cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Does LDAP on V12 require ABAP stack?

Go to solution
Former Member

on ‎06-05-2008 2:37 PM

0 Kudos

Hi all:

For xMII V12 we have installed Netweaver 7.00, both the ABAP and Java stacks. We currently do not access any data from any SAP system. However, we plan to exchange data with ECC systems in the future. Two questions arise in our implementation of security:

1) Must we have the ABAP stack to get/access data from ECC, or any other SAP system, or is the Java stack all thatu2019s needed?

2) Weu2019d like to use LDAP for user security mangement. Can we use LDAP to manage users in the Java stack directly, or does it have to go through the ABAP stack to do this?

Thanks.

Dave

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

jcgood25
Active Contributor
‎06-06-2008 10:24 PM
0 Kudos

Dave,

Good meeting you at Sapphire!

1. With MII the Java stack is all that's required, no ABAP necessary. The typical communication between MII and a backend R/3 or ECC system is through the Java Connector (JCo action blocks in Business Logic) which provides the java to abap bridge.

2. I will not pretend to be an expert on LDAP UME, but I should think the NW User Management help should provide you the insight you need and that static UME Datasource users can co-exist with a connection to LDAP.

Regards,

Jeremy

Show replies
Show replies
Former Member
‎06-06-2008 10:30 PM
0 Kudos

Thanks Jeremy, that's the confirmation we were looking for.

See you at a future event I'm sure...

Dave

Former Member
‎06-10-2008 5:30 PM
0 Kudos

Our NetWeaver security team has asked for a follow-on clarification on this matter:

- We have both Java stack and ABAP stack installed. We were led to believe that we CANNOT access the LDAP via java stack now that we have ABAP installed.

- Can we go directly at the LDAP via our java stack even with ABAP stack installed, or must we re-install the system without ABAP stack? We seem to have gotten mixed signals and it has a big impact on our approach.

Guidance appreciated.

Dave

Answers (2)

Answers (2)

Former Member
‎06-10-2008 6:11 PM
0 Kudos

David,

I have heared, that if you have setting up UME with Data Source ABAP,

then you have no chance to select a other one.

Are you authorized to check the UME settings?

If you have, please go and check the following:

1. [http://<server>:<port>/useradmin/]

2. Select configuration. What is your Data Source?

Regards

Pedro

Show replies
Show replies
Former Member
‎06-17-2008 8:04 AM
0 Kudos

Hi Dave,

I actually have an open item with SAP regarding this because if the XI remote adapter engine is installed, SAP will only support ABAP authentication for users and roles.

We have tested with 12.0 by setting mixed local UME and ABAP to avoid the overhead of authenticating with the ABAP stack for local calls to Java Web Services. I haven't tested LDAP yet.

What you'll probably find is that your user creation will be done in the chosen user store (either LDAP directory or local UME) and your xMII role assignment will be done in the local UME in both cases.

I hope this helps. We are having continuing discussions with SAP to try and support other authentication modes when a dual Java/ABAP stack is installed. Especially in a distributed scenario where the remote AE is not close to the ABAP system.

Cheers,

Nick

Former Member
‎06-07-2008 10:24 PM
0 Kudos

Hi Jeremy and David,

I can confirm that LDAP + Local UME Users will working very well. We have few customer,

that running this scenario.

Regards

Pedro

Show replies
Show replies
Ask a Question