Authority check on WAD with testuser-id in SingleSignOn-Environment
Hello,
i want to check some changes i have made in rsecadmin.
i want to proof the changes with our testuser-id (xy_test).
the problem is, that i want to check the changes in an Webapplication (WAD) in a SSO-Envirnoment.
Everytime i open the link to the specific Webappliction the system is login in with my user-id (xy).
I have no idea how to logon with the credentials of my testuser.
Anyone some ideas?
every hint is wellcome
best regards
Oliver
Hi
use without qoutes if it is a variable .
AUTHORITY-CHECK OBJECT 'B_USERSTAT'
ID 'ACTVT' FIELD '02'
ID 'BERSL' FIELD ZWP_CCS
ID 'STSMA' FIELD ZS_IRC.
and
if sy-subrc <> 0.
message " error ".
endif.
reg
Ramya
Edited by: Ramya S on Dec 31, 2008 5:43 AM
Similar Messages
-
Execute Authority Check With an different User then the logged on one
Hello,
is there any possibilty to make the command "AUTHORITY-CHECK" with another user then the user which is actually logged in into the system.
For Example: my Username "USER1".
Login with user "USER1".
Run ABAP Pogramm to check if user "USER2" has the autority for an auth. object per command "AUTHORITY-CHECK".
Thanks for all Ideas.
Best Regards
MarcusTry the FM AUTHORITY_CHECK!
Cheers,
Ramki. -
With regard to lock object and authority check
hi all
i would like to know about lock object and authority check specifically in reports. there is a coding in sap library with regard to authority check, but there is no coding to restrict user (i mean there is no user names that the object is restricting for a particular user or any user has got permission to change or display object).
further, the code mentions that you need an authorization in your user master record for the object, could any of u explain where is user master record.
below is the code for authority check.
*& Module USER_COMMAND_0100 INPUT
MODULE USER_COMMAND_0100 INPUT.
CASE OK_CODE.
WHEN 'SHOW'.
AUTHORITY-CHECK OBJECT 'S_CARRID'
ID 'CARRID' FIELD '*'
ID 'ACTVT' FIELD '03'.
IF SY-SUBRC NE 0. MESSAGE E009. ENDIF.
MODE = CON_SHOW.
SELECT SINGLE * FROM SPFLI
WHERE CARRID = SPFLI-CARRID
AND CONNID = SPFLI-CONNID.
IF SY-SUBRC NE 0.
MESSAGE E005 WITH SPFLI-CARRID SPFLI-CONNID.
ENDIF.
CLEAR OK_CODE.
SET SCREEN 200.
WHEN 'CHNG'.
AUTHORITY-CHECK OBJECT 'S_CARRID'
ID 'CARRID' FIELD '*'
ID 'ACTVT' FIELD '02'.
IF SY-SUBRC NE 0. MESSAGE E010. ENDIF.
MODE = CON_CHANGE.
SELECT SINGLE * FROM SPFLI
WHERE CARRID = SPFLI-CARRID
AND CONNID = SPFLI-CONNID.
IF SY-SUBRC NE 0.
MESSAGE E005 WITH SPFLI-CARRID SPFLI-CONNID.
ENDIF.
OLD_SPFLI = SPFLI.
CLEAR OK_CODE.
SET SCREEN 200.
ENDCASE.
ENDMODULE. " USER_COMMAND_0100 INPUT
i thank u all for the help in advance.hi
this might help
REPORT YUSRLOCK NO STANDARD PAGE HEADING.
TABLES: TRDIR, USR02.
DATA: MARK,CNTR TYPE I,
ACCNT LIKE USR02-ACCNT, ERDAT LIKE USR02-ERDAT,
ANAME LIKE USR02-ANAME, CLI(3) VALUE 'AAA', SZIN TYPE I,
SYDATUM LIKE SY-DATUM, FLAG(3).
TABLES: UINFO.
