Know why which user has which SAP authorization
Critical authorizations
The SAP authorization concept protects transactions and programs in SAP systems on the basis of authorization objects. Authorization objects enable complex checks of an authorization that are bound to several conditions. Authorizations represent characteristics of authorization objects depending on the employee's activity and responsibility. The authorizations are combined in an authorization profile that belongs to a role. The administrator assigns the appropriate role to the employee via the user master record so that the employee can perform his or her tasks in the system.
The SAP Code Vulnerability Analyser can be used to scan both custom on-premise and on-demand applications programmed in ABAP. The SAP Code Vulnerability Analyser is included with SAP NetWeaver AS ABAP 7.02; an installation is not necessary. For details on the relevant support packages, please refer to SAP Notes 1921820 and 1841643. You do not need additional servers or additional administration. You can activate the SAP Code Vulnerability Analyser with the RSLIN_SEC_LICENSE_SETUP report, but you have to pay additional royalties for it.
Authorization concept
Once the programme implementation and documentation have been completed, a functional test will always follow. A corresponding eligibility test should not be forgotten. The permission test must include both a positive and a negative permission test.
Numbers/reminders: The payment and/or collection procedure shall be managed solely on the basis of information from the collection perspective (in particular Table BSEG). For customer and vendor transactions, the Profit Centre is not included in the SAP journal masks by default, and is therefore not available on the appropriate BSEG document lines. Since numbers and warnings are usually centrally controlled processes, this should not be a problem in practice.
Assigning a role for a limited period of time is done in seconds with "Shortcut for SAP systems" and allows you to quickly continue your go-live.
Insert SAP Notes 1656965 and 1793961 into your system.
You can also find some useful tips from practice on the subject of SAP authorizations on the page www.sap-corner.de.
SNC secures communication with or between ABAP systems, but there are also many web-based applications in SAP system landscapes.