RFC Authorization 
When a remote call of a function module is made, an automatic authorization check is performed, provided the profile parameter auth/rfc_authority_check is set to 1. The authorization check uses the authorization object S_RFC to check whether the user defined in the destination has RFC authorization for the function group of the called function module.
When a function module is called remotely from within the same system, this automatic authorization check only takes place if the client and user ID are not the same. Across system boundaries, the automatic authorization check is only performed outside of trustworthy systems. Rating a system as an RFC Trusted/Trusting System is done using transaction SMT1.
The automatic authorization check is made by implicitly calling the function module AUTHORITY_CHECK_RFC, which triggers one of the exceptions defined in its interface, namely USER_DONT_EXIST or RFC_NO_AUTHORITY, in the case of missing authorization, therefore triggering a runtime error. We recommend that you call function module AUTHORITY_CHECK_RFC explicitly before a remote call, so that you will be able to handle exceptions that may arise. If authorization exists, the function module does not return an explicit result, instead, like all function modules that are performed successfully, it sets sy-subrc to 0.