on 04-13-2005 3:08 AM
Hi everyone,
This is my landscape:
R/3 4.0b
BW 3.5
We don´t have EP
Since we´re developing some small WD apps. in the BW box I want to know how to authenticate the users. All WD apps will communicate with the R/3 via RFC (Bapi calls).
I don´t want the user to authenticate twice (one for the WD - against the UME) and other to the R/3 when calling the RFC. Neither want I to user a "generic" user for the R/3 connection becasue most BAPIS are for writing data, and I want to know which user wrote that data.
I got one Idea, and is not to mark the "authentication" flag in the WD app, but to create an intial view, asking for user and password, and then making and RFC_PING to the R/3 server to see if the user and pass are correct.
More questions:
a) do you think this is a good idea ? Any better ?
b)do you know if there are BAPI (RFC´s) do to an Authority Check ?
Thanks in advance,
Regards,
Miguel P.
hi
It is possible to use SSO with 4.0B systems. Only lower than 4.0B it is not supported. For more information refer to this link
http://help.sap.com/saphelp_nw04/helpdata/en/d3/41c8ecb31d11d5993800508b6b8b11/frameset.htm
If you cannot view content from above link Just go to
Select Netweaver and then in ther search enter search string as "SSO in 4.0B".
This should give you a lot of documents that will help you configuring SSO in 4.0B. Its almost the same as 4.7 but with some minor changes. Let me know if u still have queries.
I have implemented this scenario in 4.7.In case you are not able to get help from the document let me know.
I guess it should not be that difficult :)..
regards
Ravi
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Dear Collegues,
My System Landscape is as following:
Web AS 640 Java
WEB AS 640 JAVA ABAP
mySAP ERP ECC 5.0
I´m trying to establish an SSO to get Informations from the CATS Database.I read the postings above but, what about security?
Is it secure to send my Password Information through the Network and then to the backend?
Hi miguel
If you want to check if the user has the right to execute the RFC there is a function module called "AUTHORITY_CHECK_RFC". This will basically tell you if a user can execute a RFC.
You can try the RFC "AUTHORITY_CHECK" which will allow you to check if a user has authorization for a role.
You can follow the approach of creating a initial view asking for a username and password. You can check authorizations using the above RFC's.
regards
Ravi
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Ravi,
So if want to make like I said above,
How do I have to set the JCO connection?
I mean in the 4th step of creating a JCO there you have the following options for the User Authentication:
User/Password
Ticket
Client Certificate
User Mapping
An then how to I pass the user to the RFC ?, I mean from the context to the back end system.
You usually use the exceute() method from the model, and there are no parameters like user and password.
Thanks,
Miguel P.
Hi,
you can use "Ticket". Make sure, that the BW system accepts ticktes from your WD machine.
quick overview:
- setting profile parameters in BW system
- exporting certificate from WD system
- importing certificate in BW system
kr, achim
your users have to be maintained in the WD UME as well. is this the cause, you want to use your "own login screen and RFC_PING"?
you could also configure your WD system to use the BW ABAP system as user database.
hi miguel
you can set up the JCO connection by either selecting ticket or user/password. You will have to do some configuration on SAP R/3 to accept tickets.
If you use User/Password then it will be a fixed user that connects to RFC.
its better to use Logon tickets to connect like what achim suggested.
regards
Ravi
User | Count |
---|---|
81 | |
9 | |
9 | |
7 | |
7 | |
6 | |
6 | |
6 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.