SAP authorization tool perform when a transaction code Execute.
When initiating a transaction, a system program performs a series of checks to ensure that the user is authorized.
The program checks whether the transaction code exists in table TSTC.
There have following 1-4 steps:
- The program checks whether the transaction code is locked by the administrator (transaction code sm02).
- The program checks whether the user has the authority to start the transaction. Authorization object S_TCODE (transaction start) contains the authorization field TCD (transaction code). The user must have the appropriate authorization for the transaction code to be started (for example, FK01, Create Vendor).
- The program checks whether an authorization object is assigned to the transaction code. If this is the case, the program checks whether the user has an authorization for this authorization object. The transaction code/authorization object assignment is stored in table TSTCA.
- The system performs authorization checks in the ABAP program using the ABAP statement Authority-Check.
Be the first to leave a comment
You must be Logged on to comment or reply to a post.