Hello security team.
We are using two roles for one authorization object to be checked in the MIRO transaction. One role (1) checks the S_TCODE and the authorization object M_MSEG_LGO for ACTVT and BWART fields. The other role (2) checks for the same authorization object M_MSEG_LGO for LGORT and WERKS fields. I mean that the complementary effect between the two profiles attached to one and only user and employing the same authorization object M_MSEG_LGO could satisfy the return code SY-SUBRC = 0.
I have the detailed error message in a file. Please let me know if the issue is clear enough.
Best Regards,
Victor Sarabia
Edited by: Victor Sarabia Rangel on Mar 16, 2010 2:16 PM