the authority of web service

Former Member · ‎04-02-2008

Hi experts,

I have created a Web-Service which is running with HTTP actually.When i send the soap request message to SAP server, the response message of SAP server tell me 'FailedAuthentication', 'Authority check failed'. I don't know why like this.Who can tell me how to configure security for this scenario?

Thanks.

Kelvin

Former Member · ‎04-02-2008

When defining Web addresses or file paths for authorization, you can specify variables,

which are defined in transaction .SM30_SSM_VAR.. You should then

enter the variables in upper case letters in angle brackets in the Web

address, such as: .<VARIABLE_NAME>.. When the Web address is

started, the variable is automatically replaced by the associated value.

former_member74904 · ‎04-02-2008

you could do a trace (ST01) in order to find out what authorizations are missing, but my guess is that you should add the webservice you created to the S_SERVICE object in the profile of the user executing the service.

Former Member · ‎04-02-2008

Hi Dimitri,

I agree your viewpoint.Can you tell me detailed about the profile of the user executing the service. I haven't related experience on this.

Thanks.

former_member74904 · ‎04-02-2008

hi kelvin,

your testuser must have some kind of basic access in order to logon to your webservice, right?

my guess is that it's missing certain objects within his profile, most likely S_SERVICE.

if you add this object to a new or an existing role (assigned to your testuser) and add the webservice to the field SRV_NAME.

also define the type of service in the SRV_TYPE field in which you specify whether it's a BSP, webdynpro etc type of service.

hope this helps. good luck!

edit: also examine the trace and look for missing S_RFC authorizations

Edited by: Dimitri van Heumen on Apr 2, 2008 11:11 AM

Former Member · ‎04-02-2008

Thanks Dimitir.