Great SAP Authority Check Search

Talking about authority checks, I love using the transaction SUIM to analyse authorization objects and values for users.

But one could also use a program such as RSABAPSC which can be used to trace the authority-check commands used in a program and its sub programs.

Also as a general rule of thumb you could check for the AUTHORITY_CHECK statement to identify the authority objects in programs.

However both of  these methods RSABAPSC  and the AUTHORITY_CHECK statement will not catch all authority checks.

Remember to use SU53 to see the details of a failed authority check object.

 

2 Comments

  1. Pongki January 20, 2012 at 9:14 am · Reply

    “However both of these methods RSABAPSC and the AUTHORITY_CHECK statement will not catch all authority checks.”

    What are the authority checks that are not caught by this statement?

  2. Steve Biskie January 24, 2012 at 12:31 pm · Reply

    If the authorization object is included in security outside of the actual program code, for example by adding it’s check to the starting transaction via table TSTCA, this method will not reveal it.

Leave a Reply