Download - 3 SAP Authorization Concept
![Page 1: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/1.jpg)
1
SAP Authorization concept
Profiles
User Maintenance
![Page 2: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/2.jpg)
2
contentsauthorization object classauthorization objectauthorization object - exampleauthorizationauthorization – exampleprofileuserABAP syntaxABAP code – exampleSY-SUBRCtransaction codessteps for handling authorizationsdemonstration
![Page 3: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/3.jpg)
3
authorization object
authorization object
authorization object
authorization object
authorization field
authorization field
authorization field
![Page 4: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/4.jpg)
4
authorization objects - example
S_TCODE - authorization check for transaction StartTCD – transaction code
M_MATE_STA – material master maintenance statusesACTVT - activitySTATM – maintenance status of material master record
M_MATE_MAN – material master data at client levelACTVT - activity
M_MATE_BUK – material master data at company code levelACTVT – activityBUKRS – company code
![Page 5: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/5.jpg)
5
authorization objects - example
M_MATE_WRK – material master data at plant levelACTVT - activityWERKS – plant
M_MATE_MAT – material master data at sale organization / distributionACTVT – activityVKORG – sale organizationVTWEG – distribution channel
M_MATE_MAT – material master data at authorization group levelACTVT – activityBEGRU – authorization group
![Page 6: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/6.jpg)
6
authorization object class
authorization object class
authorization object class
authorization object class
authorization object
authorization object
authorization object
![Page 7: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/7.jpg)
7
authorization
authorization
authorization
authorization
authorization object
authorization object
authorization object
![Page 8: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/8.jpg)
8
authorization - exampleM_MATE_WRK01 (authorization 1)M_MATE_WRK (material master data at plant level)ACTVT (activity) : 03WERKS (plant) : 1000, 2000
M_MATE_MAT01 (authorization 1)M_MATE_MAT (material master data at sale organization / distribution)ACTVT (activity) : 01, 03VKORG (sale organization) : 100VTWEG (distribution channel) : *
F_BKPF_BUK01 (authorization 1)F_BKPF_BUK (accounting document at company code level)ACTVT (activity) : * BUKRS (company code) : *
![Page 9: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/9.jpg)
9
profile
profile
profile
profile
authorization
authorization
authorization
![Page 10: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/10.jpg)
10
user
user
user
user
profile
profile
profile
![Page 11: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/11.jpg)
11
authorization structure
user1
profile2profile1
authorization2authorization1
authorization object1
authorization object field2authorization object field1
value2value1
![Page 12: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/12.jpg)
12
ABAP syntax
AUTHORITY-CHECK OBJECT objectID name1 FIELD field1ID name2 FIELD field2……ID name10 FIELD field10.
IF SY-SUBRC <> 0.……ENDIF
![Page 13: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/13.jpg)
13
ABAP code - example
AUTHORITY-CHECK OBJECT ‘M_MATE_MAT’ID ‘ACTVT’ FIELD ’01’ID ‘VKORG’ FIELD ‘100’ID ‘VTWEG’ FIELD ’10’.
IF SY-SUBRC <> 0.……ENDIF
![Page 14: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/14.jpg)
14
SY-SUBRC
0 – user has required authorization4 – user has no authorization8 – too may parameters (fields, values)12 – object is not maintained in user master16 – no profile entered in user master record24 – field names do not match28 – incorrect structure for user master record32 – incorrect structure for user master record36 – incorrect structure for user master record
programmer is responsible for 8, 24 system administrator is responsible for 4, 12, 16SAP is responsible for 28, 32, 36
![Page 15: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/15.jpg)
15
transaction codes
SU20 – authorization object fieldSU21 – authorization objectSU03 – authorizationSU02 – profileSU01 – userSU24 – authorization objects to transaction codeSE93 – transaction codeSU53 – display authorization data
![Page 16: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/16.jpg)
16
Steps for handling authorizations
step 01 : create authorization object field (SU20) step 02 : create authorization object class (SU21) step 03 : create authorization object (SU21) step 04 : create authorization (SU03)step 05 : create profile (SU02) step 06 : assign authorization objects to a profile (SU02) step 07 : assign authorization to profile (SU02) step 08 : create user (SU01)step 09 : assign profile to user (SU01)step 10 : assign authorization object to a transaction code (SE93)step 11 : handle authorization check in ABAP program (SE38)
![Page 17: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/17.jpg)
17
demonstrationprogram : ZSP1transaction code : ZST1authorization object : ZSAO1authorization object fields : SMT, SMG, SD
authorization : SA1authorization values for SMT : SMT1, SMT3authorization values for SMG : SMG1, SMG3authorization values for SD : D1, D3
authorization : SA2authorization values for SMT : *authorization values for SMG : *authorization values for SD : *
profile : SP1user : SU1
![Page 18: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/18.jpg)
18
![Page 19: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/19.jpg)
19
![Page 20: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/20.jpg)
20
![Page 21: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/21.jpg)
21
![Page 22: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/22.jpg)
22
![Page 23: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/23.jpg)
23
![Page 24: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/24.jpg)
24
![Page 25: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/25.jpg)
25
![Page 26: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/26.jpg)
26
![Page 27: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/27.jpg)
27
![Page 28: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/28.jpg)
28
![Page 29: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/29.jpg)
29
![Page 30: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/30.jpg)
30
![Page 31: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/31.jpg)
31
![Page 32: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/32.jpg)
32
![Page 33: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/33.jpg)
33
![Page 34: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/34.jpg)
34
![Page 35: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/35.jpg)
35
![Page 36: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/36.jpg)
36
![Page 37: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/37.jpg)
37
![Page 38: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/38.jpg)
38
![Page 39: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/39.jpg)
39
![Page 40: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/40.jpg)
40
![Page 41: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/41.jpg)
41
![Page 42: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/42.jpg)
42
![Page 43: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/43.jpg)
43
![Page 44: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/44.jpg)
44
![Page 45: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/45.jpg)
45
![Page 46: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/46.jpg)
46
![Page 47: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/47.jpg)
47
![Page 48: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/48.jpg)
48
![Page 49: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/49.jpg)
49
![Page 50: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/50.jpg)
50
![Page 51: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/51.jpg)
51
![Page 52: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/52.jpg)
52
![Page 53: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/53.jpg)
53
![Page 54: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/54.jpg)
54
![Page 55: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/55.jpg)
55
![Page 56: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/56.jpg)
56
![Page 57: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/57.jpg)
57
![Page 58: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/58.jpg)
58
![Page 59: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/59.jpg)
59
![Page 60: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/60.jpg)
60
![Page 61: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/61.jpg)
61
![Page 62: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/62.jpg)
62
![Page 63: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/63.jpg)
63
![Page 64: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/64.jpg)
64
![Page 65: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/65.jpg)
65
![Page 66: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/66.jpg)
66
![Page 67: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/67.jpg)
67
![Page 68: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/68.jpg)
68
![Page 69: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/69.jpg)
69
![Page 70: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/70.jpg)
70
![Page 71: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/71.jpg)
71
![Page 72: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/72.jpg)
72
![Page 73: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/73.jpg)
73
![Page 74: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/74.jpg)
74
![Page 75: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/75.jpg)
75
![Page 76: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/76.jpg)
76
![Page 77: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/77.jpg)
77
![Page 78: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/78.jpg)
78
![Page 79: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/79.jpg)
79
![Page 80: 3 SAP Authorization Concept](https://reader033.vdocuments.mx/reader033/viewer/2022061419/563dbad4550346aa9aa86c0a/html5/thumbnails/80.jpg)
80