SAP RFC Authorizations

The proper SAP authorizations must be obtained before connecting to the server. It is a recommended SAP security practice to not allow RFC and DIAG access to the same user ID.

The basic authorization object used to secure RFC access is:

S_RFC: Secures the Function Group (located in authorization object class AAAB).

  • Authorization Object+S_RFC:
    • Authorization Field:RFC_TYPE
    • Authorization Value: “FUGR’ is the only valid value.
    • Authorization Field: RFC_NAME
    • Authorization Value: The name of an activated function group. For example: (“ABCD”) or ‘*’.
    • Authorization Field: ACTVT
    • Authorization Value: 16 (Execute) is the only valid value.

Individual function modules may have additional security inside their executable code. It is the requirement of the function developer or application creator to inform the users of the function or application of the authorization requirements to use the function or application. Consult the administrator to determine if there are additional authorizations required.

Individual tables may be secured from access by using the following authorization object:

S_TABU_DIS: Secures tables (located in authorization object class BC_A)

  • Authorization Object+S_TABU_DIS:
    • Authorization Field: DICBERCLS: Or (“Authorization Group”).
    • Authorization Value: For example, Table: MARA is in group “MA”.
    • Authorization Field: ACTVT
    • Authorization Value: 03 (Display)

    For a complete explanation on using this authorization object, see the SAP system documentation.

Once the correct credentials are specified for the adapter target and the correct authorizations are assembled on the SAP application system, the adapter is ready to be initialized.

本文作者: GavinDong

版权属于: GavinDong博客

文章链接: https://gavindong.com/2132.html

如果使用过程中遇到问题,可 **点击此处** 交流沟通。

版权所有,转载时必须以链接形式注明作者和原始出处及本声明。

(0)

相关文章

回复 ag

登录后才能评论

评论列表(2条)