SAP ABAP Data Element XUOBJECT (Authorization Object)
Hierarchy
SAP_BASIS (Software Component) SAP Basis Component
   BC-SEC-USR-ADM (Application Component) User and Authorization Management
     SUSR (Package) ABAP User Administration
Basic Data
Data Element XUOBJECT
Short Description Authorization Object  
Data Type
Category of Dictionary Type D   Domain
Type of Object Referenced     No Information
Domain / Name of Reference Type XUOBJECT    
Data Type CHAR   Character String 
Length 10    
Decimal Places 0    
Output Length 10    
Value Table TOBJ    
Further Characteristics
Search Help: Name    
Search Help: Parameters    
Parameter ID XUO  
Default Component name    
Change document    
No Input History    
Basic direction is set to LTR    
No BIDI Filtering    
Field Label
  Length  Field Label  
Short 10 Object 
Medium 15 Object 
Long 20 Authorization Object 
Heading 25 Authorization Object 
Documentation

Definition

Element of the authorization system.

An authorization object combines up to 10 authorization fields, which are checked using the AND connective.

Authorizations are checked against objects in the system. Authorization objects enable complex checks (linked to several conditions) of an authorization. For the authorization check to be successful, the user must pass the check for each field contained in the object.

Supplementary Documentation - XUOBJECT 0001

Use

Name of the object to which the authorization refers.

Procedure

Enter the object name or display a list of the objects from which you can choose the required object.

The identification of an authorization consists of the name of the authorization and the name of the object to which it refers.

Supplementary Documentation - XUOBJECT 0002

Use

Procedure

To give a user access authorization, enter the object required for this authorization in this column. Enter an authorization for every object in the right column.

Via "Object list", you can display a list of objects and select objects.

You can assign any number of authorizations for an object to a user. The system cheks these authorizations using the OR collective. The user is authorized to perform an action if one of the authorizations fulfills the checking criteria for the object that is checked.

Supplementary Documentation - XUOBJECT 0004

Procedure

Specify the technical name of the authorization object you want to display.

Example: S_USER_AUT (technical name of the object "Authorization maintenance".

Generic search: Enter a character string followed by an asterisk. The system displays all the values that begin with the character string specified.

Supplementary Documentation - XUOBJECT 0005

Procedure

Enter the name of an authorization object you want to display. If it exists in the user master record, the object and the corresponding authorization are displayed.

Supplementary Documentation - XUOBJECT 0006

Procedure

Enter the name of an authorization object you want to display. If it exists in the authorization profile, the object and the corresponding authorization are displayed.

Supplementary Documentation - XUOBJECT 0008

Procedure

No restriction: Leave the field blank.

Only specific objects: Enter the name of an object.

Generic search: Enter the first character(s) of a name. All names that begin with the specified character string are listed.

Supplementary Documentation - XUOBJECT 0009

Use

Procedure

Enter the name of the object to which the authorization is assigned and whose change documents you want to display.

Examples

Dependencies

Supplementary Documentation - XUOBJECT 0010

Use

Procedure

Enter the name of the authorization object that is checked against the authorizations of the calling user when a transaction is started. If the user does not have the necessary authorizations, the start of the transaction is cancelled.

You should normally specify an object that is also checked within the program.

This check always takes place when calls are made using LEAVE TO TRANSACTION and using the entry "/n<transaction code>".

The check is only performed at CALL TRANSACTION if the current transaction code and the called transaction code are contained as a pair in the columns TCODE and CALLED of the database table TCDCOUPLES, and if the database field OKFLAG has the value "X" for that row. The required check also needs to be performed using AUTHORITY-CHECK.

Examples

Dependencies

History
Last changed by/on SAP  20130604 
SAP Release Created in