The foundation of ABAP/PFCG authorizations (either at NetWeaver or S/4HANA) is built by ABAP authorization objects. Those objects are being queried, if an (data) access is tried by a user. But how does the system exactly query if a user is authorized? Correct – by checking if the user has got the required authorization objectContinue reading “SU21 – Maintain Authorization Objects”
Tag Archives: authorization basics
PFCG – Authorization Objects and Authorization Fields
The foundation of ABAP/PFCG authorizations (either at NetWeaver or S/4HANA) is built by ABAP authorization objects. Those objects are being queried, if an (data) access is tried by a user. But how does the system exactly query if a user is authorized? Correct – by checking if the user has got the required authorization objectContinue reading “PFCG – Authorization Objects and Authorization Fields”
PFCG Roles – Authorizations Part II
After having examined the first steps of authorization management respectively the role design, we now take a high level look at the authorizations tab. As can be seen above we have a given structure for our authorizations. Basically, the structural hierarchy is Group > Object > Authorization > Field. Though this seems complex, for yourContinue reading “PFCG Roles – Authorizations Part II”
PFCG Roles – Authorizations Part I
The most important tab – in my perspective – for handling authorizations is the equally called tab within the PFCG when editing/viewing a role. This is the central component to design customized authorizations and is central especially for Business Intelligence developments, due to its special concept. A security expert that classically solely works within ERPContinue reading “PFCG Roles – Authorizations Part I”
PFCG – Menu Roles
After clicking on the edit button at the PFCG “starting screen” you can examine a role. As visible above there are again plenty of possibilies. First though, we focus on the “Menu” tab. With this tab you can assign transactions to your role, by clicking the highlighted button “Transaction“. Then a window opens that supportsContinue reading “PFCG – Menu Roles”
Basics – PFCG explained
The central element of learning SAP authorizations is to master the role building via the transaction PFCG (known as Profile Generator). Here you can learn the basics from the roots. For any NetWeaver based system as like ECC, S/4HANA or BusinessWarehouse the role construct is the same. It is based on the PFCG transaction –Continue reading “Basics – PFCG explained”
Basics – Starting Point.
Chronologically, as well as logically, this is your and my starting point. This blog post defines the very basics of an authorization concept based on my professional experience and focuses on practical approaches. Let’s get started! The universe of authorizations is – without exaggeration – endless. Each application, system and every organization requires authorizations beforeContinue reading “Basics – Starting Point.”
SAP Authorization Universe 