DATA: OPCODE TYPE X VALUE 2.
DATA: BEGIN OF USR_TABL OCCURS 10.
INCLUDE STRUCTURE UINFO.
DATA: END OF USR_TABL.
START-OF-SELECTION.
CALL 'ThUsrInfo' ID 'OPCODE' FIELD OPCODE
ID 'TAB' FIELD USR_TABL-SYS.
SELECT * FROM USR02 CLIENT SPECIFIED ORDER BY MANDT BNAME.
IF USR02-MANDT <> CLI.
SZIN = SZIN + 1. SZIN = SZIN MOD 2.
CLI = USR02-MANDT.
ENDIF.
IF USR02-UFLAG = 0.
MARK = ' '.
ELSE.
MARK = 'X'.
ENDIF.
CLEAR FLAG.
LOOP AT USR_TABL.
IF USR_TABL-BNAME = USR02-BNAME AND USR_TABL-MANDT = USR02-MANDT.
FLAG = '!!!'.
ENDIF.
ENDLOOP.
SYDATUM = SY-DATUM - 30.
IF SYDATUM < USR02-TRDAT.
IF SZIN = 0.
WRITE:/ ' ', MARK AS CHECKBOX,' ', USR02-BNAME COLOR 2,
' ',USR02-MANDT COLOR 2,
' ',USR02-USTYP COLOR 2,
' ',USR02-TRDAT COLOR 2, USR02-LTIME COLOR 2,
' ',FLAG COLOR 6.
ELSE.
WRITE:/ ' ', MARK AS CHECKBOX,' ', USR02-BNAME COLOR 3,
' ',USR02-MANDT COLOR 2,
' ',USR02-USTYP COLOR 2,
' ',USR02-TRDAT COLOR 2, USR02-LTIME COLOR 2,
' ',FLAG COLOR 6.
ENDIF.
ELSE.
IF SZIN = 0.
WRITE:/ ' ', MARK AS CHECKBOX,' ', USR02-BNAME COLOR 2,
' ',USR02-MANDT COLOR 2,
' ',USR02-USTYP COLOR 2,
' ',USR02-TRDAT COLOR 4, USR02-LTIME COLOR 4,
' ',FLAG COLOR 6.
ELSE.
WRITE:/ ' ', MARK AS CHECKBOX,' ', USR02-BNAME COLOR 3,
' ',USR02-MANDT COLOR 2,
' ',USR02-USTYP COLOR 2,
' ',USR02-TRDAT COLOR 4, USR02-LTIME COLOR 4,
' ',FLAG COLOR 6.
ENDIF.
ENDIF.
HIDE: USR02-BNAME, USR02-MANDT.
ENDSELECT.
CLEAR USR02.
TOP-OF-PAGE.
WRITE:/ 'LOCK USER CLIENT TYPE LAST lOGIN ' COLOR 6.
SKIP.
AT USER-COMMAND.
IF SY-UCOMM = 'SEL'.
DO.
CLEAR MARK.
READ LINE SY-INDEX FIELD VALUE MARK.
IF SY-SUBRC NE 0. EXIT. ENDIF.
IF USR02-BNAME IS INITIAL.CONTINUE.ENDIF.
SELECT SINGLE * FROM USR02 CLIENT SPECIFIED WHERE
MANDT = USR02-MANDT AND BNAME = USR02-BNAME.
IF MARK = 'X' AND USR02-UFLAG = 0.
USR02-UFLAG = 64.
UPDATE USR02 CLIENT SPECIFIED SET: UFLAG = 64 WHERE
MANDT = USR02-MANDT AND
BNAME = USR02-BNAME.
COMMIT WORK.
ENDIF.
IF MARK = ' ' AND USR02-UFLAG = 64.
USR02-UFLAG = 0.
UPDATE USR02 CLIENT SPECIFIED SET: UFLAG = 0 WHERE
MANDT = USR02-MANDT AND
BNAME = USR02-BNAME.
