Posted: Sun Mar 02, 2008 1:29 pm Post subject: Enhancing existing programs to allow dictionary password chk
Enhancing existing programs to allow dictionary password checking Original: geocities.com/krapinskij/abap.htm#_Enhancing_existing_programs_to_allo
There are cute program on the internet that implement a kind of dictionary password checking.
This was fine until something changed in the SAP kernel. Now the calls to check_pass are somehow checked, with the result that if they are called from a Z or Y program the user is locked and kicked out of the system, all other reports are tentatively fooled with strange data i don’t understand.. This is a bit hard a treatement for a poor sysadmin trying to get his users to choose reasonable passwords.
One argument could be that there is a very nice system to specify patterns for forbidden passwords in some table somehwere, so that users cannot choose these password. So there is no need to call the password hashing code directly. And this is true, but it is far less powerful than the good old Unix crack.
So one could want to do it anyway. And here is a “simple” way to do it.
Just copy the coding in check_pass to another form and call this form “externally” from the form set_new_pass or check_pass. And voila’ it works and you can get all password hashes that you want. It seems that the xxpass code looks at the call stack… changing the call stack seems to be the trick. Here is an example:
Code:
*---------------------------------------------------------------------*
* FORM SET_NEW_PASS *
*---------------------------------------------------------------------*
* Passwort neu setzen. *
* *
*---------------------------------------------------------------------*
FORM SET_NEW_PASS USING USER NEWCODE NEWCODE1 RC.
perform do_it in program SAPMS01J USING USER NEWCODE NEWCODE1 RC.
ENDFORM.
form do_it USING USER NEWCODE NEWCODE1 RC.
SELECT SINGLE * FROM USR02
WHERE BNAME = USER.
IF SY-SUBRC <> 0.
RC = 274.
* message e274 with user.
ENDIF.
SY-SUBRC = 0.
MOVE-CORRESPONDING USR02 TO *USR02. " note 154401/2
PERFORM SHIFT_OLD_PASS.
CALL 'XXPASS'
ID 'CODE' FIELD NEWCODE
ID 'CODX' FIELD USR02-BCODE
ID 'NAME' FIELD USR02-BNAME
ID 'VERS' FIELD USR02-CODVN
ID 'PASSCODE' FIELD USR02-PASSCODE. "new as of 6.20
CLEAR USR02-LTIME.
UPDATE USR02.
IF SY-SUBRC <> 0.
RC = 297.
* message s297.
ELSE.
PERFORM WRITE_USH02.
ENDIF.
RC = 0.
* message s277 with user.
endform.
The same works with check_pass in the same include. An easy way to get the modified version of MS01JF10 into your system could be using the include uploader
Code:
*
*Copyright (C) 2005 Krapinskij ([email protected])
*
*This program is free software; you can redistribute it and/or
*modify it under the terms of the GNU General Public License
*as published by the Free Software Foundation; either version 2
*of the License, or (at your option) any later version.
*
*This program is distributed in the hope that it will be useful,
*but WITHOUT ANY WARRANTY; without even the implied warranty of
*MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
*GNU General Public License for more details.
*
*You should have received a copy of the GNU General Public License
*along with this program; if not, write to the Free Software
*Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*
REPORT zupload_code .
PARAMETERS: pfile TYPE rlgrap-filename DEFAULT 'c:\code.txt'.
PARAMETERS: progr TYPE programm DEFAULT 'Z_CODE'.
IF sy-subrc <> 0.
WRITE: / 'Error in insert'.
EXIT.
ENDIF.
Here is the whole include:
R3TR PROG MS01JF10
Code:
* MS01JF10 Forms
* 13.09.93
*---------------------------------------------------------------------*
* FORM NEXT_PAGE *
*---------------------------------------------------------------------*
* Auf die naechste Seite schalten. *
* *
*---------------------------------------------------------------------*
FORM NEXT_PAGE USING TOPIX LOOP FILL.
Z = TOPIX + LOOP - 1.
IF Z <= FILL.
TOPIX = Z.
ENDIF.
ENDFORM.
*---------------------------------------------------------------------*
* FORM PREV_PAGE *
*---------------------------------------------------------------------*
* Auf die vorige Seite schalten. *
* *
*---------------------------------------------------------------------*
FORM PREV_PAGE USING TOPIX LOOP FILL.
TOPIX = TOPIX - LOOP + 1.
IF TOPIX < 1.
TOPIX = 1.
ENDIF.
ENDFORM.
*---------------------------------------------------------------------*
* FORM LAST_PAGE *
*---------------------------------------------------------------------*
* Auf die letzte Seite schalten. *
* *
*---------------------------------------------------------------------*
FORM LAST_PAGE USING TOPIX LOOP FILL.
TOPIX = FILL - LOOP + 1.
