Question:
I have a question that needs some guidance from experienced security folks out here.
The transaction VF11 can be used for two purposes:
1) Cancel invoice strictly in SD that has not been released to FI
2) Cancel invoice both in SD and FI if it has already been released
The requirement from functional team member is that there should some mechanism - security build around option #2. In other words users wish to restrict security for 2) above due to financial implications.
Any ideas on what method you think this could most easily be achieved.
Thanks in advance.
Alf
Answer:
Check you ST01 authorization trace for the tcode, run once for SD deletion and once for FI deletion, you should find there are separat set of authorization objects checked for each module if memory serves...
_________________
John A. Jarboe