cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

EH Password

ZenonK
Participant

on ‎07-27-2015 10:24 AM

0 Kudos

Gurus!

Requirement:   End User wants to see parcel tracking events via an App or External webpage.  Password has an expiry date,  End User can request a new password.

There are many abap password generators available.

I was thinking of storing the password and expiry date as control parameters.

User app (or portal) would call /SAPTRX/BAPI_EH_GET_DATA with the EH details and Password.

If the password has expired, the user would send an Event Message to generate a new password.

I don't think EM Authorization or Tracking-ids with validity dates would work fir this requirement.


Any tips or ideas?

Cheers.

Zenon

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎07-30-2015 7:27 AM
0 Kudos

Hi Zenon,

Normally this can be achieved through Single Sign On functionality where one time password can give you 24 or 48 hours or expiry access.  Then they can request another password based on that.

One-Time Password Authentication Administration Guide - One-Time Password Authentication - SAP Libra...

http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/502b548d-30cd-3110-fab0-bcad9361b...

Instead of storing password and expiry date as control parameters, you can leverage to security side to handle this.

Could you talk to Basis and Security team to achieve this instead of handling in SAP EM control parameters.

Regards

GGOPII

Show replies
Show replies
ZenonK
Participant
‎07-30-2015 8:18 AM
0 Kudos

Hi Gopi.

Thanks for the reply.

My client has created a custom UI5/Odata app that is calling the standard EM Bapis to retrieve data from the EH.  (This is a custom app and they are using EM 9.0, the standard fiori app in 9.2 does not meet the requirments).

Scenario:  end user opens the UI5 app to look at FU/FO status.  They then want to see detailed tracking info on an order, so click on a button in the app. This will call the standard EM Bapis that will retrieve detailed info.     They want to add some secuity when the EM Bapis are called.  

I discussed options with the security team and they prefered using EM  control parameters to store a password.   This password could be checked in the Bapi call.

I'll check again with the Security team.

Thanks.

Zenon.

former_member190756
Active Contributor
‎07-30-2015 1:46 PM
0 Kudos

Hi Zenon,

does this mean you want have a password per EH for FU/FO?

But even if this is the case storing password not encrypted in a normal database field for Control Parameter is not a really good idea.

You should at least encrypt it and store it in a customer table like discussed here:

Storing Passwords in custom tables | SCN

Best regards,

Steffen

Former Member
‎07-31-2015 4:14 AM
0 Kudos

Hi Zenon,

The password would contain wild characters based on security application password like 23256#@(*@#@.  Check whether this can be achieved in control parameters with CHAR type.

This is my suggestion.

Regards

GGOPII

ZenonK
Participant
‎07-28-2015 9:38 AM
0 Kudos

Some more info.

This is for the standard TM/EM ODT30 scenario.

My end user does not want to use the EM Web UI.

They will call the /SAPTRX/BAPI_EH_GET_DATA to retrieve EH data and display it in a custom app.

Maybe the tracking-id with validity dates is an option here.  I'll test.

Show replies
Show replies
former_member190756
Active Contributor
‎07-28-2015 9:58 AM
0 Kudos

Hi Zenon,

tracking-id with validity dates are thought for handling of the processing of messages.


But couldt't you just create a wrapper around /SAPTRX/BAPI_EH_GET_DATA and pass User and Password additionally to the standard parameters and at the begin of your wrapper you handle your authorization and then call /SAPTRX/BAPI_EH_GET_DATA?


This sound more feasible as the other options.


Best regards,

Steffen

ZenonK
Participant
‎07-28-2015 10:23 AM
0 Kudos

Thanks Steffen.   I'll test with the wrapper as you suggested..

Ask a Question