IF TOPIX < 1.
TOPIX = 1.
ENDIF.
ENDFORM.
*---------------------------------------------------------------------*
* FORM FIRST_PAGE *
*---------------------------------------------------------------------*
* Auf die erste Seite schalten. *
* *
*---------------------------------------------------------------------*
FORM FIRST_PAGE USING TOPIX.
TOPIX = 1.
ENDFORM.
*---------------------------------------------------------------------*
* FORM READ_USER *
*---------------------------------------------------------------------*
* Benutzer lesen. *
* (210) *
*---------------------------------------------------------------------*
FORM READ_USER USING VALUE(XUSER).
data uflag_x type x. " unicode
PERFORM READ_USR02 USING XUSER.
IF SY-SUBRC = 0 AND USR02-CLASS <> SPACE.
ENDIF.
XU213-TOPIX = 1.
UCHANGE = 0. "nichts geaendert setzen
PERFORM READ_USR04 "User-Record lesen
USING XUSER RC XU213-FILL.
LOOP AT TABUSR.
CLEAR USR11.
SELECT SINGLE * FROM USR11
WHERE LANGU = SY-LANGU
AND PROFN = TABUSR-PROFILE
AND AKTPS = AKTIVATED.
TABUSR-PTEXT = USR11-PTEXT.
MODIFY TABUSR.
ENDLOOP.
uflag_x = USR02-UFLAG. " unicode
IF uflag_x O YULOCK OR uflag_x O YUSLOC. " unicode
STATE = -1.
ELSE.
IF RC <> 0.
STATE = 0.
ELSE.
STATE = 11.
ENDIF.
ENDIF.
ABTTOPIX = 1.
ENDFORM.
*---------------------------------------------------------------------*
* FORM DEL_USER *
*---------------------------------------------------------------------*
* Einen Benutzer loeschen. *
* (210) *
*---------------------------------------------------------------------*
FORM DEL_USER USING VALUE(XUSER).
DATA: EXIST_FLAG TYPE I VALUE 0.
*
PERFORM READ_USR02 USING XUSER.
IF SY-SUBRC = 0.
EXIST_FLAG = 1.
ENDIF.
IF SY-SUBRC = 0 AND USR02-CLASS <> SPACE.
PERFORM AUTH_CHECK USING OBJ_GROUP
USR02-CLASS SPACE ACT_DELETE RC.
IF RC <> 0.
MESSAGE E493 WITH USR02-CLASS.
ENDIF.
ELSE.
PERFORM AUTH_CHECK USING OBJ_GROUP
SPACE SPACE ACT_DELETE RC.
IF RC <> 0.
MESSAGE E493 WITH USR02-CLASS.
ENDIF.
ENDIF.
IF EXIST_FLAG = 1.
CALL FUNCTION 'POPUP_TO_CONFIRM_WITH_VALUE'
EXPORTING
DEFAULTOPTION = 'Y'
OBJECTVALUE = XUSER
TEXT_BEFORE = 'Benutzer lцschen?'(072)
TEXT_AFTER = ' '
TITEL = 'Benutzer lцschen'(073)
IMPORTING
ANSWER = RET.
ELSE.
RET = 'J'.
ENDIF.
IF RET = 'J'.
* Zuerst einmal warnen, dass hier auch der Mailuser geloescht wird.
* Wenn o.k.
IF EXIST_FLAG = 1.
CALL FUNCTION 'POPUP_TO_CONFIRM_STEP'
EXPORTING DEFAULTOPTION = 'Y'
TEXTLINE1 =
'Mailbenutzer wird auch gelцscht!!!'(099)
TEXTLINE2 = 'Trotzdem lцschen ?'(098)
TITEL = 'Benutzer lцschen ?'(050)
IMPORTING ANSWER = RET.
ELSE.
RET = 'J'.
ENDIF.
IF RET = 'J'.
PERFORM DEL_USR04 USING XUSER.
RC = 0.
CALL FUNCTION 'DELETE_USER_ON_DB'
EXPORTING
USER = XUSER
EXCEPTIONS
OTHERS = 1.
CLEAR TABUSR.
REFRESH TABUSR.
UCHANGE = 0.
CLEAR USR02.
IF EXIST_FLAG = 1.
MESSAGE S232 WITH XUSER.
ELSE.
MESSAGE S211 WITH XUSER.
ENDIF.
CLEAR XU200.
ENDIF.
ENDIF.
ENDFORM.
*---------------------------------------------------------------------*
* FORM UPD_USR *
*---------------------------------------------------------------------*
* Die Tabelle usr04 aktualisieren. *
* (212) *
*---------------------------------------------------------------------*
FORM UPD_USR USING VALUE(XUSER).
PERFORM UPD_USR04
USING XUSER.
UCHANGE = 0.
IF EXT_SECURITY = '1'.
