Start of Content Area

Background documentation Authorizations  Locate the document in its SAP Library structure

 

Assigning RFC Authorizations in the SAP System

Take the following into account when granting RFC authorizations to users in SAP systems:

The ABAP authorization object required for using RFC is S_RFC.

The user in the SAP system needs to have this object in his or her authorization profile to be able to connect to the target system using RFC.

Defining Authorization Checks for Function Calls

Make sure that you include authorization checks for functions in the external system that can be called using RFC.

Any authorization checks in an external system must be defined in the logic of the relevant external application. The external application can access the following data, provided by RFC when the user logs on:

      Function Name

      Client

      Language

      User

      Transaction Code

Note

You can use RfcGetAttributes to query additional system data from the calling program.

More Information

For information about setting up authorization object S_RFC, see:

      Authorization Object S_RFC

For more information on defining additional authorizations for accessing external server programs:

      Restricting Access to External Server Programs

For further information about RFC network security when using external servers, see:

      Network Security and Communication

 

 

End of Content Area