Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

What is Authorization Group

Go to solution
Former Member

‎05-07-2008 10:45 AM

0 Kudos

Hi Guru ,

Can any one tell me what is authorization group?. I have heard of authorization Object.

In which senario is authorization group used and how to creat authorization group and assign to program?

regards

Akif

1 ACCEPTED SOLUTION

Go to solution
Former Member

‎05-07-2008 11:48 AM

0 Kudos

Hi Akif,

In addition to the good info from the other 2 posters, authorisation group is also used in a functional context.

It is often used as a way to provide an additional level of security which may or may not be used. Some examples include Vendor Authorisation Groups, GL Account Auth Groups, Auth Groups against Material Types.......the list goes on.

In effect it is an arbitrary 4 character field against a line item, which when populated for a record will invoke an authorisation check against that value.

The check in the code is done as such to ignore the field (or pass the auth check as successful) if it is blank (most of the time, sometimes it will try to introduce a dummy value) and perform the check if populated.

10 REPLIES 10

Go to solution
Bernhard_SAP
Employee
Employee

‎05-07-2008 10:53 AM

0 Kudos

Hi Akif,

please refer to [SAP Note 338177|https://service.sap.com/sap/support/notes/338177] , where you can find some mor information....

b.rgds, Bernhard

Go to solution
former_member1061482
Participant

‎05-07-2008 10:54 AM

0 Kudos

Hi,

For Tables

The authorization groups created for tables are to prevent unauthorized configurators or any unauthorized

person from modifying contents of a specific table or a group of tables. Most of the authorization groups will

be created for newly created tables but some SAP provided table definitions could also be modified on an as

needed basis.

For Programs

The authorization groups created for programs are to prevent any unauthorized user from running the

program. Almost all authorization groups will be created for newly created programs that will be used in QA

or Production environments.

For more information, please refer to the following link:

http://searchsap.techtarget.com/tip/1,289483,sid21_gci816940,00.html

Go to solution
Former Member
In response to former_member1061482

‎05-07-2008 11:45 AM

0 Kudos

Authorization Group :

Contains

Field of the authorization objects S_DEVELOP (program development and program execution) and S_PROGRAM (program maintenance).

This field contains the name of a program group that allows users to

execute programs

schedule jobs for background processing

maintain programs

maintain variants

When creating a program, you can specify an authorization group as one of the program attributes. This allows you to group together programs for the purposes of authorization checking.

And u can create Auth Groups with the Tcode SE54

Reward Pts if useful

Regards,

Malti

Go to solution
Former Member
In response to former_member1061482

‎05-07-2008 6:39 PM

0 Kudos

Malti,

Do you really think it is suitable to ask for points for repeating what the other posters have said about program auth groups and then giving a transaction for creating table authorisation groups?

Go to solution
Former Member
In response to former_member1061482

‎05-08-2008 4:52 AM

0 Kudos

Hi Alex,

I do think so..Coz if he finds the suitable solution in my reply..

I.e.. if he understood wt i hav posted that is well n enough i guess.

Regards,

Malti

Go to solution
Former Member
In response to former_member1061482

‎05-08-2008 9:52 AM

0 Kudos

Maybe we have different opinions whether it's suitable to ask for credit for repeating what other people have already said.

Julius the mod is on holiday and will usually delete point begging so get it in while you can!

Go to solution
Former Member
In response to former_member1061482

‎05-08-2008 10:08 AM

0 Kudos

Alex,

So wen u have passed this rule...?

I see many threads this way..

Y dont u post a seperate thread ..on 'Not to do's' in SDN Forum.

Malti

Go to solution
Former Member
In response to former_member1061482

‎05-08-2008 10:28 AM

0 Kudos

Malti,

Take a look in the Coffee Corner to get an idea of what the common perception of points begging is.

As I said, they will be deleted when the Mod gets back as it is generally considered to be rude & counterproductive to the forum.

Have a good day

Cheers

Alex

Go to solution
Former Member
In response to former_member1061482

‎05-08-2008 5:04 PM

0 Kudos

Well said Alex!

Akif,

Bernhard, Hemant and Alex have covered it all ! Authorization groups are explained in detail in ADM 950 too.

Go to solution
Former Member

‎05-07-2008 11:48 AM

0 Kudos

Hi Akif,

In addition to the good info from the other 2 posters, authorisation group is also used in a functional context.

It is often used as a way to provide an additional level of security which may or may not be used. Some examples include Vendor Authorisation Groups, GL Account Auth Groups, Auth Groups against Material Types.......the list goes on.

In effect it is an arbitrary 4 character field against a line item, which when populated for a record will invoke an authorisation check against that value.

The check in the code is done as such to ignore the field (or pass the auth check as successful) if it is blank (most of the time, sometimes it will try to introduce a dummy value) and perform the check if populated.