Vijaya.
1) My understanding is that the authorisation objects provide access to the right data/functions in SAP and structural auths are then filters on the data. You need the former for the latter to be of any use.
2) If you don't include the user ID and password, then there is no user to connect with so testing the string will fail. This is fine. When you come to use it as an end user your end user credentials will be substituted in and it should work (assuming appropriate auths in place of course).
Regards,
Stephen.
