Scribd
Upload
23 views2 pages

Authorization Object Materail

Authorization Objects are used to control user privileges for data access and actions within programs. This document provides steps to create a custom authorization object called Z_TCODE to control access to specific transaction codes. It describes: 1) Creating an authorization field called ZTCODE to hold transaction codes 2) Creating an authorization class and object called ZTRN and Z_TCODE respectively 3) Assigning permitted activities like create, change, display to the custom object 4) Creating a role ZAUTHTEST assigned to the custom authorization object and a transaction code 5) Creating a second role for display activity and assigning to another user

Uploaded by

Bhawana Kumari
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
23 views2 pages

Authorization Object Materail

Authorization Objects are used to control user privileges for data access and actions within programs. This document provides steps to create a custom authorization object called Z_TCODE to control access to specific transaction codes. It describes: 1) Creating an authorization field called ZTCODE to hold transaction codes 2) Creating an authorization class and object called ZTRN and Z_TCODE respectively 3) Assigning permitted activities like create, change, display to the custom object 4) Creating a role ZAUTHTEST assigned to the custom authorization object and a transaction code 5) Creating a second role for display activity and assigning to another user

Uploaded by

Bhawana Kumari
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

Authorization Objects are used to manipulate the current user’s privileges for specific data

selection and activities from within a program.

We could always create our own authorization objects and implement it in our own abap
programs. As an example, we will create our own authorization field similar to TCD used in
S_TCODE Authorization object (see #3 in figure 1).

Figure 1

Steps to create authorization field


1. Go to transaction code SU20
2. Click the create new button on the application toolbar.
3. Enter “ZTCODE” in the Field Name and “TCODE” in the Data Element, then hit Enter.
4. Click the save button on the system toolbar.

Next step is to create the authorization class(see #1 in figure 1) and authorization object(see #2 in
figure 1).

Steps to create authorization class


1. Go to transaction code SU21
2. Click on the Create button’s drop down icon and select “Object Class”.
3. Enter “ZTRN” on the Object Class field.
4. Give it a description and save it.

Steps to create authorization object


1. Again in SU21, in the list of authorization class(folder icon), click the one that we’ve
created(ZTRN).
2. Click on the Create buttodrop down, this time selecting “Authorization Object”.
3. Enter “Z_TCODE” on the Object field and give it a description.
4. On the authorization fields section, enter ACTVT and ZTCODE. ACTVT is used to set and
limit the activity of the user, while the ZTCODE is the authorization field that we’ve created
earlier which is
responsible for holding a list of tcodes.
5. On the Further Authorization Object Settings, click on “Permitted activities” button. Here we
will select the specific activities that we want to be available for our authorization object.
6. As an example, we will select 01(Create), 02(Change), and 03(Display).
7. Save and Exit.

Now we’re done creating our own authorization object, let us now use and assign it to a user.

Steps to create a role(see figure 2)


1. Go to transaction code PFCG.
2. Enter “ZAUTHTEST” on Role field and click the “Single Role” button.
3. Now give it a description, click the save button and click the Authorization tab.
4. Click the “Change Authorization Data” button inside the authorization tab.
5. Then click the “Manually” button on the application toolbar and type in the name of the
authorization object that we’ve created earlier(”Z_TCODE”) and press enter.
6. Expand all the nodes, double click on the input field of the Activity and select activity 01 and
02.
7. Enter the tcode of our own abap program in ZTCODE field, in our example I used “ZCOMM”
.
8. And also don’t forget to add the S_TCODE authorization object and enter ZCOMM on it’s
field.
9. Now Click on the Generate button in the application toolbar and press enter on the pop-up
screen.
10. press the back button and assign a specific user on the user tab and click User Comparison
button.
11. Now create another role by repeating steps 1 to 9 but this time select activity 03 on step 6.
12. Then assign this 2nd role to another user.

You might also like