User mapping from portal to R/3

Hello everyone,
Our situation is this :
We made some visual composer iviews (charts and tables) that get data from R/3.
Instead of creating users in R/3, we want to use only one public user who can only call RFC's in R/3. So how is the user mapping implemented in this situation?
Please give me detailed explanation for it or links of documentation.
I will be appreciative and all answers will be rewarded with points.
Thanks for help.

In addition and from a maintenance perspective you could do a: Portal Group to R/3 UserMapping.
This will then automatically map all Portal Users in the Portal Group to the one R/3 user in the back-end. This saves effort when new users are created on the portal you don't have to map them all.
This method is also proposed by SAP for mapping to MDM for example.
NOTE: When you choose this you cannot trace the user in the back-end because
this back-end user is shared. If this is not a problem for your scenarion then I would say go for it.
Cheers,
Benjamin Houttuin

Similar Messages

Scheduled automatic upload of roles/user mapping from R/3 to EP6

EP6.0 offers a nice tool to upload roles together with the user mapping from an R/3 backend system to the portal. This works very well, but in an environment where the user mapping happens on the backend system this manual process has to be repeated to keep the user mapping up to date.
It would be very useful if this process could run in batch mode and could be scheduled. Does anyone has a solution for this problem?
The way the portal user administration is designed works maybe very good for small companies, but for large companies with many users a batch upload tool is really needed!
People from SAP have told me that they are thinking about such a tool, but the pressure from the customers is not high enough to put it on their project list. So maybe we can unite forces to increase pressure on SAP project management.

Dear Krishna,
There are a few solutions for this problem and we are investigating some of them now:
- you can use an LDAP server. Transfer users and the groups to which they belong from the R3 system to LDAP. The groups correspond to the roles the users have. The portal can use the groups on the LDAP server. The portal roles have to be attached to the groups and not to the users.
- we are also thinking about writing a JAVA program that automizes the manual role upload that SAP delivers in the portal. The KM part of the portal contains a scheduler which can be used to schedule the upload of uesr mappings from R3 to the portal.
- you can also make an ABAP web service that is called from a program on the portal to transfer the usermapping. The program makes use of the UME API.
- Or you can make an ABAP program on R3 that calls a JAVA program on the portal that makes use of the UME API to store the user mapping on the portal.
your iview question:
Maybe you can change the default setting for the preferred GUI in the master iview that is used for the creation of the iviews. When you create a new iview the portal creates a delta link based on the master iview., so when you change the master iview all new created iview based on the master iview will have the correct setting immediately.
Best regards,
Johan

Get User ID from Portal Environment

Hi,
In order to avoid creation of as many SAP backend users as our Portal Customers. We have created one SAP communication user and mapped it to LDAP roles & a similar LDAP user. The same user is configured in SICF for this ABAP webdynpro application.
Now following are my questions:
1- Is the above mentioned strategy is recommended or should be avoided? when & why
2- How can we get the portal customer id in ABAP webdynpro code
as we need to find which customer it is related to?
Thanx.

Thanx I got the answer from one of the old log....

Metadata through user input from portal application while new check In

Hi,
We have a requirment to create new doc/html from portal end, and check in it into UCM with user populated metadata's
I have few quetions
- Can I user OOTB RichtextEditor taskflow with little customization.
- Is it a easy option to add a check in form (custom taskflow).
- or we have to create new custom taskflow and use CHECKIN_NEW service using RIDC api.
Thanks
Edited by: 953836 on Aug 21, 2012 2:20 AM

You could go with the standard stuff, but everything depends on what user experience you want to achieve.
a) doc/html
What formats you want to support? HTML is OK, but .DOC (especially if it means MS-Word) might be a challenge
b) you could use SSXA tags (see here: http://docs.oracle.com/cd/E23943_01/doc.1111/e13650/toc.htm ) which could do exactly what you ask for (via Contributor Data Files). Note, however, that this user experience is not often met with understanding. And even more important, mind this: Clarification on SSXA Support with WebCenter Portal
c) you could also use CHECKIN_NEW_FORM (see here http://docs.oracle.com/cd/E23943_01/doc.1111/e11011/c04_core.htm#BABGBCHI ) and somehow consume its output in your custom code. By doing this, you could use Content's standard functionality, profiles, but yet, achieve the user experience similar to what Desktop Integration Suite provides.

Programmatically adding/deleting users to/from portal groups

I am using the following PDK api, to delete an user from a portal group (otp_sales).
I get the following error which doestn make sense. I tested the following api from a
script shown below. In my application, this gets called from a trigger, and fails
because it sees a ROLLBACK getting used in the API.
<<<<<<<<<<<<< delete_from_group.sql >>>>>>>>>>>>>>>>>>>>>>
DECLARE
BEGIN
moc.wwsec_api.delete_user_from_list (p_group_id
=>MOC.wwsec_API.GROUP_ID('OTP_SALES')
,p_member_person_id =>73);
END;
<<<<<<<<<<<<<<<<<<<<<<<<<<>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
SQL> @delete_from_group.sql
Input truncated to 1 characters
DECLARE
ERROR at line 1:
ORA-01086: savepoint 'DELETEUSERFROMLIST_SAVEPOINT' never established
ORA-06512: at "MOC.WWSEC_API", line 2467
ORA-06510: PL/SQL: unhandled user-defined exception
ORA-06512: at "MOC.WWCTX_SSO", line 849
ORA-06510: PL/SQL: unhandled user-defined exception
ORA-06512: at "MOC.WWCTX_SSO", line 669
ORA-06502: PL/SQL: numeric or value error
ORA-06512: at line 3
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Thanks
regards
-Ananth

We had the same problem and it turned out that deleting a portal user(delete_portal_user), removing a portal user from a list (delete_user_from_list) or updating a portal user, the "savepoint xxxx never established message" came up when there was no context set. If the procedure is called from within a portal page (or as user portal30) ,and the context is set and it works. The solution is to check to see if the context was set, and then set it if not.
if not portal30.wwctx_api_private.is_context_set then
portal30.wwctx_api_private.set_context(p_user_name => 'portal30');
end if;
Hope this helps
Tania

Display attachments in SAP work list (at user decision) from portal.