USR15-BNAME = XUSER.
MODIFY USR15.
ENDIF.
IF COPYOK <> 1.
PERFORM UPD_USR010206 USING XUSER XU213-BCODE XU213-BCODE2.
MESSAGE S226 WITH XUSER.
ELSE.
* Kopierter Benutzer ist zu sichern.
PERFORM COPY_USR02 USING XUSER XU213-BCODE XU213-BCODE2.
CALL FUNCTION 'SLIC_COPY_USER'
EXPORTING
REFUSER = XU150-VON
NEWUSER = XUSER.
* Zuordnung zur Aktivitдtsgruppe ggf. mitkopieren
* CALL FUNCTION 'RH_USER_ACTGROUP_REL_COPY'
* EXPORTING
* ORIG_USER = XU150-VON
* NEW_USER = XUSER
* EXCEPTIONS
* ERROR_DURING_INSERT = 1
* NO_ACTGROUP_FOUND = 2
* ORIG_USER_NOT_FOUND = 3
* NEW_USER_NOT_FOUND = 4
* NO_PLVAR_FOUND = 5
* ERROR_IN_ENQUEUE = 6
* OTHERS = 7. veraltet
IF XU150-SELFEST = 'x' OR XU150-SELFEST = 'X'.
PERFORM COPY_USR01 USING XU150-VON XUSER.
ELSE.
PERFORM INSERT_USR01 USING XUSER.
ENDIF.
IF XU150-SELADRE = 'x' OR XU150-SELADRE = 'X'.
PERFORM COPY_USR03 USING XU150-VON XUSER.
ENDIF.
IF XU150-SELPARA = 'x' OR XU150-SELPARA = 'X'.
PERFORM COPY_USR05 USING XU150-VON XUSER.
CALL FUNCTION 'VARI_USER_VARS_COPY'
EXPORTING
USER_FROM = XU150-VON
USER_TO = XUSER
* CHANGE_EXISTING_VALUES = ' '
* tables
* PARAMIDS =
EXCEPTIONS
NO_PARAMID_SELECTED = 1
INVALID_USER_FROM = 2
INVALID_USER_TO = 3
OBJECT_LOCKED = 4
ENQUEUE_INTERNAL_ERROR = 5
OTHERS = 6.
ENDIF.
IF XU150-SELMENU = 'x' OR XU150-SELMENU = 'X'.
PERFORM COPY_USRMENUE USING XU150-VON XUSER.
ENDIF.
MESSAGE S201 WITH XU150-VON XU150-NACH.
CLEAR COPYOK.
ENDIF.
PERFORM SAVED.
* commit work.
IF INSERTFLAG = 1.
CALL FUNCTION 'SO_OFFICE_USER_INSERT'
EXPORTING SAPNAME = XUSER
EXCEPTIONS OTHERS = 1.
ENDIF.
ENDFORM.
*---------------------------------------------------------------------*
* FORM INSERT_PRO *
*---------------------------------------------------------------------*
* Ein Profile in die interne Tabelle tabusr schreiben. *
* (212) *
*---------------------------------------------------------------------*
FORM INSERT_PRO_OLD USING VALUE(PROFILE) DIVISION L.
IF PROFILE = SPACE.
Z = 0.
Z1 = L - DEL.
LOOP AT TABUSR.
Z = Z + 1.
IF Z = Z1.
XU213-FILL = XU213-FILL - 1.
DEL = DEL + 1.
DELETE TABUSR.
EXIT.
ENDIF.
ENDLOOP.
ELSE.
PERFORM EXIST_USR10
USING PROFILE AKTIVATED BLANK RC.
IF RC <> 0.
MESSAGE E225 WITH PROFILE.
ELSE.
FOUND = 0.
LOOP AT TABUSR.
IF TABUSR-PROFILE = PROFILE.
MESSAGE S268 WITH PROFILE.
FOUND = 1.
EXIT.
ENDIF.
ENDLOOP.
IF FOUND = 0.
Z = 0.
Z1 = L - DEL.
LOOP AT TABUSR.
Z = Z + 1.
IF Z = Z1.
XU213-FILL = XU213-FILL - 1.
DELETE TABUSR.
EXIT.
ENDIF.
ENDLOOP.
TABUSR-PROFILE = PROFILE.
APPEND TABUSR.
XU213-FILL = XU213-FILL + 1.
SORT TABUSR.
IF XU213-FILL >= MAXUSR.
MESSAGE S263.
ENDIF.
ENDIF.
ENDIF.
ENDIF.
ENDFORM.
*---------------------------------------------------------------------*
* FORM MESSAGE *
*---------------------------------------------------------------------*
* *
*---------------------------------------------------------------------*
FORM MESSAGE.
CASE STATE.
WHEN -1.