COMMIT WORK.
ENDIF.
ENDDO.
CLEAR USR02.
ENDIF.
regards
Arun -
Urgent! Problem with authority-check
Hi all,
I encounter some wierd scenario with authority-check.
I try to run IW41 (create order confirmation) and the following authority-check
AUTHORITY-CHECK OBJECT 'C_AFKO_ATY'
ID 'ACTVT' FIELD TMP_ACTVT
ID 'AUTYP' FIELD ACT_AUTYP.
IF NOT SY-SUBRC IS INITIAL.
MESSAGE E124 WITH SY-TCODE RAISING MISSING_AUTHORITY.
ENDIF.
was successful. However, when i try to run the FM CO_RI_CONFIRMATION_CREATE (use to create order confirmation), the exact same code is run and when i reach the above authority-check, it fails even if all the variable passed to the check is the same.
How can this happen? I need some help. Very urgent.Hi Mil,
Check the values of TMP_ACTVT and ACT_AUTYP for both the cases.
May be they are different.
Reward points if useful.
Regards,
Atish -
Hello ppl,
On my selection screen for a report, I have the field Sales Org. SELECT-OPTIONS: s_vkorg FOR gs_selscr-vkorg
OBLIGATORY, "Sales Org.
I need to check whether the user has the authorization for the selected sales organisations. So, I am using:
AUTHORITY-CHECK OBJECT 'V_VBAK_VKO'
ID 'VKORG' FIELD s_vkorg
ID 'ACTVT' FIELD '03'.
IF sy-subrc NE 0.
MESSAGE e013. " No authorization
SET CURSOR FIELD 'S_VKORG-LOW'.
ENDIF.
But, will this code handle a range of sales organisations?
Also, how will I be able to display an error message displaying the sales org for which the user has no authorization?
Please help.
Thanks.selection-screen begin of block b1 with frame .
select-options : so_bukrs for bsid-bukrs obligatory,
so_kunnr for bsid-kunnr,
so_hkont for bsid-hkont,
so_prctr for bsid-prctr ,
so_ktokd for kna1-ktokd.
selection-screen end of block b1.
initialization.
*Clearing the work area.
clear gs_bsid.
Refreshing the internal tables.
refresh gt_bsid.
*comm1 = 'Post Dt'.
*comm2 = 'Doc Dt'.
*comm3 = 'Bline Dt'.
*******AUTHORITY-CHECK ***********************************************
at selection-screen .
call function 'ZCAGL_COUNTRYCODE'
exporting
IM_WERKS =
IM_SPART =
IM_PRCTR =
im_bukrs = so_bukrs-low
importing
e_land1 = e_land1.
if e_land1 ne 'IN'.
message i004(yfi02) with 'This Company Code' so_bukrs-low
'doesn''t belong to INDIA'.
leave program.
else.
authority-check object 'ZPRCHK_NEW' :
id 'BUKRS' field so_bukrs-low.
if sy-subrc ne 0.
message e001(yfi02).
leave program.
endif.
endif.
if so_prctr-low is not initial.
call function 'ZCAGL_COUNTRYCODE'
exporting
IM_WERKS =
IM_SPART =
im_prctr = so_prctr-low
IM_BUKRS =
importing
e_land1 = e_land1.
if e_land1 ne 'IN'.
message i004(yfi02) with 'This Profit center'
so_prctr-low 'doesn''t belong to INDIA' .
leave program.
else.
authority-check object 'ZPRCHK_NEW' :
id 'PRCTR' field so_prctr-low.
if sy-subrc ne 0.
message e002(yfi02).
leave program.
endif.
endif.
endif.
this will help u....
Regards
Anbu -
Function module for se16 with out authority check for se16
Hi ,
I am creating a tode YSE16 which has same functionality as SE16 but having its own authority check. I am calling a function module RS_TABLE_LIST_CREATE function module to get the functionality of SE16. But is there any way that i can get the function module which do not check for the authorization for se16 and execute my tcode.
