Portal Security and ECC 6.0

Similar Messages

• NW2004s portal password and ECC 6.0 password synchronisation

  Hi,
  We have implemented NW2004s SR2 SPS 12 portal and also configured SSO
  between Netweaver portal and ECC 6.0 system using SAP logon tickets.
  As per client's requirement, is there any standard mechanism available
  for synchronizing Netweaver portal password and ECC 6.0 system
  password? (i.e when we change password in EP the same is reflected in
  ECC also).
  Appreciate your inputs.
  Regards,
  Lakshmi.

  Hi Lakshmi,
  I am not sure of this, but yes one can use central user administration (CUA), for synchronising userid/pwd from a single system.
  The CUA box will hold all the user ID.
  Regards,
  Akshay
  Reward if helpful.

• Oracle Forms and Portal. & Portal Security

  I need the following questions answered for a client who is
  trying to move from IIS to Oracle Portal. any pointers would be
  extremely helpful
  1. How to configure Oracle Forms to run with Portal.
  2. Is it possible to display forms inside a Portlet. If so, will
  the forms hold the same state when the page is refresed.
  3. Is it possible to display WORD/PDF/EXECL documents in their
  native format inside a Portlet.
  4. Any information on how IIS security integration is possible
  with POrtal. i.e ( if there are ASP pages running on IIS
  security, how to integrate it with Portal Security mechanism
  -Thanks
  ganesh

  You can create roles in Oracle with the appropriate privileges to access the application. For example,
  you could create a role that has only read access to all the tables in the database. You could assign this role to the menu. Also, you may want a role for a manager that whould enable him to insert data or to see a few special forms. You could assign this role to the menu associated with the form.
  Using Form Builder, you can manage menu security with Oracle server roles. After defining the roles to use for a menu module, you could then specify the roles that have access to each menu item. When you set the 'Use Security' property of a menu module to 'Yes', the form enforces security. After setting the 'Use Security' property to 'Yes', you can use 'Module Roles' property to construct the entire list of roles with access to that menu module.
  I hope it helps.

• RFC connection error between BW 3.5 and ECC 6.0

  Hi gurus,
  We've defined an RFC destination between BW 3.5 and ECC 6.0. Connection test  (SM59) is ok, but authorization one fails and ALEREMOTE users block. These users on both systems have good profiles. We look ST22 and find a runtime error on CALL_FUNCTION_REMOTE_ERROR. We've cleaned source system on BW and RFC destination and we've created one more time, but error doesn't disappear. We've looked OSS but don't find anything.
  Any idea? Is there any other place (users, RFC) where we have to change user password on system?
  Thanks a lot!
  Regards,
  Iván.
  Edited by: Iván Cabezas Castillo on Nov 6, 2009 12:09 PM

  Solved!
  This is because of the incompatibility of password handling between
  640 and 700 systems.
  We have to use a maximum 8 character long password with only capital letters (numbers are also allowed) for the user "ALEREMOTE".
  1. Change the password for the user in SAP R/3.
  2. Maintain the password in SAP BW for the RFC destination (transaction SM59 - Logon/Security tab)
  3. Authorization test is now successful.
  (SM59 - Test - Authorization).
  Regards!

• SSO issue with BI 4.0 BW and ECC

  We currently have SAP BW 7.3 BOBJ 4.0 ECC and SAP portals.
  We have configured SAP BW, BOBJ and SAP Portal with SSO and that works perfectly fine.
  The issue is that i have Crystal Reports running on ECC that have also to be published to the Portal.
  All BW crystal reports run fine and ECC fails because of SSO -
  What am i missing here -
  Do i need to do something different for ECC
  In CMC  Authentication i have added SAP ECC and imported a role - So now i have 2 ids - one from BW and the other from ECC.
  I know this is not the way to do it but it still does not work.
  What do i need to do to have ECC and BW reports to work with SSO from SAP portal.
  Thanks

  Thank you for your reply Ingo
  I assume that your BusinessObjects Server has the SAP Authentication for BW and ECC configured ?
  *Yes *
  Are the reports for BW and ECC been called from the portal ?
  Yes
  if so then you have one BOE Server, 2 SAP environments and 2 SAP authentications configured and to achieve SSO for all systems you will have to combine the 2 SAP Systems via SNC (for XI 3.1) or via the SSO Token Service in BI4
  We are on BI4 and we have set up SSO Token for BW -
  Are you saying that we have to set up SSO token for BW as well as ECC -
  In CMC - Authentication - SAP  - Options -SAP  SSO Service - it does not give me an option to have 2 systems
  How do i add ECC system there too.
  Regards
  Ryan

