Registration

Dear SAP Community Member,
In order to fully benefit from what the SAP Community has to offer, please register at:
http://scn.sap.com
Thank you,
The SAP Community team.
Skip to end of metadata
Go to start of metadata

How to perform an authorization trace (ST01) in Solution Manager Workcenters?

Solution Manager Workcenters are based on technology WebDynpro ABAP (usually interpreted by a web browser).
When performing an authorization trace in ST01 for a Workcenter application it is important to keep the following sequence:

Preparing the ST01 trace:

  1. Verify the number of applications servers on SAP Solution Manager
    1. one application server
    2. several application servers

Performing ST01 trance:

  1. Ensure that the end user (to be traced) has closed all web browser windows.
  2. Switch on the ST01 trace with option authorization trace (you trace only a single user ID by using the filter function)
    1. on your application server
    2. on ALL application servers (you can switch the server using transaction SM51)


  3. Tell the end user to call the Work Center application in the browser
  4. The end user must logon now and navigate to the activity that you actually want to trace, but does not execute it yet
  5. Meanwhile you check, which application server the user is working on
    1. If you have only one application server, you can skip this
    2. use transaction AL08 and verify the user context
  6. Take a timestamp of the system, e.g. using System -> Status (time stamp before activity)
  7. End user can NOW perform the corresponding function.
  8. Take a timestamp of the system, e.g. using System -> Status (time stamp after activity)
  9. Stop the ST01 trace
    1. on your application server
    2. on ALL application servers (you can switch the server using transaction SM51)
  10. start Analysis (using transaction ST01) and use the time stamps that you have taken before.
    1. on your application server
    2. on the application server that you identified in step 5

Note

If the end user already opened the web browser before you started the trace, it might be that you cannot catch all required authorization checks.

3 Comments

  1. Former Member

    Note that the ST01 trace is application server specific. WDA applications are started via the message server so may well land up on a different server. Check AL08 for the user context and in Sm51 you can switch servers.

    Cheers,

    Julius

  2. Anonymous

    @Julius: Thanks for your feedback. I added the information to this page.

  3. Did you ever have struggled with the complicated list output of the authorization trace, transaction ST01?

    Well, in this case you might love this small Report ZSHOWAUTHTRACE which reads the current trace file and shows the authorization trace data in a simple to use grid format: https://wiki.sdn.sap.com/wiki/display/Snippets/Show+ST01+authorization+trace

    This report made it to become part of the standard, too. Have a look to transaction STAUTHTRACE in systems running  SAP_BASIS 7.03 or higher.