Regards,
Sri.Hi Sri,
If I am not wrong this is the question?
Guys , Sri is modifying the YSE16 as per this requirement. Do u have some other solution? Thanks.
Requirement is to create customized tcodes YSE16, YSM30 and YSE38 for se16, sm0 and se38. Lets start with YSE16.
Client want YSE16 tcode to restrict users based on some tables within a authorization group or even * value for auth group field.
SE16 restricted on:
S_TABU_DIS
Auth Group and Activity
As per Requirement YSE16 tcode sld be restricted on :
Y_TABU_DI2 (customized object)
Auth Group, Activity and Table name
We dont want to give SE16 to users in Production. So basically requirement is to restrict users on table name with YSE16 irrespective on authorization group. User sld only be able to access the table mentioned in Table name field.
so Srilu is trying to modify the Program. Can you please suggest some other way to modify it.
Thanks.
Regards,
Naveen Dalal -
Authority check in infoset query for field with multiple entries
how can i perform the authority check in sq02 "at selection screen" for a multiple entry field
e.g. EKORG low 0001 - high 0005
or EKORG 0001, 0004, 0005
I already added the following statements
How the field for EKORG check must be filled
if EKORG is initial.
message 'Bitte Einkaufsorganisation wählen' TYPE 'E'.
endif.
AUTHORITY-CHECK OBJECT 'M_BEST_EKO'
ID 'ACTVT' FIELD '03'
ID 'EKORG' FIELD ?????.
IF sy-subrc = 4.
MESSAGE 'Keine Berechtigung für EKORG sy-subrc 4' TYPE 'E'.
ENDIF.hi,
which event do you use for your coding ?
it must be AT SELECTION-SCREEN
A. -
Securing action box items with authority-check object
In a 4.6c environment I have setup action box items for various sm and QM notifications.
I would like to secure some of the action box items that their execution is only allowed by authorized personnel using authority-check objects.
Is there a way to secure the action box item by the item number? If not the action box items are using a function module. Maybe I could use the fm name in the authority-check.
Any ideas would be greatly appreciated.Hi,
just see these examples
SAPTLIST_TREE_CONTROL_DEMO_HDR
SAPTLIST_TREE_CONTROL_DEMO
SAPTLIST_TREE_MODEL_DEMO
and for getting a checkbox we have to repalce the icon what is there in the example program and handle the checked and unchecked event for the checkbox.
this can be achieved by using object oriented methods...
reward if helpful
rgds,
Prajith
Prajith -
in the USEREXIT_NUMBER_RANGE program RV60AFZZ, we have an authority check
AUTHORITY-CHECK object 'F_BKPF_BUP'
id 'BRGRU' field t001b-brgru.
This check is not working in the user exit. however when i created a test program to test the syntax for the authority check, it is working fine.
Can anyone let me know what the problem can be?Hi,
Check the fields whether they are having the values or not
also check the sy-subrc authority check.
Thanks
Shiva -
Hello,
how can I use authority check in a remote function call from another system?
The user is there not the real personalized user.
Thank you for help!
ChristineHi,
CALL FUNCTION 'AUTHORITY_CHECK'
EXPORTING
USER = LV_USER
OBJECT = lv_object
FIELD1 = lv_field
VALUE1 = LV_VALUE
field2 = space
value2 = space
field3 = space
value3 = space
EXCEPTIONS
USER_IS_AUTHORIZED = 0
USER_DONT_EXIST = 1
USER_IS_LOCKED = 1
USER_NOT_AUTHORIZED = 2.
Regards,
Arek
Reward points if useful -
Authority check at field level in sales order
Dear all, our business requirement is the following:
only some users should be able to see the prices (including netwr, netpr,...) in the sales order depending on the authority check performed on the sales group field.
