How to analyze authorization issues in debug
The idea behind this document is to be a quick debug guide for functional consultants and explain how to find in debug which authorization objects are called.
There are many different transactions which are helpful when we are trying to analyze authorizations issue (SU53, SU24…).
However, in some cases it is useful to check the authorization objects in debug.
This is useful, for example, if we want to know exactly on which point of the transaction execution a given authorization object is called or which authorization objects are called for a given action.
In such cases, we can check the authorization objects in debug, using a break-point for the statement AUTHORITY-CHECK, which is used to check the authorization on ABAP.
Let’s analyze an example of how to check the authorization when releasing an order in debug.
Here, we want to know which authorization object is being called to control the release of a production order.
- The first step is to open a production order on transaction CO02.
- Before releasing the order we type ‘/H’ on the command to open debug and press enter.
- Now click the release button and the debug should be triggered.
- Here, select the menu ‘Breakpoints’ – ‘Breakpoint at’ – ‘Breakpoint at statement’
- Now, create the breakpoint on command “AUTHORITY-CHECK” as shown on the following picture
- Press F8 and system will stop exactly on the piece of code where the authority check is called.
Here, we can see that the authorization object B_USERST_T is being checked and we can also see exactly which values are being checked.
Check also the following document for a quick step-by-step to check an error message in debug:
Good information for functional consultants. Thanks for sharing your knowledge.
Thanks & Regards,
Thanks for sharing this information.
Thank you both for the feedback!
Once again very nice document 🙂
Very useful for testing purposes.
Thanks a lot 🙂
Hi K.Arun Prabhu
Thanks for the feedback!
Thanks Very useful information , lot of times we guess that error may be coming from some enhancements or user exists or some TVARV parameter not maintained it is difficult to find the root cause especially for standard transactions it would be nice if some one can also explain how to find the root cause for standard transactions
Well explained...your posts are really well written.
Thanks. Clear explanation.
I realize this is untimely but: Very helpful! Thanks for the post.
You are welcome!