Hierarchy
SAP_BASIS (Software Component) SAP Basis Component⤷
BC-SEC-USR-ADM (Application Component) User and Authorization Management⤷
SUSR (Package) ABAP User Administration
Basic Data
| Data Element | XUOBJECT |
| Short Description | Authorization Object |
Data Type
| Category of Dictionary Type | D | Domain |
| Type of Object Referenced | No Information | |
| Domain / Name of Reference Type | XUOBJECT | |
| Data Type | CHAR | Character String |
| Length | 10 | |
| Decimal Places | 0 | |
| Output Length | 10 | |
| Value Table | TOBJ |
Further Characteristics
| Search Help: Name | ||
| Search Help: Parameters | ||
| Parameter ID | XUO | |
| Default Component name | ||
| Change document | ||
| No Input History | ||
| Basic direction is set to LTR | ||
| No BIDI Filtering |
Field Label
| Length | Field Label | |
| Short | 10 | Object |
| Medium | 15 | Object |
| Long | 20 | Authorization Object |
| Heading | 25 | Authorization Object |
Documentation
Definition
Element of the authorization system.
An authorization object combines up to 10 authorization fields, which are checked using the AND connective.
Authorizations are checked against objects in the system. Authorization objects enable complex checks (linked to several conditions) of an authorization. For the authorization check to be successful, the user must pass the check for each field contained in the object.
Supplementary Documentation - XUOBJECT 0001
Use
Name of the object to which the authorization refers.
Procedure
Enter the object name or display a list of the objects from which you can choose the required object.
The identification of an authorization consists of the name of the authorization and the name of the object to which it refers.
Supplementary Documentation - XUOBJECT 0002
Use
Procedure
To give a user access authorization, enter the object required for this authorization in this column. Enter an authorization for every object in the right column.
Via "Object list", you can display a list of objects and select objects.
You can assign any number of authorizations for an object to a user. The system cheks these authorizations using the OR collective. The user is authorized to perform an action if one of the authorizations fulfills the checking criteria for the object that is checked.
Supplementary Documentation - XUOBJECT 0004
Procedure
Specify the technical name of the authorization object you want to display.
Example: S_USER_AUT (technical name of the object "Authorization maintenance".
Generic search: Enter a character string followed by an asterisk. The system displays all the values that begin with the character string specified.
Supplementary Documentation - XUOBJECT 0005
Procedure
Enter the name of an authorization object you want to display. If it exists in the user master record, the object and the corresponding authorization are displayed.
Supplementary Documentation - XUOBJECT 0006
Procedure
Enter the name of an authorization object you want to display. If it exists in the authorization profile, the object and the corresponding authorization are displayed.
Supplementary Documentation - XUOBJECT 0008
Procedure
No restriction: Leave the field blank.
Only specific objects: Enter the name of an object.
Generic search: Enter the first character(s) of a name. All names that begin with the specified character string are listed.
Supplementary Documentation - XUOBJECT 0009
Use
Procedure
Enter the name of the object to which the authorization is assigned and whose change documents you want to display.
Examples
Dependencies
Supplementary Documentation - XUOBJECT 0010
Use
Procedure
Enter the name of the authorization object that is checked against the authorizations of the calling user when a transaction is started. If the user does not have the necessary authorizations, the start of the transaction is cancelled.
You should normally specify an object that is also checked within the program.
This check always takes place when calls are made using LEAVE TO TRANSACTION and using the entry "/n<transaction code>".
The check is only performed at CALL TRANSACTION if the current transaction code and the called transaction code are contained as a pair in the columns TCODE and CALLED of the database table TCDCOUPLES, and if the database field OKFLAG has the value "X" for that row. The required check also needs to be performed using AUTHORITY-CHECK.
Examples
Dependencies
History
| Last changed by/on | SAP | 20130604 |
| SAP Release Created in |
