When you use Java connector you need basic authorization to read metadata of Function Module. S_RFC is an authorization object for the RFC call.
This object contains the following fields
This field may take the value 16.
In case you want a user to be able to call function modules in-group 'ABCD' remotely, following user authorization is required
| Activity ||16|
|Name of RFC object to be protected||ABCD|
|Type of protected RFC object||FUGR|
CALL FUNCTION 'AUTHORITY_CHECK_RFC' EXPORTING USERID = 'USER' FUNCTIONGROUP = 'ABCD' EXCEPTIONS RFC_NO_AUTHORITY = 1.
To assign this object to a user, Use T-Code: SU01
You can also make use of Transaction SU03 to Maintain Authorizations or SU21 to maintain Authorization Objects as below
Also, note that your SAP function module has to be "remote enabled" and this can be done using T-Code: SE37.