Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

RESPAREA's effects on obsolete auth objects

Former Member

‎07-28-2006 5:23 AM

0 Kudos

Hello all,

I was asked a question by a client and couldn't provide a definitive answer.

They are implementing RESPAREA for hierarchies as an organisational level. There are various notes on this that they have implemented.

The potential problem, leaving the now obsolete auth objects for cost centre with *'s in the fields leaves the security open for any tcodes that for some reason do not check for RESPAREA.

Question 1. Does anyone know of any tcodes that may cause a problem here (ie, will grant unrestricted access to cost centres rather than checking the RESPAREA restriction)?

Question 2. There are many auth objects for cost centres. If I perform a lookup on all auth objects with field KOSTL, will I capture all auth objects that we can put *'s in the KOSTL field, or are there more/less?

1 REPLY 1

Former Member

‎08-03-2006 10:38 PM

0 Kudos

A lot of roles can be effected by this change yes, but it seems to me that you already know this and the customer has already implemented the solution.

1. No. If anything, the access will be more restrictive than before.

2. KOSTL has nothing to do with RESPAREA. This is two different fields. By making RESPAREA as an organizational level, you do not change anything in KOSTL.

Check table KBEROBJ. In there you can see what objects are effected.