Checking at Program Level with AUTHORITY-CHECK
Starting Web Dynpro ABAP applications
You can access the ABAP Test Cockpit from the context menu of the object to be checked via Verify > ABAP Test Cockpit. Note that the global check variant of the Code Inspector that you created in the transaction SCI and that is entered as the default in the transaction ATC (ATC configuration) includes the security tests of the extended programme check of the SAP Code Vulnerability Analyser.
The password lock is not suitable to prevent the login to the system, because it does not prevent the login via single sign-on. Learn how to safely lock the system logon. The SAP system distinguishes several reasons for blocking. Therefore, sometimes there is confusion when a user is still able to log on to the system, e.g. via Single Sign-on (SSO), despite the password lock. We explain the differences between locking passwords, locking and validity of user accounts, and validity of assigned permissions in the following.
Make sense in maintaining proposal values
This very critical authorization can be used to electronically erase, or manipulate program runs including authorization queries in a variety of ways. This authorization should be assigned only very restrictively, for example developers need the authorization however for their daily work.
You can send a signed e-mail to the system you want to announce the certificate to. For example, this is a useful alternative when emailing addresses outside your organisation. A prerequisite for this solution is that a signature certificate exists for your SAP system, in whose certificate list the certificate authority certificate - or certificates - of your users have been imported.
Assigning a role for a limited period of time is done in seconds with "Shortcut for SAP systems" and allows you to quickly continue your go-live.
You may also want to control permissions by using these characteristics or key numbers.
Various test tools, such as the Code Inspector or the SAP Code Vulnerability Analyser, can be integrated into this.