This means that for an order of sales group 'A':
a user of sales group 'A' can see the prices and change the order, a user of sales group 'B' cannnot see the prices but can change the order, a user of sales group 'C' can display the order but cannnot see the prices.
I ask you if such a scenario can be realized in SAP.
We currently run SAP ECC 5.0.
thx all !
bye RobertoHi agree with Jan and Auke,
To my knowledge it is object V_KONH_VKO which you are looking for. See the documentation in SU24 - SD class.
But whether or not that will influence the visibility / editability of the screen in VA02 etc when turned the check on in SU24, I am not sure.
If not, search the forum for topics relating to "transaction variants", "variant transactions" and "screen variants" to see whether those solutions will fulfill the requirement.
Cheers,
Julius -
Hi all !!!
I'm using the ALV Grid control with checkboxes and I want to control if the actual user have the appropriate authorization to check/uncheck them.
In the AUTHORITY-CHECK call, I want to make the authorization test on the "DEPARTMENT" of the user (from Table USER_ADDR or SU01).
For example :
DEPARTMENT AA1 --> check/uncheck OK
DEPARTMENT AA2 --> check/uncheck NOT OK
DEPARTMENT AA3 --> check/uncheck OK
... etc.
How can I do ? Create an new authorization object/field ?
PS : it's the first time I'm using AUTHORITY-CHECK..Much of the data in an R/3 system has to be protected so that unauthorized users cannot access it. Therefore the appropriate authorization is required before a user can carry out certain actions in the system. When you log on to the R/3 system, the system checks in the user master record to see which transactions you are authorized to use. An authorization check is implemented for every sensitive transaction.
If you wish to protect a transaction that you have programmed yourself, then you must implement an authorization check.
This means you have to allocate an authorization object in the definition of the transaction.
For example:
program an AUTHORITY-CHECK.
AUTHORITY-CHECK OBJECT <authorization object>
ID <authority field 1> FIELD <field value 1>.
ID <authority field 2> FIELD <field value 2>.
ID <authority-field n> FIELD <field value n>.
The OBJECT parameter specifies the authorization object.
The ID parameter specifies an authorization field (in the authorization object).
The FIELD parameter specifies a value for the authorization field.
The authorization object and its fields have to be suitable for the transaction. In most cases you will be able to use the existing authorization objects to protect your data. But new developments may require that you define new authorization objects and fields.
Example ;
REPORT EXAMPLE MESSAGE-ID Z1.
TABLES: USR02.
PARAMETERS: LOCK AS CHECKBOX, LISTLOCK AS CHECKBOX.
DATA: UFLAGVAL TYPE I, LOCKSTRING(8) TYPE C.
---- Authorization check -
AUTHORITY-CHECK OBJECT 'ZPROG_RUN' ID 'PROGRAM' FIELD SY-CPROG.
IF SY-SUBRC <> 0.
IF SY-SUBRC = 4.
MESSAGE E000 WITH SY-CPROG. "some message about authorization check failure
ELSE.
MESSAGE E005 WITH SY-SUBRC. "some message about authorization check failure
ENDIF.
ENDIF.
IF LISTLOCK = 'X'.
WRITE:/ 'List all locked users: '.
SELECT * FROM USR02 WHERE UFLAG = 64.
WRITE: / USR02-BNAME.
ENDSELECT.
EXIT.
ENDIF.
IF LOCK = 'X'.
UFLAGVAL = 64. "lock all users
LOCKSTRING = 'locked'.
ELSE.
UFLAGVAL = 0. "unlock all users
LOCKSTRING = 'unlocked'.
ENDIF.
SELECT * FROM USR02 WHERE BNAME <> 'SAP*' AND BNAME <> SY-UNAME.
IF USR02-UFLAG <> 0 AND USR02-UFLAG <> 64.
WRITE: 'User', USR02-BNAME, 'untouched; please handle manually.'.
CONTINUE.
