Authorization fields for an object are created manually by the programmer, by choosing Tools ® ABAP Development Workbench, Development ® Other tools ® Authorization objects ® Fields.
Use: Identifies a system element to be protected by an authorization check.
Authorization object S_TRVL_BKS with fields ACTVT (activity) and CUSTTYPE (customer type)
The fields in an authorization object are linked with data elements which are stored in the ABAP Dictionary.
The permissible values constitute an authorization. When an authorization check takes place, the system checks the values which you have specified against those required to execute the action.
The user may only execute the action if he or she satisfies the conditions for every field contained in the object.
Limitations: All authorization fields must be defined in the system development environment using the authorization maintenance functions.
Changes: Changes are only necessary if you modify your system and decide to make new system elements subject to authorization checks.