S_PROJECTS object "display"
    Thanks
    Message was edited by:
            Jackofalltrades

    Hi,
    First of all all activities dont apply to all auth objects.(for example generate activity might not be applicable for all auth objects)
    So SAP proposed what activities might be relevant to a particular Auth Object.
    This information is in TACTZ Tables.
    So perhaps u can verfiy the table and u would find that the entries displayed in ur Activity for S_PROJECTS would be the same values as are in S_PROJECTS values in TACTZ table.
    HoweverYou can maintain 03 for this object too.
    Select the pencil button for the activity field.
    It will take u to a dialog box which contains activity fields.
    Now if u dont find the 03 field there. Then right click on the screen and select more values option.
    It would display all the activities.
    However if the 03 field is not mentioned as a proposed activity for that Object by SAP (u can see this info in TACTZ) then make sure that u actually need this object for doing any display activites.
    Hope this helps
    Manohar

  • Error in TP Abap Objects Programs to MiniWAS 6.20

    Hello,
    I have install the MiniWAS 6.20 to my pc and I am trying to transport the ABAP OBJECTS programs by following the instractions. Unfortunately, the tp ended with error code 8 and the message is:
    Program S_ITAB_ACCESS: Syntax error in line 000060
    You cannot specify the component 'TABLE_LINE' fora generic line type in the current statement. allo
    Can someone tell me what to do in order to complete this transport?
    Thanks in advance

    You can ignore this message, S_ITAB_ACCESS has a syntax error (you can check in se38).
    In 46C the syntax was a little bit different:
    when you paste this code to a 46C system, the syntax check will be ok.
    In higher release it won't be ok. So if you copy it to a customer namerange eg ZS_ITAB_ACCESS and modify like this, it will be ok.
    Since you cannot change program S_ITAB_ACCESS, there is not much you can do with the transport.
    *      READ TABLE tab WITH TABLE KEY table_line = key
        READ TABLE tab WITH KEY table_line = key
    Incho

  • APO roles and auth objects

    Hello all,
    Can someone tell me the most common used Tcodes, roles and auth objects in SAP APO - DP and APO-SNP security
    thanks

    I was going to type them out but luckily for me found this link to the DP & SNP auth objects - the info there is as detailed as anything else I have seen
    http://help.sap.com/saphelp_scm50/helpdata/en/21/f6253b90e48743e10000000a11402f/content.htm
    There is a list of useful APO transactions here
    http://help.sap.com/bp_scmv241/documentation/SCM_AIO_BP_Function_List.xls
    I can't help with the standard roles as I build my own.

  • CC5.2: Auth objects database table for legacy systems

    Hi,
    Where are the auth objects for legacy systems stored?
    I mean, for SAP systems the auth objects ar stored in the tables SAPOBJ and SYSSAPOBJ.
    Can anybody help me?
    Thanks in advance

    correct formatting...I wish you could edit your posts instead of reposting!
    Just a performance tip--> since it looks as though you are looping through and performing the same statement many times, you should consider using a prepared statement:
    PreparedStatement ps = con.prepareStatement("insert into Table1 (Col1,COl2,Col3) " +
    "values ( ? , ? , ? )");
    for (int k=0; j<array1.length; k++) {
    if (array1[k] !=null)
    tt = array1[k].getArray2();
    for (int j=0; j<50; j++) {
    if (array2[k] !=null)
    ps.setString(1, tt[j].getString1);
    ps.setString(2, tt[j].getString2);
    ps.setString(3, tt[j].getString3);
    ps.executeUpdate();You will notice a significant performance gain if you are looping many times.
    Advanced--> huge performance gain if you use batch statement in this loop!
    PreparedStatement ps = con.prepareStatement("insert into Table1 (Col1,COl2,Col3) " +
    "values ( ? , ? , ? )");
    for (int k=0; j<array1.length; k++) {
    if (array1[k] !=null)
    tt = array1[k].getArray2();
    for (int j=0; j<50; j++) {
    if (array2[k] !=null)
    ps.setString(1, tt[j].getString1);
    ps.setString(2, tt[j].getString2);
    ps.setString(3, tt[j].getString3);
    ps.addBatch();
    //when completed all looping
    int[] insertCount = ps.executeBatch();Jamie