ENDIF.
check that user has authority to make these changes
AUTHORITY-CHECK OBJECT 'S_USER_GRP'
ID 'CLASS' FIELD USR02-CLASS
ID 'ACTVT' FIELD '05'.
IF SY-SUBRC <> 0.
IF SY-SUBRC = 4.
WRITE: /'You are not authorized to lock/unlock user ',
USR02-BNAME, USR02-CLASS.
ELSE.
WRITE: /'Authorization error checking user ',
USR02-BNAME, USR02-CLASS, '(return code', SY-SUBRC, ').'.
ENDIF.
ELSE. "has authority
UPDATE USR02 SET UFLAG = UFLAGVAL WHERE BNAME = USR02-BNAME.
WRITE: / 'User', USR02-BNAME, LOCKSTRING, '.'.
ENDIF. -
Hi
we have created ZTTL01 table maintenance view. Should not allow unauthorized company code to update/create or display.
I searched thru forums and collected below points. but could not test it successfully.
Authorization object (Z_XXX_BUK) was created.But <Permitted activities> Button is not available in display authorization object(SU21) to see what are the activities are permitted.
In su01 for my user no roles or profiles are defined.
To do
Trying to write below code in PBO and PAI flow logic of ZCHECK_BUK table for screen 01
PBO & PAI
*First statement
Module Authorictycheck.
module Authoritycheck
LOOP AT EXTRACT.
AUTHORITY-CHECK OBJECT 'ZCHECK_BUK'
ID 'ACTVT' FIELD '01,02,03'
ID 'BUKRS' FIELD ZTTL01-BUKRS.
IF sy-subrc <> 0.
MESSAGE e000(zrpt) WITH 'You do not have the authorization to'
EXIT. 'access Bukrs'extract-bukrs.
ENDIF.
ENDLOOP.
endmodule
Can i use above code in PBO and PAI to check change of company code?
I am sharing role and profile created by other user, which allows only company code 'A10'.
How to test this now?
se11->Utilities->table contents create should not allow me to input A11 or other company codes? pls confirm.
Regards
ChandraHi Suhas
Regarding 1) It works when i remove the FORM routine assinged for EVENTS.
Thanks for ur input.
Regarding 2)When the user displays record in SM30 for a table, he must not be able to see the company code AD01.
To achieve this can i use EVENT AA?
I create FORM routine <hide_cocode> in EVENT AA and store at include LZXXXXF01.
FORM ZHIDE_COCODE.
DATA: F_INDEX LIKE SY-TABIX."Index to note the lines found"
LOOP AT TOTAL.
READ TABLE EXTRACT WITH KEY <vim_xtotal_key>.
IF SY-SUBRC EQ 0.
F_INDEX = SY-TABIX.
ELSE.
CLEAR F_INDEX.
ENDIF. "(make desired changes to the line TOTAL)
MODIFY TOTAL.
CHECK F_INDEX GT 0.
EXTRACT = TOTAL.
MODIFY EXTRACT INDEX F_INDEX.
*ENDIF.
ENDLOOP.
SY-SUBRC = 0.
ENDFORM.
I made break point at line LOOP at Total. and executed SM30 and clicked Display button.
Sorry Code stops here and table TOTAL has flat line structure of empty.Loop at total is skipping
what should be done now?
Regards
Chandra -
Authority check in hr payroll infotype report
Hi all,
We have developed a report which gives infotypewise employee details.here we are checking authority for reading employee data.we are applying authority check at selection-screen and while reading the data from database tables.following is the sample code.
do .
if s_abkrs-high < s_abkrs-low.
authority-check object 'P_PCR'
id 'ABRKS' field s_abkrs-high
id 'ACTVT' field '01'
id 'ACTVT' field '02'.
if sy-subrc <> 0.
message id 'ZHR_ERRMSGS' type 'E' number '292' with s_abkrs-low.
endif.
exit.
endif.
authority-check object 'P_PCR'
id 'ABRKS' field s_abkrs-low
id 'ACTVT' field '01'
id 'ACTVT' field '02'.
if sy-subrc <> 0.
message id 'ZHR_ERRMSGS' type 'E' number '292' with s_abkrs-low.
endif.
s_abkrs-low = s_abkrs-low + 1.
enddo.
my senior says this code is right but it is not checking authority for all infotypes.can anyone suggest what changes are required in this code so that it will check authority for all infotypes.
