cancel
Showing results for 
Search instead for 
Did you mean: 

SOAP Sender - minimal authorization

Former Member
0 Kudos

Hello everyone,

we are publishing a webservice in PI 7.1 by providing a corresponding SOAP Sender Adapter.

First of all - the Webservice works fine and can be successfully called from applications like SOAP-UI.

Now for our question.

For testing purposes we used an SAP_ALL-Account. However we would like to switch to a restricted technical user now. So what are the MINIMAL authorization requirements for such an user?

We have already tried serveral authorizations but we always receive the error: 'You are not authorized to view the requested resource'.

The information in the PI security guide (http://help.sap.com/saphelp_nw04s/helpdata/en/f7/c2953fc405330ee10000000a114084/frameset.htm) didn't work for us. Any clues?

Thanks and regards,

lars

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
0 Kudos

Hi,

please have a look at this thread:

Regards

Patrick

Former Member
0 Kudos

Hi Patrick,

thanks for your advice.

The thread describes a solution based upon the Visual Administrator. However Visual Admin is no longer

available with PI 7.1.

Where to assign the security role 'xi_adapter_soap_message' in PI 7.1? We didn't find any

corresponding option in NWA.

Thanks,

lars

Former Member
0 Kudos

Hi,

> However Visual Admin is no longer available with PI 7.1.

Sorry, my fault...

AFAIK these roles are:

  • SAP_XI_ADMINISTRATOR_J2EE

  • SAP_XI_APPL_SERV_USER

  • SAP_XI_DEVELOPER_J2EE

  • SAP_XI_IS_SERV_USER

Regards

Patrick

Former Member
0 Kudos

Hi Lars

I think SAP_XI_APPL_SERV_USER is enough for SOAP call as suggested by above

Give it a try.

Thanks

Gaurav

Former Member
0 Kudos

Hi,

I've just tested it with a SAP PI 7.0 and I needed only two roles:

  • SAP_XI_APPL_SERV_USER
  • SAP_XI_IS_SERV_USER

Regards,

Thorben

Answers (5)

Answers (5)

Former Member
0 Kudos

Hi,

I have created a user with the four roles that you have mentioned:

  • SAP_XI_ADMINISTRATOR_J2EE

    

  • SAP_XI_APPL_SERV_USER

    

  • SAP_XI_DEVELOPER_J2EE

    

  • SAP_XI_IS_SERV_USER

and made the User Type as Communication.

however, my user still cannot access the WebService.

Please advise.

thank you!

Former Member
0 Kudos

Hi Patrick,

you are right. The four authorizations are sufficient. Thanks for your help.

@everyone: Thanks for your efforts. The role SAP_XI_APPL_SERV_USER is not sufficient as sole athorization.

Regards,

lars

Former Member
0 Kudos

hi

ask your basis guy to provide you the proper authorization

regards

sandeep

Former Member
0 Kudos

Hi Lars

follow this thread, it has complete details about the variou user roles and authorization

http://www.erpgenie.com/sap/netweaver/xi/xiauthorizations.htm

regards

sandeep

bhavesh_kantilal
Active Contributor
0 Kudos

In PI 7.0 roles of XIAPPLUSER / PIAPPLUSER where the requisties for a SOAP Call.

I don't see any reason why this would have changed.

Give it a shot with a user of these roles on 7.1 and see if you have any issues.

Regards

Bhavesh