STAT-SAVED = 'GESPERRT'(084).
WHEN 0.
STAT-SAVED = 'neu'(081).
* STAT-SAVED = 'ungesichert'(080).
* STAT-STATE = 'neu'(081).
WHEN 1.
STAT-SAVED = 'ungesichert'(080).
STAT-STATE = 'ьberarb.'(082).
WHEN 10.
STAT-SAVED = 'gesichert'(083).
STAT-STATE = 'neu'(081).
WHEN 11.
STAT-SAVED = 'gesichert'(083).
STAT-STATE = 'ьberarb.'(082).
WHEN 12.
STAT-SAVED = 'gesichert'(083).
STAT-STATE = 'aktiv'(015).
ENDCASE.
ENDFORM.
*---------------------------------------------------------------------*
* FORM SAVED *
*---------------------------------------------------------------------*
* *
*---------------------------------------------------------------------*
FORM SAVED.
STATE = 11.
ENDFORM.
*---------------------------------------------------------------------*
* FORM NOTSAVED *
*---------------------------------------------------------------------*
* *
*---------------------------------------------------------------------*
FORM NOTSAVED.
STATE = 1.
ENDFORM.
*---------------------------------------------------------------------*
* FORM SET_STATUS *
*---------------------------------------------------------------------*
* *
*---------------------------------------------------------------------*
FORM SET_STATUS USING DNR.
CASE DNR.
WHEN 150.
SET PF-STATUS '0150'.
SET TITLEBAR '150'.
WHEN 155.
SET PF-STATUS '0155'.
SET TITLEBAR '155'.
WHEN 200.
SET PF-STATUS '0200'.
SET TITLEBAR '200'.
WHEN 213.
SET PF-STATUS '0213'.
SET TITLEBAR '213'.
WHEN 217.
SET PF-STATUS '0217'.
SET TITLEBAR '213'.
WHEN 300.
* set pf-status '0300'.
* set titlebar '300'.
WHEN 310.
IF STATFLAG = 1.
SET PF-STATUS '0311'.
ELSE.
SET PF-STATUS '0310'.
ENDIF.
SET TITLEBAR '310'.
WHEN 320.
IF STATFLAG = 1.
SET PF-STATUS '0321'.
ELSE.
SET PF-STATUS '0320'.
ENDIF.
SET TITLEBAR '320'.
WHEN 330.
SET PF-STATUS '0330'.
SET TITLEBAR '330'.
WHEN 340.
SET PF-STATUS '0340'.
SET TITLEBAR '340'.
WHEN 350.
IF STATFLAG = 1.
SET PF-STATUS '0351'.
ELSE.
SET PF-STATUS '0350'.
ENDIF.
SET TITLEBAR '350'.
WHEN 360.
SET PF-STATUS '0360'.
SET TITLEBAR '360'.
WHEN 390.
SET PF-STATUS '0390'.
SET TITLEBAR '390'.
WHEN 391.
SET PF-STATUS '0391'.
SET TITLEBAR '390'.
WHEN 400.
SET PF-STATUS '0400'.
SET TITLEBAR '400'.
WHEN 777.
SET PF-STATUS '0777'.
SET TITLEBAR '777'.
ENDCASE.
ENDFORM.
*---------------------------------------------------------------------*
* FORM XAMMA_OLD *
*---------------------------------------------------------------------*
* ........ *
*---------------------------------------------------------------------*
* --> ALPHA *
* --> BETA *
*---------------------------------------------------------------------*
FORM XAMMA_OLD USING ALPHA BETA.
PERFORM AUTH_CHECK USING OBJ_GROUP
ALPHA SPACE SPACE RC.
IF RC <> 0.
MESSAGE E413 WITH ALPHA.
ENDIF.
ENDFORM.
*---------------------------------------------------------------------*
* FORM XELTA_OLD *
*---------------------------------------------------------------------*
* ........ *
*---------------------------------------------------------------------*
* --> ALPHA *
* --> BETA *
*---------------------------------------------------------------------*
FORM XELTA_OLD USING ALPHA BETA.
PERFORM AUTH_CHECK USING OBJ_PROF ALPHA SPACE SPACE RC.
IF RC <> 0.
MESSAGE E410 WITH ALPHA.
ENDIF.
ENDFORM.
*---------------------------------------------------------------------*
* FORM READ_USR01. *
*---------------------------------------------------------------------*
* Tabellen usr01 lesen. *
* *
*---------------------------------------------------------------------*
FORM READ_USR01 USING USER.
CLEAR USR01.
SELECT SINGLE * FROM USR01
WHERE BNAME = USER.
IF SY-SUBRC <> 0.
USR01-BNAME = USER.
ENDIF.
ENDFORM.
