Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Why doesn't a RFC logon update USR02 "last logon"?

Go to solution
former_member318517
Participant

‎06-09-2011 3:47 PM

0 Kudos

Hello all,

Just wondering why when RFCing into a system, say into BW to execute reports, USR02 doesn't update the last logon field for that user? Does USR02 only get updated with a dialog logon?

Thanks,

Tom

1 ACCEPTED SOLUTION

Go to solution
mvoros
Active Contributor

‎06-10-2011 12:53 AM

0 Kudos

Hi,

No, it should get updated. Check what you have in parameter login/update_logon_timestamp. Also search for OSS notes. There are some related to TRDAT and RFC.

Cheers

8 REPLIES 8

Go to solution
mvoros
Active Contributor

‎06-10-2011 12:53 AM

0 Kudos

Hi,

No, it should get updated. Check what you have in parameter login/update_logon_timestamp. Also search for OSS notes. There are some related to TRDAT and RFC.

Cheers

Go to solution
Former Member

‎06-10-2011 10:21 AM

0 Kudos

This message was moderated.

Go to solution
Former Member

‎06-11-2011 8:59 PM

0 Kudos

Which SAP release are you on? You should generally mention this dependency when asking questions.

Cheers,

Julius

Go to solution
former_member318517
Participant
In response to Former Member

‎06-14-2011 4:54 PM

0 Kudos

Thanks Julius. I did check some OSS notes, certain SRFC calls don't actually update USR02.

Go to solution
Former Member
In response to Former Member

‎06-14-2011 9:33 PM

0 Kudos

SRFC are classed by default as public functions. Where there is no authority-check, there is also no requirement to authenticate.

As the user does not need to exist even, the logon timestamp is not updated.

An example is the connection test "ping" in SM59. This is just a physical ping for the correctness of the admin data tab settings - but from the application layer using RFC (without valid logon data credentials being evaluated).

Cheers,

Julius

Go to solution
ted_dinh
Active Contributor
In response to Former Member

‎11-18-2011 4:29 PM

0 Kudos

I'm curious if you have an answer for this. We have the exact same problem with users login on to BI portal, and it doesn't stamp last logon date for the user in R/3 back end site. It looks like SAP does check for authentication (reject logon to portal if user is locked), and check for authorization when running reports.

Reading some of the old OSS notes (489768, 416402), I'm under the impression that RFC logon should also stamp logon date/time. We're in SAP BASIS 700 / release 24, and SAP_BW 700/ release 26.

We also created a message with SAP, but do not have an answer back on this just yet.

Thanks.

Go to solution
Former Member
In response to Former Member

‎11-18-2011 10:40 PM

0 Kudos

With RFC you must remember that authorization checks trigger the authentication (against which user should the authority-check be performed?).

If the user context does not have a session ID (they already are on the inside) then they are prompted for authentication.

This might be transparent as it aleady happened (e.g. logon tickets of various sorts) or an interactive logon screen appears if the client application (and middle-ware components) support it.

Then you can authenticate.

AFAIK the logon time stamp was an old mechanism to signify the status of the password only. This collided with people and programs who observe (and sometimes update...) table USR02. Public functions do not require authentication, so anyone can call them and authentication is not required.

Transaction SM19 and Sm20N will also help you further to record logons,

Cheers,

Julius

Go to solution
ted_dinh
Active Contributor
In response to Former Member

‎11-30-2011 4:06 PM

0 Kudos

Thanks, Julius.