I have developed an Integration Scenario which receives a SOAP request from a customers Extranet. The Integration Scenario uses the information in the SOAP request to recover relevant data from SAP CRM and then formats the recovered data into the SOAP response.

We have an issue with the user authentication in this Integration Scenario. When a user logs into the Extranet they have to supply a user name and password. It is this username and password which is then sent in the http post authentication header. The username and password to log into the Extranet are unique to the Extranet as these are usernames and password issued to the client's customers.

As these users do not exist in SAP XI the Extranet SOAP request fails as the user does not exist. The Extranet is developed using Flash and the developer can not override the http authentication header.

I think that this gives me the following options.

1 - Create all of the Extranet users in SAP XI. I am not happy with this as when passwords change the client's customers access to the required data will be disabled until the passwords are synchronised. I also do not want to have to create external users in SAP XI.

2 - Possible use of digital certificated to https instead of http. Although I am not sure if this will still require SAP XI user authentication???

3 - Disable SAP XI user authentication for the SOAP request. Not sure if this is possible. Even if it is possible I do not like the idea of disabling the user authentication unless some other form of authentication is put in it's place e.g. trusting the Extranet for comms with SAP XI.

This is quite urgent as the solution has to be available for a pending go-live.

Please can you recommend a solution?

Thanks

Gary