Authorization object creation for transaction MIGO

Similar Messages

• Is it possible to restrict the object creation for stateless session beans

  Hi,
  Is it possible to restrict/fix the ejb object creation for stateless session beans in application server?
  For example, i want to configure the application server ( am using JBOSS ) to create maximum of 10 session bean objects. and if any requests for the stateless session bean come, as application server has created 10 objects, the requests should be blocked.
  Thanks in advance,
  nvseenu

  You can keep a counter in the application code. A static var won't work, but an entity and a consistent id should. This version would affect performance, but it would be portable to other app servers.
  // ConstrainedBean.java
  package unq.ejb;
  import javax.ejb.Stateless;
  import javax.ejb.CreateException;
  import javax.annotation.PostConstruct;
  import javax.annotation.PreDestroy;
  import javax.persistence.PersistenceContext;
  import javax.persistence.EntityManager;
  @Stateless
  public class ConstrainedBean implements Constrained {
      final static int DEFAULT_COUNTERID = 1;
      @PersistenceContext EntityManager em;
      @PostConstruct
      protected void init() throws CreateException {
       ConstrainedBeanCounter counter =
           em.find(ConstrainedBeanCounter.class, DEFAULT_COUNTERID);
       if( counter == null ) {
           counter = new ConstrainedBeanCounter();
           counter.counterId = 1;
           counter.counterValue = 0;
           em.persist(counter);
       if( counter.atMaximum() ) {
           throw new CreateException("error attempting to create > 10 beans");
       else {
           counter.increment();
      @PreDestroy
      protected void destroy() {
       ConstrainedBeanCounter counter = em.find(ConstrainedBeanCounter.class,
                                 DEFAULT_COUNTERID);
       counter.decrement();
      public void doSomething() { System.out.println("doSomething()"); }
  // ConstrainedBeanCounter.java
  package unq.ejb;
  import javax.persistence.Entity;
  import javax.persistence.Id;
  @Entity
  public class ConstrainedBeanCounter implements java.io.Serializable
      @Id public int counterId;
      public int counterValue = 0;
      public void increment() {
       counterValue++;
      public void decrement() {
       counterValue--;
      public boolean atMaximum() {
       return counterValue > 9;
  }

• What User authorization objects needed for connecting to SAP from xMII?

  We eneter a SAP user and password for connecting to SAP from xMII to retrieve the metadata of the incoming IDocs.
  When I specify a user with SAP_ALL user profiles, the IDocs are received properly in xMII. If I specify a user with privileges to run only certain transactions, IDocs are not received in xMII.
  What user authorization objects are needed for this user to connect to SAP from xMII?
  Thanks,
  Sara

  Sam,
  I turned on the SAP System trace for this user and figured out the following auth. objects are required for receiving IDocs in xMII:
  C_TCLA_BKA
  S_RFC
  S_CTS_ADMI
  B_ALE_MAST
  S_IDOCDEFT
  The following auth. object is required for making JCO call to SAP from xMII:
  C_AFRU_AWK
  Thanks,
  Sara

• Why authorization object M_MSEG_LGO for MB1B (MTy 301) is not symmetrical?

  When transfer posting (MB1B, MTy 301) from storage location 3030 in plant 1000 to storage
  location 8000 in plant 1910, authorization object M_MSEG_LGO is checked. The activity is 01,
  movement type is 301, storage location is 3030, and plant is 1000. But when transfer posting
  (MB1B, MTy 301) from storage location 8000 in plant 1910 to storage location 3030 in plant
  1000, the fields of M_MSEG_LGO are also need to be set 01 for activity, 301 for movement
  type, 3030 for storage location and 1000 for plant. Why not 8000 for storage location and
  1910 for plant? If I set 8000 for storage location and 1910 for plant and do transfer
  posting (MB1B, MTy 301) from storage location 8000 in plant 1910 to storage location 3030 in
  plant 1000, the system says "You do not have authorization for this transaction in storage
  location 3030".