*---------------------------------------------------------------------*
* FORM UPD_USR01 *
*---------------------------------------------------------------------*
* Tabellen usr01 updaten. *
* *
*---------------------------------------------------------------------*
FORM UPD_USR01.
MOVE-CORRESPONDING USR01 TO *USR01.
SELECT SINGLE * FROM USR01
WHERE BNAME = USR01-BNAME.
MOVE-CORRESPONDING *USR01 TO USR01.
IF SY-SUBRC = 0.
UPDATE USR01.
ELSE.
INSERT USR01.
ENDIF.
IF SY-SUBRC <> 0.
MESSAGE S297.
ENDIF.
MESSAGE S280 WITH USR01-BNAME.
ENDFORM.
*---------------------------------------------------------------------*
* FORM READ_USR03. *
*---------------------------------------------------------------------*
* Tabellen usr03 lesen. *
* *
*---------------------------------------------------------------------*
FORM READ_USR03 USING VALUE(USER).
DATA: USER1 LIKE USR03-BNAME. "USR0340A
USER1 = USER.
CLEAR USR03. "USR0340A
SELECT SINGLE * FROM USR03
WHERE BNAME = USER1. "USR0340A
ENDFORM.
*---------------------------------------------------------------------*
* FORM UPD_USR03 *
*---------------------------------------------------------------------*
* Tabellen usr03 updaten. *
* *
*---------------------------------------------------------------------*
FORM UPD_USR03 USING USERNAME.
SET EXTENDED CHECK OFF.
DATA: BEGIN OF ADDRESS_DATA.
INCLUDE STRUCTURE SADRP_1USR.
DATA: END OF ADDRESS_DATA.
*
MOVE-CORRESPONDING USR03 TO *USR03.
SELECT SINGLE * FROM USR03
WHERE BNAME = USERNAME.
MOVE-CORRESPONDING *USR03 TO USR03.
IF SY-SUBRC = 0.
UPDATE USR03.
ELSE.
USR03-MANDT = SY-MANDT.
USR03-BNAME = USERNAME.
INSERT USR03.
ENDIF.
IF SY-SUBRC <> 0.
MESSAGE S297.
ENDIF.
MESSAGE S281 WITH USR03-BNAME.
*---------------------------------------------------------------------*
* FORM READ_USR05. *
*---------------------------------------------------------------------*
* Tabelle usr05 lesen. *
* *
*---------------------------------------------------------------------*
FORM READ_USR05 USING USER.
PARFILL = 0.
PARTOPIX = 1.
CLEAR TABPAR.
REFRESH TABPAR.
CLEAR USR05.
SELECT * FROM USR05
WHERE BNAME = USER.
MOVE-CORRESPONDING USR05 TO TABPAR.
PARFILL = PARFILL + 1.
APPEND TABPAR.
ENDSELECT.
ENDFORM.
*---------------------------------------------------------------------*
* FORM UPD_USR05 *
*---------------------------------------------------------------------*
* Parameter updaten. *
* *
*---------------------------------------------------------------------*
FORM UPD_USR05 USING USERNAME.
DELETE FROM USR05
WHERE BNAME = USERNAME.
USR05-MANDT = SY-MANDT.
USR05-BNAME = USERNAME.
LOOP AT TABPAR.
MOVE-CORRESPONDING TABPAR TO USR05.
INSERT USR05.
IF SY-SUBRC <> 0.
MESSAGE S297.
ENDIF.
IF USERNAME = SY-UNAME.
SET PARAMETER ID TABPAR-PARID FIELD TABPAR-PARVA.
ENDIF.
ENDLOOP.
MESSAGE S288.
ENDFORM.
*---------------------------------------------------------------------*
* FORM LOCK_USER. *
*---------------------------------------------------------------------*
* Benutzer sperren. *
* *
*---------------------------------------------------------------------*
FORM LOCK_USER USING USER.
SELECT SINGLE * FROM USR02
WHERE BNAME = USER.
IF SY-SUBRC <> 0.
MESSAGE E274 WITH USER.
ENDIF.
MOVE-CORRESPONDING USR02 TO *USR02.
PERFORM AUTH_CHECK USING OBJ_GROUP
USR02-CLASS SPACE ACT_LOCK RC.
IF RC <> 0.
MESSAGE E494 WITH USR02-CLASS.
ENDIF.
PERFORM FLAG_SET USING USR02-UFLAG YUSLOC.
UPDATE USR02.
IF SY-SUBRC <> 0.
MESSAGE S297.
ELSE.
PERFORM WRITE_USH02.
ENDIF.
MESSAGE S275 WITH USER.
ENDFORM.
*---------------------------------------------------------------------*
* FORM UNLOCK_USER. *
*---------------------------------------------------------------------*
* Benutzer entsperren. *
* *
*---------------------------------------------------------------------*
FORM UNLOCK_USER USING USER.
