Immediately after logon we want to delete a record from a custom database table, with the userid as the key. This record is created using a web application once the user proves authentic, as an added security. The user is then allowed to navigate freely among the multiple web applications for this session. Once the user logs off or closes the browser the user has to re-authenticate.

Thanks,

david yee

Do I understand correctly?

=> So they first need to logon via SAPGui to activate the access to the web applications for the ITS.

=> If they use the ITS within a certain time after authenticating, then the "flag" should be removed to ensure that they can only use it once.

=> Subsequent attempts to use the ITS, will require to login once via SAPGui again to activate the "flag".

The other option is to write your own logon module for the ITS. This is possible (at least it is / was for the external ITS) but not as easy as a simple sales report with some columns...

However I am uncertain whether the effort is warranted, to be honest.

Cheers,

Julius

I guess my previous reply was confusing. I will explain our process. We have a group of ITS services that can be accessed during one logon session. Some of these services display confidential information that we have added another security check. Whenever the user enters or re-enters these services the security check is requested, it's the same security check for these services. Our users are unhappy to have to repeat this security check, and have requested that the security check occurs only once per session. Our solution is to enter the user id in a custom table the first time the user passed the security check, then subsequent request for security check is bypassed if the user id is found in the table. When the user logs off or exit the browser the user must pass the security check again. Our solution is to remove the used id record on logon. Hope this is clearer.

Thanks

david