  Thank you.
  I know the reason now. In SAP standard the authorization for storage locations is not active. We activate the authorization for storage location 3030, but not activate authorization for 8000.
  the menu path is:
  Customizing(IMG)
  - Materials Management
  - Inventory Management and Physical Inventory
  - Authorization Management
  - Authorization Check for Storage Locations

• Authorization object A_S_GSBER for Business area

  Dear group Members Warm Greetings
  Transaction code z_am_detail was added to the role from tcode pfcg .SAP proposed new values for certain organisation levels for example: the authorization object A_S_GSBER. The values proposed by the system for business area field are: 1000, 2000, 3000 & 9000. which are old, the 2 new business areas that were recently configured are not proposed which are 5000 & 6000. This could mean that there is some configuration setting with which the system suggests default values.
  Suggest me to fix this issue
  regards
  shamulheq
  Edited by: shamulheq on Mar 16, 2010 6:27 AM

  Hi Tipu,
  Have you tried creating Screen Variant  from the same Transaction SHD0.
  Try to create a screen variant for the Free Selection screen
  Program : SAPF110V
  Screen No: 0203
  Field Name  : F110V - TEXT1
  There is an option which saves the Variant "With Content"  & "Required", fill the Field Selection with "BSEG-GSBER" and check these check boxes.
  Hope this will work.
  Regards
  Andrew

• Authorization object creation

  Hi All,
  I want to creat an authorization object whihc is similar to the P_ORGIN with an extra field payroll area 'ABKRS'.
  So that I have created a new authorization obj which includes all the fields from P_ORGIN and with ABKRS.
  And I assigned this to role instead of P_ORGIN. But is it not working as P_ORGIN.
  Can anybody help me in this regard?
  Thanx in advance.

  Hi,
  have you assigned your object to the transactions via SU24 ?
  http://help.sap.com/saphelp_erp2005vp/helpdata/en/9e/74ba3bd14a6a6ae10000000a114084/content.htm
  Please have also a look at
  http://help.sap.com/saphelp_erp2005vp/helpdata/en/4e/74ba3bd14a6a6ae10000000a114084/frameset.htm
  The link describes how to generate your own object if p_orgin isn't enough for your requirements.
  Hope this helps.
  Regards
  Bernd

• Assign authorization object to standard transaction (VA02)

  I've success to create an authorization object and assigned to va02. I also use su24 to check indicator for my customize object. There are reported that it is Check. I think it is activated. Then i access va02, but it still can access, I suppose i no have right to access the va02. What's wrong for my setting. Acutally, I no much ideas for the authorization object. Can you give me some advise. Thanks a lot.

  Hi Giri,
  You could (and probably should) specify the check in SU24, but this won't make the check happen.  The values in SU24 are used in transaction PFCG when a role is created that includes this transaction.
  To make the authorisation check at runtime you'll need to code a user exit or similar to check your new authorisation object.
  Regards,
  Nick

• Update the authorization object value for more than 1000 role

  I need to remove one of the activity value (06) from authorization object S_SCD0.
  I do a search and found out that there are more than 1000 roles which having the activity value = 06 for authorization object S_SCD0.
  However, I don't think I can create a SCAT script to update all these 1000 roles and I believe its going to be a very tedious if I am going to manually change it one-by-one. Hence, I am wondering is there any standard program/function which I can use to automate the above changes for all these 1000 over roles.
  Kindly advise.
  Thanks

  Direct update the table is the easiest way, but should be discourage for the obvious reason.
  Should take a step back, take a long term view, when you need to update 1000 roles, maybe a role redesign might be needed. For example, if you can change the role model to derive role model, once update to the parent role will take care of all the child role.
  Thanks,
  Lye

• BADI for transaction MIGO

  Hello Experts,
  I have a requirement for the transaction MIGO that if the checkbox "Delivery Completed" Indicator in Purchase Order Item is set,
  the Latest GR date parameter in ME22N is updated.. Is this possible? do you have BADI for this?
  Thanks!

  Hi,
  Use Function module-EXIT_SAPMM07M_001 ,take the help of abapor for the same.
  This will resolved your issue.
  Regards,
  Sandesh Sawant

• Authorization object creation manual method

  hi gurus
  I have a requirement to create authorization objects for my project. The scenario is, we have a query which gives the profit center data on a weekly basis.the users for this report are the project management people. we have not created the project management hierarchy, but presently supposed to use a role as Project Management. We have a set of users for this Project Management role.
  Now based on this scenario i am supposed to create the authorization objects.
  can anybody suggest me the right step by step method for creating the authorization objects.
  I would like to have steps as what i need to do in RSD1, in PFCF, in RSSM and in the BEx.
  you answers will be rewarded accordingly
  thanks in advance
  regards
  vijaykumar

  hi!
  1) identify the infoobject which must have restricted access. I think it is Profit Center in your case or may be PSP element
  2) in infoobject maintainance screen check Whether it is marked as Authorization relevant(RSD1)
  3) goto RSSM and create a new authorization object and add your infoobject to it.
  4) in PFCG role maintainance screen add create a new role Project Management and addt eh users to it. under the authorizations tab go to maintaina authorizatioons and add your authorization object that you create in RSSM. and maintain the correct values with in it.
  with regards
  ashwin

