Hello,
I am using the SAP .NET Connector 2.0 in my ASP.NET C# web application. We have successfully completed the application which updates data via BAPIs in SAP 4.6C using the users' login credentials. We have given each user appropriate authorization in the SAP instance to run the BAPI. Within the web application, we have implemented additional authorizations and business logic.
Because we do not want the users to bypass the additional business logic and authorizations, we do not want them to directly log into the SAP GUI and run the transactions via the GUI. Therefore, we need to prevent them from logging into the SAP GUI or prevent them from running the transactions.
We have also experimented with creating different user types such as reference user, but the SAP .NET Connector seems to require a dialog user.
Does anyone have any suggestions to prevent the user from bypassing the web application? Am I missing a setting that would allow the user to login via the SAP .NET Connector as a reference user? Is there a security role to allow the user to run the RFCs, but not the transactions in SAP?
thanks,
Dave
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.