cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

PI 7.4 Single Stack Java using Principal Propagation with 3rd Party

Go to solution
david_pauley2
Participant

on ‎03-24-2016 1:04 PM

0 Kudos

Hello Experts,

We are using PI 7.4 single stack Java SP11.  We have a 3rd party BPM software that will used to add/update/delete/query records in our SAP ECC system.  We do not want anybody who uses the 3rd party software to be able to manipulate data unless they have authorization on the SAP system.  Can principal propagation be used with 3rd party software or does this need to be done with SAML?  If it can be done, can someone point me to good documentation to set this up?

All help is appreciated and will be rewarded.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

former_member186851
Active Contributor
‎03-24-2016 1:53 PM
0 Kudos

Hello David,

In your case I believe the user(BPM software user) whoever triggers the data should have control over the data

As Per my knowledge PP is based on SAML.You can check the below links If I understood your requirment correctly.

Show replies
Show replies
david_pauley2
Participant
‎03-24-2016 2:20 PM
0 Kudos

Thanks Raghuraman,

I have studied the two links you sent, however they deal with PI 7.1 and are not particular to 7.4 single stack.

The 3rd party BPM currently cannot determine if the user has the authorization to execute the add/update/delete against data in the SAP ECC system.  The 3rd party security is not maintained by the SAP security team, hence a user gets moved to a different department and no longer has the authorization to do his old job.  However the user may still need access to the 3rd party BPM.  If the 3rd party BPM must send some a user token to validate a users authorization then we know right away wither or not that user has authorization.  Otherwise it is a guess.

former_member186851
Active Contributor
‎03-24-2016 2:40 PM
0 Kudos

Ok David.

In your case am not able to say how to authenticate then.

Check if the below link works ,Its for single stack

former_member182412
Active Contributor
‎03-24-2016 2:47 PM
0 Kudos

Hi David,

If you use principal propagation the same user is used in all the components from sender to the receiver, From the sender system if user TEST trigger the process the same user will come to PI and then the same user will enter into ECC to execute the task (insert/delete/update), when it enter into ECC before execution the actual task you can check whether the user have required authorization to execute this task, if user have access you allow the user to execute, if the user does not have access then you can stop the user to execute the task.

Regards,

Praveen.

former_member285898
Participant
‎08-17-2016 8:42 AM
0 Kudos

Hello David,

Any update regarding Principal Propogation concept for version 7.4 single stack?

Actually i want to implement this concept in 7.5 version with single stack.

Could you please let me know any update on this?

Regards,

Karan Kholakiya

david_pauley2
Participant
‎08-17-2016 12:31 PM
0 Kudos

Karan,

I have been working with a consultant and we have a working model of PP in PI 7.4 (actually just completed it yesterday).  I don't have time right now but before the end of next week I hope to put up a blog on how it is done.  When I do I will add a link here for it.

Best regards,

David Pauley

former_member285898
Participant
‎08-19-2016 12:13 PM
0 Kudos

Hello David,

Thanks a lot .... !!!

Much appreciable if you share a link in your free time, that how you dealt PP concept for 7.4 single stack.

Also i was looking to below SAP help link, where in procedure first step is 'Configuration Back-End system', it will be helpful if you add regarding this configuration too.

URL: http://help.sap.com/saphelp_nw75/helpdata/en/48/ce95b718d3424be10000000a421937/content.htm

Screenshot:

Also one more query that for maintaining trusted relationship, do we need to use HTTPS protocol for connection or only HTTP protocol will work? (required Secure connection or unsecured)

Thanks a lot once again for looking into it.

Regards,

Karan Kholakiya.

former_member285898
Participant
‎09-28-2016 2:33 PM
0 Kudos

Hello David,

Just for reminding about sharing of document which have concept of Principal Propagation concept for single stack.

Could you please share it.

Regards,

Karan K.

Answers (0)

Ask a Question