Permissions with Maintenance Status Used
Set up permission to access Web Dynpro applications using S_START
The Security Audit Log now also logs events where the runtime was affected by the debugger. New message types have also been defined in this context. To install this extension, you will need a kernel patch. For the fixes and an overview of the required support packages, see SAP Notes 1411741 and 1465495.
For the ABAP stack, authorization profiles can be created either manually or by using the profile generator. However, the use of the profile generator is strongly recommended, since manual administration usually results in misconfigurations of authorizations. The profile generator guarantees that users only receive the authorizations assigned by their role. Concepts, processes and workflows must therefore be adapted to the use of the profile generator. There is no choice for the Java stack; here the J2EE authorization mechanism must be used. The User Management Engine offers options that go beyond the J2EE standard.
Search for user and password locks
Furthermore, automation is possible with the help of a customer-specific ABAP programme. To do this, you should take a closer look at the AGR_TEXTS table. The table contains the different text blocks in different languages. Here we show you a section of the table with our example role Z_SE63. Short texts are assigned a value of 00000 in the column LINE, and long texts are assigned a value of 00001 to 0000x. The language keys are displayed in the SPRAS column. An ABAP programme now allows you to write the counterparts for the text fields in the target language into the fields in the tables.
When programming your permission check, always check the SY-SUBRC return code and define what should happen in the event of a non-successful permission check, i.e. if SY-SUBRC is not equal to 0. In most cases, an error message occurs and the programme is cancelled.
For the assignment of existing roles, regular authorization workflows require a certain minimum of turnaround time, and not every approver is available at every go-live. With "Shortcut for SAP systems" you have options to assign urgently needed authorizations anyway and to additionally secure your go-live.
The Status column provides an overview of the status of the permission values.
From 4.6C: The step user must be of type Dialog, Service, System or Communication.