• Best Practice for Portal Patches and effort estimation

  Hi ,
  One of our client is applying the following patches
  1. ECC 6.0 SP15(currently SP14)
  2. ESS MSS SP15(currently SP14 with some level of functional customization )
  3. EP 7 SP18(currently SP14)
  We would like to kwow the best practice for applying portal patches and the effort estimation for redoing the portal devt on the new patch.
  o   What is the overall level of effort with applying Portal patches?
  o   How are all the changes to SAP objects handle?  Do they have to be
       manually re-entered?
  o  What is the impact of having a single NWDI instance across the
      Portal Landscape during the Patch process?
  Regards,
  Revathi Raju.

  Hi Revathi,
  o What is the overall level of effort with applying Portal patches?
  overall effort to apply the patch is apprx 1/2-1 days for NW7 system. This is exclude the patch files download because it's based on your download speed.
  o How are all the changes to SAP objects handle? Do they have to be
  manually re-entered?
  Depending on your customization. Normally it wont effect if you created the customzation application apart from SAP standard application
  o What is the impact of having a single NWDI instance across the
  Portal Landscape during the Patch process?
  Any change that related to NWDI, you might be need to re-deployed from NWDI itself.
  Thanks
  Regards,
  AZLY

• Vendor Master Portal-Adobe-workflow-ECC scenario?

  I have a scenario to build a portal for vendor master using adobe forms.
  at the high level steps that will be taken as follows
  - design the adobe forms
  - integrate the forms
  - forms storage? where
  - configure uwl with GP
  - Interface to ECC ( from Portal content to ECC for field validation)
  - Interface to ECC ( from GP to ECC to create vendor master )
  Can somebdoy help me step by step design and development steps needs to be take care for the above?pls
  Thanks-Gopal

  Thanks, this article doesn't mention if the WF is delivered or not (I know it can be made by WF consultant); if it is delivered then what is the WS code? and place in standard IMG to activate it?
  Edited by: KC on Feb 9, 2010 10:05 PM

• ABAP differences of SAP R/3 4.6 and ECC 6.0

  What are the ABAP differences of SAP R/3 4.6 and ECC 6.0?

  Hi
  Difference between version on functionalities you can find on the following link.
  Give the source version (i.e. 4.6 C) and select the target version (i.e. ECC 6.0)
  http://solutionbrowser.erp.sap.fmpmedia.com/
  Please check this Release notes :
  http://help.sap.com/saphelp_erp2005vp/helpdata/en/43/6880cbb88f297ee10000000a422035/content.htm
  Check if this is helpfull
  Short Difference between R/3 4.7, ECC5 & ECC6 !!!!!
  1. SAP NetWeaver is SAP's technology platform. It has all of SAP's
  technology in it. It is used to build and run SAP Applications and customer
  applications (Application server, data warehouse, portal, coding, messaging,
  etc). You can find more information on the SAP NetWeaver page on the SAP
  Service Marketplace (http://service.sap.com/netweaver). Of course they is
  also in on the SAP NetWeaver page in SDN.
  2. ABAP is part of SAP NetWeaver. BW is part of SAP NetWeaver (as of
  the 3.5release).
  3. Prior to SAP NetWeaver, BW was a seperate product. It is shipped as part
  of SAP NetWeaver since the SAP NetWeaver '04 release (SAP NetWeaver BI 3.5).
  4. SAP ECC is part of the SAP ERP application (actually it is the minimal
  installation of SAP ERP). SAP ERP runs on SAP NetWeaver. So when you get SAP
  ERP you get SAP NetWeaver.
  - SAP ECC 5.0 is part of SAP ERP 2004 [which runs on SAP NetWeaver '04]
  - SAP ECC 6.0 is part of SAP ERP 6.0 (2005) [which runs on SAP
  NetWeaver 7.0(2004s)]
  5. SAP NetWeaver is delivered with SAP ERP so ABAP and the functional
  modules are include in SAP ERP.
  6. With SAP ERP (SAP ECC) you have a choice of activating BI within the SAP
  ERP system or deploying in a seperate system. This is information is in the
  SAP ERP master guides which can be found at
  http://service.sap.com/instguides.
  For SAP ERP 6.0 (ECC 6.0) it will the SAP NetWeaver 7.0 version of BI.
  Also check
  /thread/170347 [original link is broken]
  The only difference between ECC5 and ECC6 is that additional components like mySAPCRM, mySAPPLM, mySAPSCM, mySAPSRM are added in ECC6.0. HR was already a part of ECC5.0.
  http://abdurohman.wordpress.com/2007/06/29/whats-new-in-ecc5-and-ecc6-ecc7/
  Reward if usefull

• Difference Between 4.7 and ECC 6.0 in case Of Travel mgmt.