SELECT SINGLE * FROM USR02
WHERE BNAME = USER.
IF SY-SUBRC <> 0.
MESSAGE E274 WITH USER.
ENDIF.
MOVE-CORRESPONDING USR02 TO *USR02.
PERFORM AUTH_CHECK USING OBJ_GROUP
USR02-CLASS SPACE ACT_LOCK RC.
IF RC <> 0.
MESSAGE E494 WITH USR02-CLASS.
ENDIF.
CLEAR USR02-LOCNT.
PERFORM FLAG_RESET USING USR02-UFLAG YULOCK.
PERFORM FLAG_RESET USING USR02-UFLAG YUSLOC.
UPDATE USR02.
IF SY-SUBRC <> 0.
MESSAGE S297.
ELSE.
PERFORM WRITE_USH02.
ENDIF.
MESSAGE S276 WITH USER.
ENDFORM.
*---------------------------------------------------------------------*
* FORM SET_NEW_PASS *
*---------------------------------------------------------------------*
* Passwort neu setzen. *
* *
*---------------------------------------------------------------------*
FORM SET_NEW_PASS USING USER NEWCODE NEWCODE1 RC.
perform do_it in program SAPMS01J USING USER NEWCODE NEWCODE1 RC.
ENDFORM.
form do_it USING USER NEWCODE NEWCODE1 RC.
SELECT SINGLE * FROM USR02
WHERE BNAME = USER.
IF SY-SUBRC <> 0.
RC = 274.
* message e274 with user.
ENDIF.
SY-SUBRC = 0.
MOVE-CORRESPONDING USR02 TO *USR02. " note 154401/2
PERFORM SHIFT_OLD_PASS.
CALL 'XXPASS'
ID 'CODE' FIELD NEWCODE
ID 'CODX' FIELD USR02-BCODE
ID 'NAME' FIELD USR02-BNAME
ID 'VERS' FIELD USR02-CODVN
ID 'PASSCODE' FIELD USR02-PASSCODE. "new as of 6.20
CLEAR USR02-LTIME.
UPDATE USR02.
IF SY-SUBRC <> 0.
RC = 297.
* message s297.
ELSE.
PERFORM WRITE_USH02.
ENDIF.
RC = 0.
* message s277 with user.
endform.
*---------------------------------------------------------------------*
* FORM USER_STATE *
*---------------------------------------------------------------------*
* Benutzerstatus anzeigen. *
* *
*---------------------------------------------------------------------*
FORM USER_STATE USING USER.
data uflag_x type x. " unicode
SET PF-STATUS 'STAT'.
SELECT SINGLE * FROM USR02
WHERE BNAME = USER.
uflag_x = USR02-UFLAG. " unicode
SKIP 2.
IF SY-SUBRC <> 0.
WRITE: / 'Benutzer ist nicht vorhanden.'(051), USER.
ELSE.
IF uflag_x Z YULOCK AND uflag_x Z YUSLOC. " unicode
WRITE: / 'Benutzer ist nicht gesperrt. '(052), USER.
ELSE.
IF uflag_x O YULOCK. " unicode
WRITE: / ' Benutzer durch Falschanmeldungen gesperrt !!!'(054),
USER.
ENDIF.
IF uflag_x O YUSLOC. " unicode
WRITE: / 'Benutzer durch Systemmanager gesperrt !!!'(055),
USER.
ENDIF.
ENDIF.
ENDIF.
ENDFORM.
*---------------------------------------------------------------------*
* FORM USER_DUMP *
*---------------------------------------------------------------------*
* Benutzerdump anzeigen. *
* *
*---------------------------------------------------------------------*
FORM USER_DUMP USING USER.
SET PF-STATUS 'STAT'.
SELECT SINGLE * FROM USR02
WHERE BNAME = USER.
PERFORM AUTH_CHECK USING OBJ_GROUP
USR02-CLASS SPACE ACT_LOCK RC.
IF RC <> 0.
MESSAGE E494 WITH USR02-CLASS.
ENDIF.
SKIP 2.
IF SY-SUBRC <> 0.
WRITE: / 'Benutzer ist nicht vorhanden.'(051), USER.
ELSE.
