on 09-24-2015 2:18 PM
Hi All,
Description:
We recently upgraded our ERP landscape from ERP EHP 3 to 6.
So our NW stack went from 7.0 to 7.31
We use PI to interface between a 3rd party application and our ERP.
But incase of a disruption of our PI system, we have a plan B and its a webservice.
When we did the upgrade, all was fine, PI and all worked.
If checking SICF, the service is active.
Check SOAMANAGER, service is active.
We never invoked plan B.
We have the need to transfer a high volume from the 3rd party to ERP, so bypassing PI is a much faster route in our case.
When trying to hit the webservice, no response.
As I start digging.
SICF, its active, run a test, it does prompt to log in but blank HTTPS page.
So, I launched SOAMANAGER, SAP tells me that the webservice was configured in the old layout, and the new layout will be used.
CLick OK.
I see my webservice Active. So decide to Edit it and click same so it regenerates just to see.
Then I get this error.
SRT
|
And it is now in inactive STate.
I read note 1319507.
If a WS consumer of an SAP system logs on to a Web service with message-based
authentication such as a UsernameToken, a SAML token, or an X.509 certificate,
the Internet Communication Framework (ICF) initially performs the logon using
the technical user DELAY_LOGON (for 7.1X) or DELAY_L_<SID> (for 7.0X). A
direct logon with the authentication data contained in the SOAP document is not
possible, since the ICF cannot access SOAP data.
The user name and the
credentials are kept in the secure store and copied into the ICF node of the ws
provider when a configuration is activated.
In case no credentials are
available in the secure store, you get the following error
message:
System is not prepared for WS Security authentication (note
1319507)
Use report wss_setup to create the user DELAY_LOGON (for
7.1X) or DELAY_L_<SID> (for 7.0X), which has no authorizations. The report
also stores the user password in the secure storage. If the user
DELAY_LOGON/DELAY_L_<SID> then accesses the WS provider, the initial
authentication is done using DELAY_LOGON/DELAY_L_<SID>, until the SOAP
processing framework switches the user after successful evaluation of e.g. the
sent SAML assertion.
Before I try this. Any advice? Anyone else see this before? Almost appears the security has been hardened in the newer NW stacks.
Should I run this report? Also concerned about NW stack levels, it discusses 7.1X and 7.0.
Let me know your thoughts and experiences.
Oh I just seen note 1318883.
Possibly my issue.
I will have security check it and assign me the access.
I will post if it works or not.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
In the web service utilities error log I see this.
Anyone?
Message no. SRT_CORE126
The target system is refusing to service the request because the entity of
the request
is in a format not supported by the requested resource for the requested
method.
Inform the people responsible for the consumer system about this problem.
If the consumer system is an SAP system, please contact SAP Support.
If you want to save one or more error entries
(displaying in detail and not summary mode) to your computer for sending
it
later to your colleagues or to SAP Support, just do the following:
User | Count |
---|---|
91 | |
10 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.