Solved: how to restric a program with authorization in sap...

yasu_1096 · ‎07-04-2023

how to restric a program with authorization in sap by providing the message that you are not authorized.

Example if a user having a program that would be while he execute the program the message should come as you are not athorized & he cant able to move to next step that means he should just see the code but not authorized to execute the program through O9 data services in SAP

NaveenKumarC · ‎07-05-2023

Hello Afgan Mohammed Yaser,

Please check the below link to understand the process.

Link

Regards,

Naveen Kumar Chikkanna.

DominikTylczyn · ‎07-04-2023

Hello yasu_1096

yasu_1096Use AUTHORITY-CHECK and then MESSAGE if the authorization check fails.

Best regards

Dominik Tylczynski

FredericGirod · ‎07-04-2023

I think you could check only for TCODE not for program name

yasu_1096 · ‎07-04-2023

Hi

3a9e4ce873a94034b33dc62b0ce600ee

everyone is telling this one can i know the process how to create it?

FredericGirod · ‎07-05-2023

How to put proper authority-checks to your custom programs | SAP Blogs

yasu_1096 · ‎07-28-2023

Thank you Mr. Frederic Girod the link is most useful to us

raymond_giuseppi · ‎07-04-2023

Usually users don't execute program but transactions.

System already executes an AUTHORITY-CHECK on authorization object S_TCODE.

Are your users allowed to a transaction such as SA38 to execute reports.

System already executes an AUTHORITY-CHECK on authorization object S_PROGRAM for action SUBMIT

Of course you can add and handle a customer AUTHORITY-CHECK in your program in the LOAD-OF-PROGRAM event or initial dynpro (Many standard programs use an AUTHORITY-CHECK on their default transaction, often in initial dynpro logic)

NB: You could also notice in authorizaton object S_PROGRAM a P_GROUP field, that can also be handled in authorization. Manage the group list in table TPGP[T] with SM30 and use the group code in program attributes. (Using group to require less maintenance on user roles)

DominikTylczyn · ‎07-05-2023

Check authorization to execute a transaction or a program is bare minimum. On top of that access to organizational level, document types etc. should be validated.

raymond_giuseppi · ‎07-06-2023

dominik-tylczynski , so often the first authorization check is performed in INITIALIZATION step for reports when the start values for parameter and selection criteria are initially set.

NaveenKumarC · ‎07-05-2023

Hello Afgan Mohammed Yaser,

Please check the below link to understand the process.

Link

Regards,

Naveen Kumar Chikkanna.

yasu_1096 · ‎07-28-2023

thank you

Sandra_Rossi · ‎07-05-2023

If you get unprecise answers, it's normal, because you are saying "through O9 data services" only at the very end as if it had no importance...

People answered generically to the rest of your question.

Could you explain how it's integrated with SAP system, which ABAP program or service is called by O9?

how to restric a program with authorization in sap by the message that you are not authorized.