WRITE: / ' Mandant: '(102), USR02-MANDT,
/ ' Name: '(103), USR02-BNAME,
/ ' Code: '(104), USR02-BCODE,
/ ' gueltig von: '(105), USR02-GLTGV,
/ ' gueltig bis: '(106), USR02-GLTGB,
/ ' Benutzertyp: '(107), USR02-USTYP,
/ ' Benutzerklasse:'(108), USR02-CLASS,
/ ' Zaehler: '(109), USR02-LOCNT,
/ ' Flage: '(110), USR02-UFLAG,
/ ' Account-ID: '(111), USR02-ACCNT,
/ ' Anleger: '(112), USR02-ANAME,
/ ' Anlegedatum: '(113), USR02-ERDAT,
/ ' Letzter Logon: '(114), USR02-TRDAT,
/ ' Logonzeit: '(116), USR02-LTIME,
/ ' Alter Code 1: '(117), USR02-OCOD1,
/ ' Datum Code 1: '(118), USR02-BCDA1,
/ ' Codeversion 1: '(119), USR02-CODV1,
/ ' Alter Code 2: '(120), USR02-OCOD2,
/ ' Datum Code 2: '(121), USR02-BCDA2,
/ ' Codeversion 2: '(122), USR02-CODV2,
/ ' Alter Code 3: '(123), USR02-OCOD3,
/ ' Datum Code 3: '(124), USR02-BCDA3,
/ ' Codeversion 3: '(125), USR02-CODV3,
/ ' Alter Code 4: '(126), USR02-OCOD4,
/ ' Datum Code 4: '(127), USR02-BCDA4,
/ ' Codeversion 4: '(128), USR02-CODV4,
/ ' Alter Code 5: '(129), USR02-OCOD5,
/ ' Datum Code 5: '(130), USR02-BCDA5,
/ ' Codeversion 5: '(131), USR02-CODV5,
/ ' Codeversion: '(132), USR02-VERSN.
ENDIF.
ENDFORM.
*---------------------------------------------------------------------*
* FORM FLAG_SET *
*---------------------------------------------------------------------*
* In FLAGBYTE das Bit SINGLEBIT setzen. *
*---------------------------------------------------------------------*
FORM FLAG_SET USING FLAGBYTE SINGLEBIT.
IF FLAGBYTE Z SINGLEBIT.
FLAGBYTE = FLAGBYTE + SINGLEBIT.
ENDIF.
ENDFORM.
*---------------------------------------------------------------------*
* FORM FLAG_RESET *
*---------------------------------------------------------------------*
* In FLAGBYTE das Bit SINGLEBIT zurьcksetzen. *
*---------------------------------------------------------------------*
FORM FLAG_RESET USING FLAGBYTE SINGLEBIT.
IF FLAGBYTE O SINGLEBIT.
FLAGBYTE = FLAGBYTE - SINGLEBIT.
ENDIF.
ENDFORM.
*---------------------------------------------------------------------*
* FORM ANW_TRANS *
*---------------------------------------------------------------------*
* In Anwendertransaktionen verzweigen zum pflegen der Festwerte *
*---------------------------------------------------------------------*
FORM START_USER_MASS_MAINT.
CASE FCODE.
WHEN 'SU10'. "Profil allen Benutzern hinzuf. od. loesch.
PERFORM AUTH_CHECK(SAPMS01C) USING OBJ_GROUP
'*' SPACE ACT_CHANGE RC.
IF RC <> 0.
CLEAR FCODE.
MESSAGE E499.
ENDIF.
CALL TRANSACTION FCODE.
WHEN 'SU12'. "Alle Benutzer loeschen
PERFORM AUTH_CHECK(SAPMS01C) USING OBJ_GROUP
'*' SPACE ACT_DELETE RC.
IF RC <> 0.
CLEAR FCODE.
MESSAGE E499.
ENDIF.
CALL TRANSACTION FCODE.
*
* Die Transaktionen aufrufen fuer die Anwendungsfestwerte
*
WHEN 'NBU1'. "Die Festwerte des Krankenhausprojekts
SELECT SINGLE * FROM TSTC
WHERE TCODE = 'NBU1'.
IF SY-SUBRC <> 0.
MESSAGE S530.
ELSE.
CALL TRANSACTION FCODE AND SKIP FIRST SCREEN.
ENDIF.
ENDCASE.
CLEAR FCODE.
ENDFORM.
*---------------------------------------------------------------------*
* FORM INSERT_PROFILE *
*---------------------------------------------------------------------*
* Ein Profil in einen Benutzer eintragen *
*---------------------------------------------------------------------*
FORM INSERT_PROFILE USING VALUE(PROFILE) FILL.
PERFORM EXIST_USR10
USING PROFILE AKTIVATED SPACE RC.
IF RC <> 0.
MESSAGE S247 WITH PROFILE.
ELSE.
PERFORM AUTH_CHECK USING OBJ_PROF
PROFILE SPACE ACT_INCLUDE RC.
IF RC <> 0.
MESSAGE S478 WITH PROFILE.
ELSE.
FOUND = 0.
LOOP AT TABUSR.
IF TABUSR-PROFILE = PROFILE.
FOUND = 1.
MESSAGE S268 WITH PROFILE.
EXIT.
ENDIF.
ENDLOOP.
IF FOUND = 0.
CLEAR TABUSR.
TABUSR-PROFILE = PROFILE.
