Short dumps with Error ID RFC_NO_AUTHORITY

You can use transaction code ST22 to analyze short dumps.

Cause and Prerequisites

Since Release 3.1G, you have been able to run RFC authorization checks based on the (called) function groups.

If the instance profile parameter 'auth/rfc_authority_check' is set to 1, the system automatically runs an RFC check. The authorization check refers to the function group of the function module to be called. If no authorization exists, a runtime error occurs.

You can first check the authorization using function module AUTHORITY_CHECK_RFC.
The system runs the RFC authorization check each time you access the called function module using RFC (the system checks the corresponding function module groups).

The authorization is checked using authorization object S_RFC.

This authorization object contains the following three fields:

• RFC_TYPE : Type of the RFC object to be protected
  This field can currently have the value 'FUGR' (function group).

• RFC_NAME : Name of the RFC object to be protected
  This field currently contains function group names.

• ACTVT : Activity
  This field can currently have the value 16 (execute).
  From Release 4.0, the authorization check is active by default (that is, auth/rfc_authority_check = 1).

Note:
This is documented. You can find further information on this in the ABAP system documentation.

Solution

You have the following options:

• With an active RFC authorization check (that is, auth/rfc_authority_check = 1):

• Assign the user the necessary authorizations for the called function groups.

• Assign the user profile S_RFC_ALL (all authorizations for executing RFCs).

• Deactivate the RFC authorization check by resetting the profile value to zero (that is, auth/rfc_authority_check = 0) for each application server and restart the server with the changed profile.