  Hi guys,
      Please let me know what is the main difference between 4.7 and Ecc 6.0 in case of Travel management.
  Thanks

  Hi Pulla,
  We use R/3 4.7 version for Travel Management (FI-TV) with fairly good features but the latest  version ECC 6.0 which is Enterprise Central Component version 6.0 gives you the opportunity to use ESS/MSS ie, using portal to create the trips/claims as against interfaces. 
  Therefore one difference would be to get the work done easily by logging into a internet site and complete the trips/claims which in turn updates your database tables where as in 4.7 there is no such functionality to use portal to make an expense claim.
  There might be other feature enhancements available in 6.0 which I am currently unaware of but surely SAP gurus in this forum will be able to provide more on that.
  Hope the above provides more info.
  Rgds
  CONMJI

• Data Transfer Erec and ECC HR

  Hi all,
  We are using having 2 backend systems 1 for HR other than Erec and another one for erec.
  Now we have setup the ALE data transfer using Message type HRMD_ABA.
  In erec we have only ERECRUIT Component deployed in backend,no EA HR or SAP HR component deployed.
  MEaning no PA* tables.
  Now when Transfer personnel number(HR!001-A008 with Position) to erec box,it says no pernr exist.
  Howver i cannot tranfer the pernr from ECC to Erec as we dont have PA* tables in Erec.
  Can you share me the object types that are transferred from ECC to EREc and EREC and ECC.
  What are the components to be deployed in backend Erec box.
  In Portal for requistions application which should backend(System Object) and for recruiter and recruitment admin applications which should be the backend system(System Object).
  Thanks,
  Nachy

  Hi,
  Check the link :
  http://help.sap.com/saphelp_erp2005/helpdata/en/45/8150635e9c40c1e10000000a1553f7/frameset.htm
  Supported infotypes for transfering data from the E-Recruiting to the HR-System are the PA infotypes 0,1,2 and 6. There are 15 fields sent to pa48 if they were filled in the E-Recruiting system, which are
  - forename, initials, surname
  - gender
  - birth date
  - correspondance language
  - address (street, city, streetcode, region, country)
  - hiring date
  - organisation unit
  - position
  - personel number (for internal candidates)
  So these are the infotypes which can be transfered automatically and cause no problems. If you want the "title" to be transferred additionally, you have to adjust the  system behaviour accordingly.
  To set up data transfer,
  In E-Rec System, use Tcode - BD64 Partner Type LS - Generate partner profile for the ECC System
  Use Tcode - WE20 for the Partner profiles checking
  For ECC Partner Profile, Give Outbound parameters - Messahge type HRMD_ABA and SYNCH. Give Inbound parameters- Message Type HRMD_ABA
  In ECC system, use BD64 for the Partner Type LS. Partner Type LS - Generate partner profile for theCreate Erec System(
  Use Tcode - WE20 for the Partner profiles checking
  For E-Rec Partner Profile  , Give Outbound parameters - Messahge type HRMD_ABA and SYNCH. Give Inbound parameters- Message Type HRMD_ABA
  After doing data transfer using RHALEINI, use transaction SM58 to check whether the data has been transferred or not.
  Hope it helps!
  Arpita

• How to get current IUser (com.sapportals.portal.security.usermanagement)

  Hi,
  does anybody know how to get IUser for the current user?
  I know how to get current IUser from com.sap.security.api package:
  IWDClientUser wdcu = WDClientUser.getCurrentUser();
  IUser sapUser = wdcu.getSAPUser();
  but I need to have IUser from com.sapportals.portal.security.usermanagement package.
  Regards,
  Ladislav

  Ladislav,
  Try this:
  Get the IUser uisng the API com.sap.security.api.IUser and store it in a variable, say <i>sapUser</i>.
  Then,
  // Convert the logged in user to old EP5 usermanagement API
  com.sapportals.portal.security.usermanagement.IUser user = null;
  try
       com.sapportals.portal.security.usermanagement.IUser user = WPUMFactory.getUserFactory().getEP5User(sapUser);
  catch (UserManagementException e)
       e.printStackTrace();
  Bala

• Portal to SAP ECC XI Scenarios

  Hi Guys,
  I want to develop Synchronous XI scenarios from Enterprise Portal to SAP ECC. All scenarios will be triggered from Portals, will get information from SAP ECC and send it back to Portals, synchronously.
  Is SOAP to RFC the only available type of communication that I have ?
  What about performance ?
  Thank you.

