on 03-18-2007 9:35 AM
We are developing web applications using Jco connector.
The default authentication approach is to use connection pooling where all different users access BAPI via default (generic) user name and password.
My question is how to authenticate current (specific) user whether he has valid permission rights for some particular transaction, because for SAP-BAPI they are all the
same user (they are establishing connection with the same user name and password.)
Are there some BAPIs for checking user permission for some transaction?
Example code are very welcome
Thanks
Marino
I believe there are BAPIs under the category security/user that will provide you with details of the user and you can always of course build your own authentication scheme on the java side based on what's on the R/3 side, but to be honest I would suggest not using a generic user if you wish to keep the current authorization structure in R/3. The R/3 structure for authorization is a maze of objects and tables - virtually a skill in itself, there are people who make a living on it and it is a constant headache on every R/3 installation and enrvironment causing many issues.
I would recommend to simply use the current logged on user details and log on to the backend. If your user is not authorized you will get an exception from JCo that you can handle in your application. Believe me, it would be a lot simpler than anything else you could implement to achieve your objective.
Cheers,
Dion
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
87 | |
10 | |
10 | |
10 | |
7 | |
6 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.