Hi all,

We are running Net weaver PI 7.0 SPS11 and 4.6C R/3 and working on proof-of-concept project using BAPIs exposed on XI as Web Services and called from external SOAP client (MS SharePoint). We got it working fine with HTTPS and SOAP protocol as Sender and RFC Adapter as Receiver to R/3.

Now we want to add authentication and authorization to this scenario...authentication will probably be SSO and SSL/HTTPS, but we are wondering how to handle authorizations in R/3? RFC Adapter channel is configured with system user, so once BAPI is called this use runs transactions in R/3 and in R/3, where the authorization is checked, we have no visibility which user requested Web service…

Is there any way we could extract user is from HTTP header and have it dynamically used in RFC Adapter channel config? Or maybe there is another way to handle this?

Any insights how to resolve this issue will be greatly appreciated.

Thanks

Margaret