Problem solve Get help with specific problems with your technologies, process and projects.

Call transaction while bypassing auth check

Using the function module RS_HDSYS_CALL_TC_VARIANT, you can call a transaction to which the user doesn't have access.

Using the function module RS_HDSYS_CALL_TC_VARIANT, you can call a transaction to which the user doesn't have access...

(in auth object S_TCODE) from within a custom program. This sounds like a bad thing at first, but it is actually a good thing. How it works is that you set up a transaction variant using transaction SHD0, in which you can make any field on the screen mandatory, display-only or hidden. This means that you can limit what the user can do. You then control the user's access to the functionality of the transaction by not giving them the authorisation to run the transaction directly. They can only run it through your custom program which calls the transaction variant. For more detail on the function module see OSS note 204193.


This was last published in March 2002

Dig Deeper on SAP security administration

PRO+

Content

Find more PRO+ content and other member only offers, here.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchManufacturingERP

SearchOracle

SearchDataManagement

SearchAWS

SearchBusinessAnalytics

SearchCRM

SearchContentManagement

SearchFinancialApplications

Close