cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Setting Service Account in Web Service Definitions

Go to solution
Former Member

on ‎05-25-2016 6:05 AM

0 Kudos

Hi All,

We are providing a Web Service from SAP to be consumed by external applications. Now, we are using a Service Account(SAP User ID and Pwd) for authentication which means that only those credentials will be used to access WSDL and consume the Web Service.

Now, When we are registering the Web Service via SOAMANAGER, we are providing the appropriate User ID and Pwd(Service Account). But,after setting the constraint, the WSDL accepts any valid SAP User ID/Pwd. How to restrict the usage of Web Service internally using UserID and Pwd combination.

I also set the logon data on SICF but its not working.

Thanks

Sahil

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

former_member186851
Active Contributor
‎05-25-2016 7:52 AM
0 Kudos

Hello Sahil.

Try disabling the soap authentication as discussed in the below link

Show replies
Show replies
Former Member
‎05-25-2016 7:43 PM
0 Kudos

Hi Raghu,

Thanks for the prompt reply. This looks good but the problem is we dont have PI/XI. Whatever we need to do we have to do in Netweaver AS.(SICF, SOAMANAGER etc.).

Is it possible?

Thanks

Sahil

former_member186851
Active Contributor
‎05-25-2016 8:22 PM
0 Kudos

Shail.

so you wish to remove authentication @ SOA Manager level?

Former Member
‎05-25-2016 8:25 PM
0 Kudos

Hi Raghu,

I need to set the authentication for only a single valid user id and pwd. I don't want all the users to access the web service.

We have created a specific user only for authentication purposes but i am not able to fix it to that particular user. If i give my id then also it is getting accepted.

Thanks

Sourav

former_member186851
Active Contributor
‎05-26-2016 5:06 AM
0 Kudos

Hello Sahil,

Got it.

Check the below roles and assign to the user who wish to access the WS, Remove it from the other USER IDs.

https://help.sap.com/saphelp_nwce72/helpdata/en/48/5a8d7f5ae007dbe10000000a42189b/content.htm

Former Member
‎05-26-2016 5:41 AM
0 Kudos

Hi Raghu,

Thank You very much for the link. It will really help once we have NWCE Setup.
Currently, we only have NW ECC.( Which means SOAMANAGER, SICF etc.)

This time, I will try to be more clear with the issue.

The scenario is:
User A creates a Web Service1.
User B and C should only access the web service1.
Both the Users are valid SAP users.
Now, to solve the issue we created a User XYZ with Password and role SAP_WEBSERVICE_CONSUMER and thought that we will pass the credentials of user XYZ to B and C which will help them access the web service1.

Now, the problem is user M with the same role is also able to access the service.
If we remove the role from User M it won't be able to access other Web Services( Apart from Web Service1)

How, can we ensure that the respective Web Service can only be accessed via:
a) User XYZ user id
b) User XYZ pwd
c) Role: SAP_WEBSERVICE_CONSUMER

Hope, it clarifies the requirement. If you have a better solution to the above issue, it will be even more helpful.


Thanks
Sahil

former_member186851
Active Contributor
‎05-26-2016 4:16 PM
0 Kudos

Hello Sahil,

What is the role of User M?

Former Member
‎05-31-2016 2:18 PM
0 Kudos

Hi Raghu,

Apologies for replying late.

In this case, User M is a valid SAP User with SAP_BC_WEB_SERVICE_CONSUMER role.(No other roles related to Web Services are attached to user M).

Kindly, let me know if this is the best way to go for it.


Thanks

Sourav

former_member186851
Active Contributor
‎05-31-2016 2:36 PM
0 Kudos

Hello Sahil,

The way could create a role to access WS 1 alone and you can assign to the USER M.

But I don't how to do it,Might be someone with Security team should help you.

Former Member
‎05-31-2016 2:53 PM
0 Kudos

Hi Raghu,

Thank You very much for the direction.

I found a link, can you kindly advise if this is the correct way to go.

ABAP Web Services - Authorizations - Security and Identity Management - SCN Wiki

Thanks

Sahil

former_member186851
Active Contributor
‎05-31-2016 3:36 PM
0 Kudos

Hello Sahil,

Seems to be close one for your requirement.

you can add the particular WS in the transaction-PFCG

Answers (0)

Ask a Question