cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Develope website using abap webdynpro

Go to solution
Former Member

on ‎06-09-2010 12:14 PM

0 Kudos

Hi all

We r thinking about developing a sales website using abap webdypro.

This site will be distributed to our customers in order for them to make orders without needing to phone us.

We have a few points we r not sure about, I would like to hear your opinion/experience:

1. I want to develop the application on our R3 system will it mean any risk to information security?

2. Is it possible to log them in via one user automatically?

3. Can this be combined with an IIS that will take care of all security issues?

4. What means should I take in order to protect our production system ( R3 )?

5. Do any of u know about a website that was built using abap webdynpro?

Thanks,

Nitsan

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

thomas_jung
Developer Advocate
Developer Advocate
‎06-09-2010 1:13 PM
0 Kudos

>

> Hi all

>

> We r thinking about developing a sales website using abap webdypro.

> This site will be distributed to our customers in order for them to make orders without needing to phone us.

> We have a few points we r not sure about, I would like to hear your opinion/experience:

> 1. I want to develop the application on our R3 system will it mean any risk to information security?

Yes there is some risk, but there are also steps you can take to mitigate that risk. I would suggest researching SAP's available security information or contracting a system security expert for the setup. You will need to install a reverse proxy. You probably will also setup a virtual host within your ABAP AS and only expose a limited number of service aliases through this virtual host. A hardware firewall should only allow access to the ports/addresses used by the virtual host and not the entire ERP system.

> 2. Is it possible to log them in via one user automatically?

Yes. You can technically set a generic user id in the logon information of the service node. However you should discuss this with your Account Executive. You still need to be properly licensed for the users accessing the system. Just using a generic user without the proper aspects of your license agreement could come back to bite you during license audit time.

> 3. Can this be combined with an IIS that will take care of all security issues?

Probably not - depends what you mean by combined with IIS. You could login via an IIS page and then forward navigate to WDA passing URL parameters. That's about as much integration as you will get.

> 4. What means should I take in order to protect our production system ( R3 )?

Described somewhat above. Really recommend that you hire an expert consultant for the setup, however.

> 5. Do any of u know about a website that was built using abap webdynpro?

Yes I know of some. I've helped some of them with the projects. Most common scenario is for customers to expose HR eRecruting to the internet - although you see all kinds of things. Being an SAP employee, I can't share details of customer implementations unless the customer has signed an agreement to be a reference customer. So I can't give you names of the customers.

Show replies
Show replies

Answers (0)

Ask a Question