Thanks in advance.
Regards,
HarshadaHi ,
A select-option will have a structure with four fields (sign , option , low , high) .
So if you want to use your below code : you cannot check authority.
loop at s_abkrs.
authority-check object 'P_PCR'
id 'ABRKS' field s_abkrs <-- is an internal table
id 'ACTVT' field '01'
id 'ACTVT' field '02'.
if sy-subrc 0.
message id 'ZHR_ERRMSGS' type 'E' number '292' with s_abkrs-low.
endif.
endloop.
The other option is :
If your select option has values only in low ... then you can loop thru it ...
loop at s_abkrs.
authority-check object 'P_PCR'
id 'ABRKS' field s_abkrs-low
endloop.
Regards,
Srini. -
Web Service Homepage: Authority check failed
Dear Colleagues,
I have created a Web Service and now I want to test it via its Web Service Homepage (TA WSADMIN). The Homepage is displayed correctly, but testing leads to an error:
Authority check failed
Are there any prerequisites I maybe do not accomplish?
(I tested a very similar web service in another system, and there it works)
Here are some more information about my service:
- Service was build with Web Service Wizzard out of a function module
- Here you can see the conversation resulting of the test:
POST /sap/bc/srt/rfc/sap/Z_TEST_Q73_CONFIG_WS?sap-client=003 HTTP/1.1
Host: bsl8011.wdf.sap.corp:50073
Content-Type: text/xml; charset=UTF-8
Connection: close
Cookie: <value is hidden>
Cookie: <value is hidden>
Authorization: <value is hidden>
Content-Length: 381
SOAPAction: ""
<?xml version="1.0" encoding="UTF-8" ?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<SOAP-ENV:Body>
<ns1:Z_TEST_WS_CONFIG xmlns:ns1='urn:sap-com:document:sap:rfc:functions'>
<INPUT>TEST</INPUT>
</ns1:Z_TEST_WS_CONFIG>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
HTTP/1.1 500 Internal Server Error
content-type: text/xml; charset=utf-8
content-length: 363
sap-srt_id: 20060404/125124/v1.00_final_6.40/1B0831447838C429E10000000A424016
server: SAP Web Application Server (1.0;700)
<soap-env:Envelope xmlns:soap-env="http://schemas.xmlsoap.org/soap/envelope/">
<soap-env:Body>
<soap-env:Fault>
<faultcode xmlns:n0="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">n0:FailedAuthentication</faultcode>
<faultstring xml:lang="e">Authority check failed</faultstring>
</soap-env:Fault>
</soap-env:Body>
</soap-env:Envelope>
The WSDL-Document looks as follows:
<?xml version="1.0" encoding="utf-8"?><wsdl:definitions targetNamespace="urn:sap-com:document:sap:rfc:functions" xmlns:http="http://schemas.xmlsoap.org/wsdl/http/" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:tns="urn:sap-com:document:sap:rfc:functions" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><wsdl:types><xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:tns="urn:sap-com:document:sap:rfc:functions" targetNamespace="urn:sap-com:document:sap:rfc:functions" elementFormDefault="unqualified" attributeFormDefault="qualified"><xsd:simpleType name="char60"><xsd:restriction base="xsd:string"><xsd:maxLength value="60"/></xsd:restriction></xsd:simpleType><xsd:element name="Z_TEST_WS_CONFIG"><xsd:complexType><xsd:sequence><xsd:element name="INPUT" minOccurs="0" type="tns:char60"/></xsd:sequence></xsd:complexType></xsd:element><xsd:element