Authorization concepts within SAP are quite complex and I don't think a few comments in a forum thread is going to do you much good. SAP security is based on Roles, authorization profiles & authorization objects. Now it's been a couple of years since I did any hands-on work with SAP security, but basically you start with the authorization object. Within your ABAP program you make a call to an authorization object (either a SAP canned object or an object you have created yourself). The object is checked for various conditions and if it passes the program continues. The authorization object is then connected to an authorization profile, which in turn is connected to a role. The user are then assigned the role. Now this is really over simplified so if you would like some documentation on R3 security, please PM me your e-mail address and I will send you some PDF's. These PDF's are LARGE so make sure your e-mail account can handle attachments of at least 20 meg.

Cheers: