cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

WebDynpro / Authorization when connecting to a RFC in R/3

Go to solution
Former Member

on ‎04-13-2005 3:08 AM

0 Kudos

Hi everyone,

This is my landscape:

R/3 4.0b

BW 3.5

We don´t have EP

Since we´re developing some small WD apps. in the BW box I want to know how to authenticate the users. All WD apps will communicate with the R/3 via RFC (Bapi calls).

I don´t want the user to authenticate twice (one for the WD - against the UME) and other to the R/3 when calling the RFC. Neither want I to user a "generic" user for the R/3 connection becasue most BAPIS are for writing data, and I want to know which user wrote that data.

I got one Idea, and is not to mark the "authentication" flag in the WD app, but to create an intial view, asking for user and password, and then making and RFC_PING to the R/3 server to see if the user and pass are correct.

More questions:

a) do you think this is a good idea ? Any better ?

b)do you know if there are BAPI (RFC´s) do to an Authority Check ?

Thanks in advance,

Regards,

Miguel P.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎04-19-2005 4:25 AM
0 Kudos

hi

It is possible to use SSO with 4.0B systems. Only lower than 4.0B it is not supported. For more information refer to this link

http://help.sap.com/saphelp_nw04/helpdata/en/d3/41c8ecb31d11d5993800508b6b8b11/frameset.htm

If you cannot view content from above link Just go to

http://help.sap.com/nw04

Select Netweaver and then in ther search enter search string as "SSO in 4.0B".

This should give you a lot of documents that will help you configuring SSO in 4.0B. Its almost the same as 4.7 but with some minor changes. Let me know if u still have queries.

I have implemented this scenario in 4.7.In case you are not able to get help from the document let me know.

I guess it should not be that difficult :)..

regards

Ravi

Show replies
Show replies
Former Member
‎05-12-2005 2:12 PM
0 Kudos

Dear Collegues,

My System Landscape is as following:

Web AS 640 Java

WEB AS 640 JAVA ABAP

mySAP ERP ECC 5.0

I´m trying to establish an SSO to get Informations from the CATS Database.I read the postings above but, what about security?

Is it secure to send my Password Information through the Network and then to the backend?

Answers (1)

Answers (1)

Former Member
‎04-13-2005 2:35 PM
0 Kudos

Hi miguel

If you want to check if the user has the right to execute the RFC there is a function module called "AUTHORITY_CHECK_RFC". This will basically tell you if a user can execute a RFC.

You can try the RFC "AUTHORITY_CHECK" which will allow you to check if a user has authorization for a role.

You can follow the approach of creating a initial view asking for a username and password. You can check authorizations using the above RFC's.

regards

Ravi

Show replies
Show replies
Former Member
‎04-14-2005 12:25 AM
0 Kudos

Hi Ravi,

So if want to make like I said above,

How do I have to set the JCO connection?

I mean in the 4th step of creating a JCO there you have the following options for the User Authentication:

User/Password

Ticket

Client Certificate

User Mapping

An then how to I pass the user to the RFC ?, I mean from the context to the back end system.

You usually use the exceute() method from the model, and there are no parameters like user and password.

Thanks,

Miguel P.

achim_hauck2
Active Contributor
‎04-14-2005 12:57 PM
0 Kudos

Hi,

you can use "Ticket". Make sure, that the BW system accepts ticktes from your WD machine.

quick overview:

- setting profile parameters in BW system

- exporting certificate from WD system

- importing certificate in BW system

kr, achim

your users have to be maintained in the WD UME as well. is this the cause, you want to use your "own login screen and RFC_PING"?

you could also configure your WD system to use the BW ABAP system as user database.

Former Member
‎04-14-2005 5:06 PM
0 Kudos

Hi Achim,

The WD APP will be running in the BW Server, and I need to call RFC's from the R/3 4.0 Box.

Thanks,

Miguel P.

Former Member
‎04-15-2005 3:18 AM
0 Kudos

hi miguel

you can set up the JCO connection by either selecting ticket or user/password. You will have to do some configuration on SAP R/3 to accept tickets.

If you use User/Password then it will be a fixed user that connects to RFC.

its better to use Logon tickets to connect like what achim suggested.

regards

Ravi

Former Member
‎04-18-2005 8:55 PM
0 Kudos

Hi Ravi,

I don't think R/3 4.0b will accept logon tickets?

If yest, any Idea how to setup it?

Thanks,

Miguel P.

Former Member
‎04-18-2005 10:48 PM
0 Kudos

Hi miguel

I dont have a 4.0b system here. If you have then go to transaction "se93" and search if you have any transaction that begins with "sso". If it does then let me know because in that case it does have a facility to accept logon tickets.

regards

Ravi

Former Member
‎04-18-2005 11:19 PM
0 Kudos

Hi Ravi,

There are NO transactions starting with sso.

Any other idea?

Thanks,

Miguel P.

Ask a Question