  >
  Evaggelos Gkatzios wrote:
  > Why ?
  Portal means a front-end application...in normal case the user will not be comfortable to wait to get a response back (portal --> pi --> some backend application).....hence it is recommended not to use PI (or other middleware) in between...unless you have a very strong reasonfor it.....have a Portal --> backend application config.
  In a previous project many of the Portal scenarios were directly integrated with SAP ECC system.
  Imagine you use google and then google inturns runs it search along other applications to give you the results....the wait time.

• WDA + External Portal + Security

  Hello friends!
  @Moderator, sorry if I post it in a wrong forum, but I think the wda experts should have already faced this issue.
  I've been reading all forums regarding to this subject. As you are going to see, I'm not used to work with WDA Portal integrations and I'm studying hard for it.
  Could you please just guide me what I have be aware to connect WDA from a ERP server to another server, which has installed the Portal? (portal is accessed externally/internet)
  I'm afraid about security, as the employees will access the portal by internet (it's already working fine, today they can access the portal externally and can use some Webdynpros Java) But for now, we are going to rewrite these WDJ to WDA.
  1) The portal server connecting WDA's from a ERP server, isn't it a best practice?
  2) As it is already working (external access to the portal), for now I have just to create the iViews to the WDA's from ERP server?
  3) What would be the security risk when people access the external link to the Portal and the Portal redirected it to the ERP?
  I would greatly appreciate your help in only guide me.
  Thanks in advanced!

  Hello Alexandre,
  Please find the answers to your queries.
  Alexandre Mendes wrote:
  > 1) The portal server connecting WDA's from a ERP server, isn't it a best practice?
  Not at all, The composition Environment CE is intended for this purpose only.
  Alexandre Mendes wrote:
  > 2) As it is already working (external access to the portal), for now I have just to create the iViews to the WDA's from ERP server?
  First you need to create a system connection in portal to the ERP server.  Later you need to create the iViews
  Alexandre Mendes wrote:
  > 3) What would be the security risk when people access the external link to the Portal and the Portal redirected it to the ERP?
  As per my knowledge there is no security risk involved because while accessing the WDA application from ERP the request will be authenticated again.
  BR, Saravanan

• How to set portal security context for a procedure

  Hi, I have procedure that needs to call some of the PDK APIs (WWSBR_API), but outside the scope of the web browser, i.e, automatically via a DBMS_JOB or queue. There is no HTML outputted, but rather a log entry made to a custom table.
  The schema that this custom pkg belongs has all the necessary grants made to it from provsyns so that it should run.
  How do I programatically set the context of the portal security so as to make the PDK APIs think it has been invoked by a Portal Adminstrator or a user with sufficient privs to perform the actions against the PDK and therefore not bomb out with security exceptions? I have seen this documented quite some time ago, but cannot find the details.
  Regards
  John

  You need to use the wwctx_api.set_context procedure.
  http://portalstudio.oracle.com/pls/ops/docs/FOLDER/COMMUNITY/PDK/plsql/doc/sdk11scp.htm

• Doument Access - using Portal security or Document Database security

  I originally posted this on the Security Form, but realized that it might be solved using the PDK.
  I have a table in my database that contains information about a document (Name, Rev, Author, groups that have access). I want users to login to my portal and in a portlet, I want them to be able to click which docs they have access to see; based on who they are logged on as.
  Would I use the PDK for this? If I use portal security, I think I will be maintaining the security twice (database and portal).

            Hi Wendell,
            There is a patch available for this known problem. Please contact BEA support and
            ask for patch CR075892_70.jar for WLS 7.0.
            Thanks!
            Deb
            Wendell Nichols <[email protected]> wrote:
            >I have the opposite problem. My ejb always is denied access to the adapter
            >resource. I'm a Weblogic novice, (but the adapter works on other servers,
            >I'm testing on WL to ensure it works there).
            >How do I get the minimum security in place to test my adapter?