When you use scenarios for authorization checks in your coding, create the scenario
objects as workbench objects.
Prerequisites
You call the method AUTH_CHECK_SPEC in your code.
Procedure
- Start Workbench for Switchable Authorization Check Scenarios
(transaction SACF).
- Choose (Create).
- Enter a unique name.
The scenario name must match the name you used when you called
AUTH_CHECK_SPEC in your code.
- Set the scenario status.
Scenario Status |
Description |
P |
Scenario definition is delivered as an inactive definition by the developer. The
authorization check of the scenario does not become active until an
administrator creates a productive scenario for the scenario definition.
Use this status to make nondisruptive corrections to existing
software. |
D |
Scenario definition is delivered as an active definition by the
developer. The authorization checks in the scenario are active
immediately. The administrator cannot deactivate the authorization check
in a productive scenario. The administrator can only configure logging
in the security audit log. Use this status to introduce a final binding
version of an authorization check, usually only in the newest software
version. |
- Save your entries.
You can ignore the SAP Note Number field. The SAP Note
Number field is used by SAP to document scenarios that SAP
delivers. For partners and custom developments, this field uses the SAP Note
for the switchable authorization check framework FAQ as the default
value.
For more information, see 1922808 .
Next Steps
Depending on the scenario status, you must run through your scenario to record the
authorization objects required.