• Default Authorization object P_ABAP for PA20

  Dear colleagues!
  After SP implementation roles werу adjusted and new authorization check for P_ABAP was added for transaction PA* (PA20, PA30...).
  Where is hr-reporting checks in these transactions? It's critical for personnel data maintenance or used only for sub-menu reports?
  Trace for PA20 shows the following values for P_ABAP check (PA20-Goto-Planning Data-...):
  P_ABAP     RC=12 REPID=SAPMP50A;COARS=2;
  P_ABAP     RC=12 REPID=SAPDBPNP;COARS=2;
  SAP Release ERP 6.0 EHP4 (10 stack)
  Regards,
  A.M.

  Hi,
  The values mentioned for P_ABAP here is not necessary to be added in a role. SAPDBPNP is a logical database and providing P_ABAP with degree of simplification (COARS) = 2 is very dangerous, as it will bypass any authorization check while executing reports related to that logical database.
  Providing such values will disturb your entire authorization design as even though you might restrict an user on few Infotypes in P_ORGINCON, but with this value, it actually bypasses any report using this logical database to check for Infotype authorization or structural auth restriction.
  To suggest a possible solution, I would like to know exact activities intended to be done with PA20 and level to access provided in P_ORGINCON. Please can you share that here?
  Thanks,
  Deb

• Authorization object required for materail and vendor.

  Hi All,
  I have Z report where material and vendor are there on the selection screen.I need to put authorization check on materail and vendor. Can u plz suggest which authorization object I should use for this?
  thnks
  MSi

  On the other hand, assuming your program will run in a properly maintained SAP installation, I would always use standard authorisation objects as much as possible. Try finding a standard SAP report with similar selections and output and see how it is done there. Trace the execution via ST01 and see which objects are being checked.
  Also use the repository infosystem to browse the available standard objects. Talk to a functional and/or security expert to clarify your requirement regarding necessary authorization checks.
  Thomas

• Any pointers to a badi for transaction MIGO and MB1a

  Hi all,
  Can anyone tell if there is any badi which can give us all the values entered by the user in transaction MIGO and MB1a.

  Hi Anu,
  whenever you need a BADI...
  Follow the below steps to find out what all BADI's are called when you press any button in any transaction.
  1) Goto se24 (Display class cl_exithandler)
  2) Double click on the method GET_INSTANCE.
  3) Put a break point at Line no.25 (CASE sy-subrc).
  Now
  4) Execute SAP standard transaction
  5) Press the required button for which you need to write an exit logic, the execution will stop at the break point.
  6) Check the values of variable 'exit_name', it will give you the BADI name called at that time.
  7) This way you will find all the BADIs called on click of any button in any transaction.
  [found on SDN a year ago, don't remember the contributor]
  Regards,
  Clemens

• Changing the printer for transaction MIGO

  Hi,
  An output request is created in transaction SP01 whenever the transaction MIGO is executed. I am instructed to change the printer (output device) to a default printer if the storage type is '015'. How can I change the printer (output device) in the output request automatically if storage type is 015? What program will I modify? 
  Thanks in advance.
  Joseph Ian

  check Tcode OMJ3.
  Printer Determination by Plant/Storage Location
       In this step, you define per plant and storage location the printer from
       which an output type is printed.
       This is only relevant to output types with print parameter 7.
       Example
       In plant 0001 and storage location 0001, the goods receipt slips are to
       be printed from printer LT01.
       For output types WE01, WE02, and WE03, you define the entry
          Plant 0001 Storage location 0001 -> Output device LT01.
       Requirements
       You can only maintain printer determination for output types with print
       parameter 7 (plant/storage location). Check on the detail screen for
       output type whether this is the case.
  regards
  Prabhu

• Variable creation for Transaction S_ALR_87013336

  Hi
  I am getting following error on executing the transaction S_ALR_87013336
  Global variable & has been deleted
  Message no. KH488
  Diagnosis
  Global variable & has been deleted.
  Procedure
  Modify the report or form so that it no longer uses global variable &.
  I am trying to add Co code and co code group as search filed so I have made adjustment to form 8A-PCA013G.
  Please suggest how to correct the report and create variable
  Selections Fields for Transaction S_ALR_87013336
  Company Code Group ------------------------
  or Value(s) From ------------- To-------------
  Thanks

  Hi
  I have fixed the issue -  Global variable & has been deleted
  I need help on the followings
  Selections Fields for Transaction S_ALR_87013336
  Company Code Group ------------------------
  or Value(s) From ------------- To-------------
  Thank