  • Deletion of auth objects Corresponding to tcodes

    Q1.
    If a transaction is deleted from the menu wthr the Corresponding authorization objects are deleted.
    Q2.Eg
    What if the tcode MM02 is deleted from the role which has MM01/MM02/MM60/MM03 transaction codes, In this case some of the auth objects of MM02 are same as the other tcode auth objects, then how does deletion of MM02 from role ensure that only the corresponding object--> values are removed.?
    Rakesh

    Q1.
    If a transaction is deleted from the menu wthr the Corresponding authorization objects are deleted.
    It depends..
    If the auth object's status is 'standard' and it is coming from only one t-code which is being removed, then it gets removed. If the status is 'changed', then it doesn't get removed.
    Q2.Eg
    What if the tcode MM02 is deleted from the role which has MM01/MM02/MM60/MM03 transaction codes, In this case some of the auth objects of MM02 are same as the other tcode auth objects, then how does deletion of MM02 from role ensure that only the corresponding object--> values are removed.?
    No, the auth object won't get removed as that is coming from su24 from other t-codes also.
    If different t-codes are bringing different field combination values, then the instance which is coming from MM02(if it is being deleted) will get removed, again assuming that the instance is standard and not changed.

  • Error "Inconsistancy in the auth object P_ORGIN"

    Hello Gurus,
    I have to add a tcode which involves auth object P_ORGIN. When I add the tcode and go to authorization tab then it gives the error as "Inconsistancy in the auth object P_Orgin"
    Please let me know how should I add the tcode now. Thank you !
    Regards,
    MA

    PLease provide tcode
    The reason why the profile generator cannot correctly insert the
    default values of these transactions is due to a data inconsistency in
    table USOBT_C (default values for customers). The table does not
    contain an entry for field BTRTL of authorization object P_Orgin.
    You can immediately correct the incomplete data in your customer table
    USOBT_C using the following steps:
    Step 1 Execute transaction SU24
    Step 2 Enter the transaction affected by this error ie XXXX
    Step 3 "Change check indicator" (F6) in the application toolbar.
    Step 4 With "Display field values" (F7) you check the default values of
    P_Orgin. Please document the values.
    Step 5 Go back to the previous screen and set the check indicator from
    "Check/maintain" to "Check" for P_Orgin.
    Step 6 Set the indicator for P_Orgin back to "Check/maintain".
    Step 7 Choose the function "Change field values" (F6) and insert the
    formerly documented values for AUTHC in object P_Orgin.
    Now you see also the field BTRTL being presented.
    Save the changes.
    Repeat steps 3-7 for each of the transactions affected.
    Hope you are clear with the steps.
    Thanks,
    Prasant
    Edited by: Prasant K Paichha on Mar 3, 2010 3:01 PM

Maybe you are looking for

  • How can I connect my new iPhone to my iTunes account on my computer? It is not showing in the devices when I connect it.

    I bought a new Iphone and I was unable to update with my iTunes because they wouldn't let me leave the store with out checking the camera and speakers. I had to start the phone. I tried connecting to iTunes when I got home but it's not showing in the

  • How can I determine how many events are in my calendars?

    The web version of my iCloud Calendar and subsequently also my Calendar.app did show recently various malfunctions and error messages that were inconsistant. Also, Calendar.app crashed when I was editing events. Finally, Calendar.app did complain tha

  • HOWTO: Get a logitech marble mouse to work w/scroll and more

    This bit of information was taken from a post at the ubuntu forums. It worked for me, enjoy! Modify your Xorg.conf/XF86Config file to have this in the mouse section: Section "InputDevice" Identifier "MarbleMouse" Driver "mouse" Option "Protocol" "aut

  • How to reinstall OS X 10.8 without internet?

    Hey guys, I had a crash on my Macbook Air MD231 - Mid 2012, and my system won't boot, and  unfortunately my friend erase my partition from disk utility. Now I have three question 1)my internet speed is very low, for re-installing I have to download a

  • IBook payment issue

    Hi, guys. I'm new to this forum and I'm from Mongolia. I gotta question regarding payment for books in iBooks. To put it simple, i want to sell my book via ibook, the question is, Is it possible for itunes users from Mongolia, where there is no app s