Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

Anonymous Logon

Former Member
0 Kudos

Hi,

I'm new to SAP security. Can anyone give me some insight on anonymous logon?

Thanks,

Wes

7 REPLIES 7

Former Member
0 Kudos

What do you want to know about it? What is the scenario as the context is important.

0 Kudos

I received a request to create user ID in our CRM environment for anonymous logon. This is a fix to an issue our project team is having with displaying attached documents. This solution was prescribed by SAP support (SAP NOTE). I'm intrigued due to the fact the ID does not need any permission at all. I would like an understanding of such a setup.

0 Kudos

Hi Wes,

Do you have the note number?

If it's portal related then Satish's answer looks good, if it's not then I'm not so sure.

0 Kudos

Yes it's portal related, the links provided helpdes a lot. By this is in reference to SAP note 606745.

-Wes

0 Kudos

> I'm intrigued due to the fact the ID does not need any permission at all.

By the sound of it, this is a "service" (see object S_SERVICE) which is not checked and whatever that service does... it is not invoking any authority or permission related checks (or is possibly running under a different user context - a service type user, or an RFC destination has the authority to do what-ever-it-does anonymously).

If that is the case, I would recommend 3 aspects to take a closer look at:

- Check your system config - to authenticate and authorize the anonymous service call.

- Who can access the service or the RFC - this is often on the application or even client side.

- Which authority does that service or RFC have - so that it cannot do more than you want it to do anonymously.

Cheers,

Julius

Former Member
0 Kudos

Hello Wes,

Anonymous logon enables you to access your SAP NetWeaver systems in anonymous mode, without providing any form of authentication

Please go through the following links for more info

http://help.sap.com/saphelp_nwmobile71/helpdata/en/43/d91d23eaca456de10000000a155369/frameset.htm

Example of an Anonymous Logon Procedure

http://help.sap.com/saphelp_nwmobile71/helpdata/en/2b/d920774b8a11d1894c0000e8323c4f/frameset.htm

Hope the above info is helpful.

Cheers,

Satish.

Former Member
0 Kudos

Thank you all.