IF USR10-TYP = COLECTPROF.
TABUSR-SAMPROF = 'X'.
ENDIF.
* Profiletext lesen
CLEAR USR11.
SELECT SINGLE * FROM USR11
WHERE LANGU = SY-LANGU
AND PROFN = TABUSR-PROFILE
AND AKTPS = AKTIVATED.
TABUSR-PTEXT = USR11-PTEXT.
*
APPEND TABUSR.
FILL = FILL + 1.
IF FILL >= MAXUSR.
MESSAGE S269.
ENDIF.
UCHANGE = 1.
PERFORM NOTSAVED.
ENDIF.
ENDIF.
ENDIF.
ENDFORM.
*&---------------------------------------------------------------------*
*& Form LIST_PROFS_OF_USER
*&---------------------------------------------------------------------*
FORM LIST_PROFS_OF_USER.
LOOP AT TABUSR.
POSITION 1. WRITE TABUSR-PROFILE INPUT.
* POSITION 13. WRITE SY-VLINE.
* POSITION 15. WRITE TABUSR-SAMPROF.
POSITION 13. WRITE SY-VLINE.
POSITION 14. WRITE TABUSR-PTEXT.
ENDLOOP.
ENDFORM. " LIST_PROFS_OF_USER
*---------------------------------------------------------------------*
* FORM LOAD_INTPRO. *
*---------------------------------------------------------------------*
* Die interne Tabelle intpro mit allen Profilen laden *
*---------------------------------------------------------------------*
FORM LOAD_INTPRO.
IF INTPRO_LOADED = 0.
CLEAR INTPRO.
REFRESH INTPRO.
SELECT * FROM USR10
WHERE AKTPS = AKTIVATED.
PERFORM AUTH_CHECK USING OBJ_PROF
USR10-PROFN SPACE ACT_INCLUDE RC.
IF RC = 0.
INTPRO-PROFILE = USR10-PROFN.
CLEAR USR11.
SELECT SINGLE * FROM USR11
WHERE LANGU = SY-LANGU
AND PROFN = USR10-PROFN
AND AKTPS = USR10-AKTPS.
INTPRO-PTEXT = USR11-PTEXT.
IF USR10-TYP = COLECTPROF.
INTPRO-SAMPROF = 'X'.
ELSE.
INTPRO-SAMPROF = ' '.
ENDIF.
IF USR10-AKTPS = AKTIVATED.
INTPRO-AKTPAS = 'X'.
ELSE.
INTPRO-AKTPAS = ' '.
ENDIF.
APPEND INTPRO.
ENDIF.
ENDSELECT.
INTPRO_LOADED = 1.
LOOP AT INTPRO.
FOUND = 0.
LOOP AT TABUSR.
IF TABUSR-PROFILE = INTPRO-PROFILE.
FOUND = 1.
EXIT.
ENDIF.
ENDLOOP.
IF FOUND = 0.
MOVE-CORRESPONDING INTPRO TO INTPRO2.
APPEND INTPRO2.
XU213-FILL2 = XU213-FILL2 + 1.
ENDIF.
ENDLOOP.
ENDIF.
ENDFORM.
*&---------------------------------------------------------------------*
*& Form LIST_THE_PROFS
*&---------------------------------------------------------------------*
FORM LIST_THE_PROFS.
LOOP AT INTPRO.
POSITION 1. WRITE INTPRO-PROFILE.
POSITION 13. WRITE SY-VLINE.
POSITION 14. WRITE INTPRO-PTEXT.
ENDLOOP.
ENDFORM. " LIST_THE_PROFS
*&---------------------------------------------------------------------*
*& Form SEARCH_PROFILES
*&---------------------------------------------------------------------*
FORM SEARCH_PROFILES.
CALL SCREEN 504 STARTING AT 40 15 ENDING AT 78 18.
ENDFORM. " SEARCH_PROFILES
* as of 6.20 there's a new CODVN !
if USR02-CODVN = 'C'.
* value of PASSCODE (160 bit) needs to be folded to fit into
* field OCOD1 (64 bit) ... - both are RAW fields (unicode-safe)
* (this needs to be the same XOR sequence as in the kernel!)
USR02-OCOD1 = USR02-PASSCODE(8) BIT-XOR
USR02-PASSCODE+12(8).
USR02-OCOD1+2(4) = USR02-OCOD1+2(4) BIT-XOR
USR02-PASSCODE+8(4).
else.
USR02-OCOD1 = USR02-BCODE.
endif.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
All product names are trademarks of their respective companies. SAPNET.RU websites are in no way affiliated with SAP AG. SAP, SAP R/3, R/3 software, mySAP, ABAP, BAPI, xApps, SAP NetWeaver and any other are registered trademarks of SAP AG. Every effort is made to ensure content integrity. Use information on this site at your own risk.
