on 09-25-2008 2:36 PM
Hello
I have a lots of scenarios that use XI´s WebService for integration. For the 3rd party systems be able to use the WebServices, they need an authentication in Web Application Server.
The question is: How can I create a user with LIMITED access to ONLY ONE Webservice in XI ?
For example, I want a user called webservice1 that can access only http://myserver:50100/XISOAPAdapter/MessageServlet?channel=:SERVICE:SOAP_Sender_CC.
I don´t wanna use HTTPS because the 3rd party systems are very limited and they don´t have HTTPS support.
Thanks
In sender agreement you have a tab called "Assigned users". Enter only the user ids you want here.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks for your help.
I put the user in Business System SYSTEM_TEST - in Assigned Users tab, and in the Sender Agreement - in Assigned Users tab also, but I´m having the following error when I test it:
<SAP:Stack>No authorization available for processing messages on Integration Server (ACL at sender service): User/Party/Service PISUPER//SYSTEM_TEST </SAP:Stack>
The user is assigned to the role SAP_XI_APPL_SERV_USER.
Thanks
In communication channel or in Receiver Agreement ? I didn´t do anything in Communication Channel. I added only in business system and in receiver agreement.
I have tested many times in lower case, upper case. There´s no space also. I have refreshed the cache also.
Thanks
Edited by: Vitor Zaninotto on Sep 25, 2008 4:54 PM
My bad. It is not in communication channels. It is only in Collaboration Agreement.
>>In communication channel or in Receiver Agreement ?
Is your receiver webservice here? If so you enter the userid maintained for that webservice in the webservice.
The user id you add to the ACL in Business sytem/collaboration agreement is the id that you create in XI system (SU01)
Yes, I have up the user in the Send Agreement. My SOAP Adapter Communication Chanel is configured there.
I´m using the correct user in webservice authentication. Its the same I created in SU01.
Without those authentication configurations (when All users can use the webservice), I can log in with this user. But when I restrict by doing the configurations, it doesn´t work.
I just made a test by restricting the service for another user and the error message is different.
When I log with a different user than the configured one, the error is:
java.security.AccessControlException: USER has no permission for accessing party service :SYSTEM_TEST...
When I log with the configured user authentication, the error is:
com.sap.aii.af.ra.ms.api.DeliveryException: XIServer:NO_EXEC_PERMISSION:....
Seems there´s still some missing configuration.
Thanks
1. Assign User to a Service
2. Assign User to a Sender Agreement
cross verify these settings is as per SAP std :
http://help.sap.com/saphelp_nw70/helpdata/EN/b1/f29e7a56e18a439984a3c6630951d2/frameset.htm
You can refer SAP Note 852237.
User | Count |
---|---|
89 | |
10 | |
10 | |
9 | |
6 | |
6 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.