cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Principal Propagation

Go to solution
Former Member

on ‎02-23-2010 6:11 AM

0 Kudos

Hi,

What is Principal Propagation? I have read so many blogs on this. But still not understood complete flow properly. What are the Pre requisites. Is it user dependent or system dependent. Can multiple users use a single certificate ?

Thanks.

Anitha.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

former_member200962
Active Contributor
‎02-23-2010 6:15 AM
0 Kudos

I want only one user to execute the entire flow (end-to-end) and also i dont want to create users for this on all the involved systems .... in such a case you go for Principal Propagation.

Is it user dependent or system dependent

1) User Dependent....as we pass the user details

2) System Dependent....as we have store certificates which will be used for login

Show replies
Show replies
Former Member
‎02-23-2010 6:21 AM
0 Kudos

Hi Abhishek,

Thanks for your quick reply. I am using certificates. Certificates will be deployed in Sender system asweel as PI. Do I have to deploy in Receiver aswell?

If I am using these certificates , How many users from sender system can access ?

Thanks.

Anitha.

Former Member
‎02-23-2010 6:37 AM
0 Kudos

Any Help Please ?

former_member200962
Active Contributor
‎02-23-2010 6:48 AM
0 Kudos

There is no limit on the number of users that can access from the sender end

rajasekhar_reddy14
Active Contributor
‎02-23-2010 6:48 AM
0 Kudos

look into below link,if you already read ,igone it.

/people/alexander.bundschuh/blog/2007/01/16/principal-propagation-in-sap-xi

Regards,

Raj

Former Member
‎02-23-2010 6:59 AM
0 Kudos

Hi Abhishek,

I have another doubt. Do I have to install the certificates in receiver system aswell?

What will happen if I install the combination of user and system certificates?

How the Message flow will be from sender system to receiver System?

Thanks.

Anitha.

former_member183908
Active Contributor
‎02-23-2010 7:16 AM
0 Kudos

Hi Anitha,

--> In order to use the Principal propagation between the application systems first of all you need activate the principal propagation on both the systems.

-->You need make the trusted systems also.

-->Dont post many questions in a single thread create a separate a thread for the separate questions it is against the rules,i think you are new to SDN.

Thanks

former_member200962
Active Contributor
‎02-23-2010 7:28 AM
0 Kudos

In the receiver system, we have to install the certificates of XI/ PI (J2EE engine)

What will happen if I install the combination of user and system certificates

We only install System Certificates which help to pass the user details....actually we authenticate the user based on the corresponding System Certificate....in XI we authenticate using the Senders Certificate (imported in VA)...in Receiver it is of XI that we authenticate.

How the Message flow will be from sender system to receiver System?

The blog given by Raja has a description of how the message will flow from sender to receiver.

Regards,

Abhishek.

Former Member
‎02-23-2010 7:47 AM
0 Kudos

Hi Anitha,

Check whether these blogs will help you or not....

Principal Propagation with SAP NetWeaver Process Integration 7.1

/people/alexander.bundschuh/blog/2007/08/06/principal-propagation-with-sap-netweaver-process-integration-71

Principal Propagation in SAP XI

/people/alexander.bundschuh/blog/2007/01/16/principal-propagation-in-sap-xi

Regds,

Pinangshuk.

Former Member
‎02-23-2010 8:12 AM
0 Kudos

Hi Abhishek,

Thanks for your reply. I got it now. I have one more doubt. In My Scenario As XI is providing the webservice, Sender system users has to consume that webservice. But I want to Restrict unauthorized users in Sender system. For This what I have to Do ? Is System certificate is enough for this ?

Thanks.

Anitha.

former_member200962
Active Contributor
‎02-23-2010 8:22 AM
0 Kudos 
But I want to Restrict unauthorized users in Sender system

If you refer the blog by Alexander, he mentioned in one of the steps that you have to maintain users in SU01 of Xi which should be allowed to be passed through PP....this step will solve your problem:

From blog# 5579:
The propagated users have to exist on the Integration Server with the same name as in the sender and receiver system, however 
passwords could differ. Call TX SU01 to maintain users to be propagated. Assign role SAP_XI_APPL_SERV_USER to the same.

Many of your doubts will be solved in the blog....just have a good read of the same and it will help

Regards,

Abhishek.

Answers (1)

Answers (1)

Former Member
‎03-01-2010 7:44 AM
0 Kudos

When you create the users in respective systems, what is the best practice? Are you creating the users as Dialog or System users?

Show replies
Show replies
Ask a Question