I recently faced authorization issue. As usually I sent an output of t-code SU53 which is evaluate of authorization check to SAP security team. As colleague from the security had some issues with finding the objects which authorization was missing to be granted for my user we sat together to see the issue. While we were working on it he showed my new interesting t-code of which existence I wasn’t aware before. It is the t-code STAUTHTRACE.
The t-code allows system-wide trace evaluation. This solves very common issue in case of system with multiple application servers. In such a case you need to perform analysis of authorization checks on particular server where user is logged to.
The trace in the t-code is very detailed. It basically shows all trace (similarly to t-code SU22) needed for analyze any kind of AUT issues. The trace so detailed but is limited authorization checks only.
The new t-code is available as of following NW releases: NW Basis 700 SP27, 701 SP12, 702 SP12, 730 SP8, 731 SP5 and NW 74+.
1707841 - STAUTHTRACE: System-wide trace evaluation
1603756 - Using StAuthTrace to record authorization checks