Most data in the R/3 system must be protected to prevent unauthorized access. Therefore, appropriate authorization is required before a user can perform an operation in the system. After logging on to the R/3 system, the system checks the user's master record to see which ones are available
Transaction. Authorization checks must be performed for each sensitive transaction.
If you want to protect your own programmed transactions, you must perform the authorization check. This means:
? Allocate authorization objects in the transaction definition;
? Program authority-check.
Authority-check object <authorization Object>
ID <authority-field1> Field <field-value1>
ID <authority-field2> Field <field-value2>
...
ID <authority-fieldn> Field <field-valuen>.
The object parameter specifies the authorization object.
The ID parameter specifies the authorization field (in the authorization object ).
The field parameter specifies the value of the authorization field.
The authorization object and its fields must be suitable for transactions. In most cases, existing authorized objects can be used to protect data. However, newly developed projects may need to define new authorization objects and fields.