{"id":1586,"date":"2013-03-08T08:02:23","date_gmt":"2013-03-08T08:02:23","guid":{"rendered":"http:\/\/sapsecurityanalyst.com\/WP\/?page_id=1586"},"modified":"2014-07-26T19:02:43","modified_gmt":"2014-07-26T19:02:43","slug":"program-authorization","status":"publish","type":"page","link":"https:\/\/sapsecurityanalyst.com\/WP\/program-authorization\/","title":{"rendered":"SAP Program authorization"},"content":{"rendered":"<p>&nbsp;<\/p>\n<p>In this post we will focus on how to secure programs. In one of our previous posts on tables, we saw that authorization group plays a very vital role for securing \u00a0tables. Program authorization group for program plays a similar role as far as securing programs are concerned. Authorization object\u00a0<strong>S_PROGRAM\u00a0<\/strong>plays the role of restricting access to a program.<\/p>\n<p>&nbsp;<\/p>\n<p>Three types of actions can be assigned to program authorization groups :<\/p>\n<ul>\n<li><span style=\"line-height: 13px;\">Starting a program<\/span><\/li>\n<li>Executing a program as a background job<\/li>\n<li>Maintaining variants<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>Authorization object\u00a0<strong>S_PROGRAM\u00a0<\/strong>has following authorization fields:<\/p>\n<ul>\n<li><span style=\"line-height: 13px;\">Authorization group ABAP program (P_GROUP)<\/span><\/li>\n<li>User action ABAP program (P_ACTION)<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>Following are the user action (permitted activities) for ABAP programs:<\/p>\n<ul>\n<li><span style=\"line-height: 13px;\"><strong>SUBMIT : <\/strong>This authorization field is used to start the program<\/span><\/li>\n<li><strong>BTCSUBMIT :\u00a0<\/strong>This field is for scheduling the program to run as a background job<\/li>\n<li><strong>VARIANT :\u00a0<\/strong>This authorization field is for maintaining variants<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>Table\u00a0<strong>TSTC\u00a0<\/strong>provides transaction code to program mapping information. Given an ABAP program, we can find out the transaction code linked to that program by using table TSTC (provided the program is linked to a tcode).<\/p>\n<p>&nbsp;<\/p>\n<p>Authorization group for a program can be created in cross client table <strong>TPGP<\/strong> \/\u00a0<strong>V_TPGP<\/strong> via tcode <strong>SM30.<\/strong><\/p>\n<p>&nbsp;<\/p>\n<p>Once a program authorization group is created, it can be linked to a program via tcode SE38 (program attributes) or via report <strong>RSCSAUTH<\/strong>.<\/p>\n<p><script>\/\/ <![CDATA[\ngoogle_ad_client = \"ca-pub-1241348474673689\";\n\/* All content above *\/\ngoogle_ad_slot = \"3293572617\";\ngoogle_ad_width = 468;\ngoogle_ad_height = 15;\n\/\/ ]]><\/script><br \/>\n<script src=\"http:\/\/pagead2.googlesyndication.com\/pagead\/show_ads.js\">\/\/ <![CDATA[\n\n\/\/ ]]><\/script><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&nbsp; In this post we will focus on how to secure programs. In one of our previous posts on tables, we saw that authorization group plays a very vital role for securing \u00a0tables. Program authorization group for program plays a similar role as far as&nbsp;<a class=\"read-more\" href=\"https:\/\/sapsecurityanalyst.com\/WP\/program-authorization\/\">&hellip;<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"_links":{"self":[{"href":"https:\/\/sapsecurityanalyst.com\/WP\/wp-json\/wp\/v2\/pages\/1586"}],"collection":[{"href":"https:\/\/sapsecurityanalyst.com\/WP\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/sapsecurityanalyst.com\/WP\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/sapsecurityanalyst.com\/WP\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sapsecurityanalyst.com\/WP\/wp-json\/wp\/v2\/comments?post=1586"}],"version-history":[{"count":10,"href":"https:\/\/sapsecurityanalyst.com\/WP\/wp-json\/wp\/v2\/pages\/1586\/revisions"}],"predecessor-version":[{"id":1905,"href":"https:\/\/sapsecurityanalyst.com\/WP\/wp-json\/wp\/v2\/pages\/1586\/revisions\/1905"}],"wp:attachment":[{"href":"https:\/\/sapsecurityanalyst.com\/WP\/wp-json\/wp\/v2\/media?parent=1586"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}