name="Z_TEST_WS_CONFIGResponse"><xsd:complexType><xsd:sequence><xsd:element name="OUTPUT" type="tns:char60"/></xsd:sequence></xsd:complexType></xsd:element></xsd:schema></wsdl:types><wsdl:message name="Z_TEST_WS_CONFIG"><wsdl:part name="parameters" element="tns:Z_TEST_WS_CONFIG"/></wsdl:message><wsdl:message name="Z_TEST_WS_CONFIGResponse"><wsdl:part name="parameters" element="tns:Z_TEST_WS_CONFIGResponse"/></wsdl:message><wsdl:portType name="Z_TEST_Q73_CONFIG_WS"><wsdl:operation name="Z_TEST_WS_CONFIG"><wsdl:input message="tns:Z_TEST_WS_CONFIG"/><wsdl:output message="tns:Z_TEST_WS_CONFIGResponse"/></wsdl:operation></wsdl:portType><wsdl:binding name="Z_TEST_Q73_CONFIG_WSSoapBinding" type="tns:Z_TEST_Q73_CONFIG_WS"><soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/><wsdl:operation name="Z_TEST_WS_CONFIG"><soap:operation soapAction=""/><wsdl:input><soap:body use="literal"/></wsdl:input><wsdl:output><soap:body use="literal"/></wsdl:output></wsdl:operation></wsdl:binding><wsdl:service name="Z_TEST_Q73_CONFIG_WSService"><wsdl:port name="Z_TEST_Q73_CONFIG_WSSoapBinding" binding="tns:Z_TEST_Q73_CONFIG_WSSoapBinding"><soap:address location="http://bsl8011.wdf.sap.corp:50073/sap/bc/srt/rfc/sap/Z_TEST_Q73_CONFIG_WS?sap-client=003"/></wsdl:port></wsdl:service></wsdl:definitions>
Can anyone help me, I have no Idea
Message was edited by: Hans-Peter BauerThe message server defined in the SAP-Logon is us4278.wdf.sap.corp
But the url of the web service starts with http://us4185:58500/wsnavigator/jsps/explorer.jsp?description=WebServiceZ_TEST_Q73_CONFIG_WS
But I think that's not the problem, is it? As I mentioned above the test page can be shown, but the after filling in the input parameters an pressing send, there appears the authorisation error.
For better illustration I made some screenshots for you:
1) http://wipux2.wifo.uni-mannheim.de/~wi01211/sonstiges/WS_HOMEPAGE_OVERVIEW.gif
2) http://wipux2.wifo.uni-mannheim.de/~wi01211/sonstiges/WS_HOMEPAGE_TEST_INPUT_FORM.gif
3) http://wipux2.wifo.uni-mannheim.de/~wi01211/sonstiges/WS_HOMEPAGE_TEST_reqest_response.gif
What can be wrong, if the error "n0:FailedAuthentication" appears?
Regards,
Peter
Message was edited by: Hans-Peter Bauer
Maybe you are looking for
-
Can we use SSO with logon tickets when the R/3 system is hosted by an external partner and the domain name is not the same as the domain name of the portal server? We're accessing the R/3 trough a VPN tunnel. Will SSO work also when accessing the por
-
Payment terms---date and insatllement
hello SAP gurus, the issue is that we select payment terms when we create sales and order , and we want it to be printed under , 1st installment date and amount , 2nd installement date and amout , 3rd installemnt date and amount. Any suggestions or h
-
Why are my Photos albums not appearing in Flickr?
Anyone know why my albums that I create in Photos do not appear in Flickr? The photos appear but just in the photostream.
-
I have two children each with an itouch. Is there a way of using the same AppleID but giving them separate game centre "me" users?
-
Diffrence b/w sync & async mode in bdc.
hi all, wat is the diffrence b/w sync & async mode in bdc? plz explain interview point of view. regards deepak