Skip to Content
avatar image
Former Member

What values will be taken if we leave an empty field in an Authorization

Hi Guys,

I have been wondering what values will be taken if we leave an empty field in an Authorization(Open Objects).

Will it fail the authorization check or bye pass it?..

Please clear..Don't know if this question has been answerd alreay in any other thread..

Thanks in advance,

Ramkumar C

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

4 Answers

  • Best Answer
    avatar image
    Former Member
    Sep 18, 2008 at 05:59 PM

    Hi Ramkumar,

    Since its the assignment of the generated profiles that gives the actual authorization...if we maintain an open authorization in a role and genereate the role, you will notice a NULL or Open Quote ( ' ' ) gets entered in the generated profile of the role.

    You can do that by generating the role and looking at the generated profile via SU02

    ' ' -> will not give any authorization, hence to answer your question, if a field value is checked for that object, it will fail it.

    Cheers! 😊

    Abhishek

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member Former Member

      i learned the phrase 'GIGO' during my programming days when i just started learning my first language..and i created an absolute blunder of a logic and asked my instructor why is the output so strange :P

      thats when my instructor spanked me on the back and said ... GIGO..you idiot !!

      😀

      haha

  • avatar image
    Former Member
    Sep 18, 2008 at 05:54 PM

    Hi Ramkumar,

    Lets understand this by a case study, lets say your are trying to edit some user, and the role which is assigned to you has the ACTVT field blank (not maintained, as you said). Now as soon as system which check for S_USERGRP auth object first and then the field ACTVT and it will fail with return code 4.

    In case the auth object is not present with user (in user buffer), then it would fail with return code 12.

    So, only error return codes will change 😉

    Try it out and put ST01 auth check trace to have a clear understanding of this

    Regards,

    Zaheer

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Sep 18, 2008 at 06:07 PM

    It depends on what the authority-check in the program is looking for and whether anything is looked for at all in the authorization field.

    Place your cursor on the ABAP statement "DUMMY" and hit F1 (no joke, it's really called that) or search for it in transaction ABAPDOCU. It is well explained there.

    'DUMMY' is not a value of the authorization field. You can solve this by entering '<space>' in the field.(i.e. ' ').

    Cheers,

    Julius

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Sep 18, 2008 at 07:27 PM

    Hi Zaheer,Abhishek,Julius,

    For Giving me a very helpful Answer!!

    Thanks and Regards,

    Ramkumar C

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member

      Hello Ramkumar C,

      It would be interesting to move this thread to the ABAP forum, because that is the "other half of the coin"...

      Could you please mark the thread as unanswered status? Otherwise some of the '<spaced out>' ABAPers might not answer... 😊

      Please do the needfull.

      Cheers,

      Julius