Hi Experts,
How can we get the uploaded attachment form portal to SAP UWl .
We have requirement like user wants to upload the travel expenses related documents (.PDF,.Txt or .doc files) in portal that attachments needs to available in approver inbox as link at user decision level.
We have done the binding part and we are getting the attachment from first level to next level but unable to get the attachments uploaded in portal.
I found one link but itu2019s not working.
How to store Multiple Attachments in Workflow.
SAP_WAPI_GET_ATTACHMENTS by using this function module I am getting only OBJECT_ID                                SOFM
DESCRIPT                       Office Document
SHORTTEXT                      Office Document
Please help....good Rewards for useful answers ....
Edited by: RameshG on Jan 12, 2011 7:04 PM

Dear Ramesh,
Need your help!
While creating travel expense request from Enterprise Portal, travelers create few attachments [pdf/doc/xms/txt] and then save the travel expense reports.
A workflow then gets triggered and this travel expense report reached the SAP Inboxes of the checkers [in the finance department].
The issue here is that these checkers do not have access to enterprise portal and they expect to see the attachments [that the traveler has created via the portal] via corresponding work items in their SAP Inboxes u2013 which currently is not happening!
I checked the trip transaction that got created [in the backend / in SAP] and found the u2018attachment listu2019 menu option in GOS being disabled [may be because there is not even one attachment that has come to the backend!]
What needs to be done so that the attachments can even be viewed from the backend / from SAP Inbox? Does this involve coding?
Please suggest!
Br,
Hari

Portal Runtime Error while performing User Mapping to SAP SRM

Please find below the error I received while User Mapping from Enterprise Portal to SAP SRM :
Portal Runtime Error
An exception occurred while processing a request for :
iView : pcd:portal_content/administrator/super_admin/super_admin_role/com.sap.portal.user_administration/com.sap.portal.user_mapping/com.sap.portal.userMappingAdmin/com.sap.portal.userMappingAdmin
Component Name : com.sap.portal.usermanagement.admin.UserMappingAdmin
User Mapping not fully available..
Exception id: 04:21_23/06/05_0073_8097650
See the details for the exception ID in the log file

Hi,
yes, Karsten is correct. Just some background:
"User Mapping not fully available.." finally means that user mapping is configured to use strong encryption, but the main crypto key for user mapping is missing. Usually, that's because "SAP Java Cryptographic Toolkit" and/or "JCE policy files for unlimited strength encryption" are not installed (or the server hasn't be restarted afterwards). The note will most likely help
Best regards
Heiko

Problem about SSO using logon ticket with user mapping

Hi everyone ,
I had done SSO with Portal , BW and R/3 system.
I use logon ticket with user mapping .
When user name is same in Portal as in R/3 system, or user name is same in Portal as in BW , user can access R/3 transactions and BW report without logon.
There are some Portal users name which are different with R/3 user and BW user. And I done the user mapping for these user.
But some user mapping works fine,but most of them can't work,means that most of them need to enter mapped user ID and password.
What's the reason?
When SSO using logon ticket with user mapping, the Portal user which is different with R/3 user and BW user, can they access R/3 transaction iview and BW report iview without logon?

Hi Chen,
What you have done is correct. But the problem lies here.
Since you are using the same system object for accessing the iview, where the ticket method is set to SAPLOGONTICKET in the user Management property of the system object.
To avoid this create another system object like the previous one but set the logon method to UIDPW and select admin, user from the drop down box. Also create a system alias for this system.
Now create another iview like the previous one but link this iview to the new system. Now do the user mapping for the users which are different in portal compared with R/3. Now you should be able to login without any problems.
Another important point is login to portal with Fully qualified domain name. In the ITS property of the system object also give the FQDN.
Hope this helps
Regards
Arun

User Mapping in JCO Destination

Hi All,
My current configuration is as follows:
EP6 SP17 -> User mapped through Portal to R3 system.
JCO Destinations -> I use a one technical user for all the WAS users ('user/password' option)
I want that the JCO will use the same mapping as the Portal.
Is it possible?
Is there a guide/tutorial for configuring the User Mapping option for a JCO destionation?
p.s
i cannot use SAPLOGONTICKET because the WAS (Portal) user and the R3 user are different.
Thanks,
Omri

Hi Omri,
I don`t think the Portal user mapping could be utilized by JCo destination on WAS in a trivial way.
You can try to read such data using Portal service in your WD application and afterward pass JCo connection to RFC model but may be it is not so good idea.
Another option is to move user mapping logic to R/3 ( don`t ask how it is just guess ).
Also there is no user mapping on the WAS regarding JCo destination (at least I have never heard about it).
Best regards, Maksim Rashchynski.

JAVA API Personalization iview / User Mapping

I am using the following code snippet to get the
User Mapping from the "Personalization" iview
IUserMappingData iumd = iums.getMappingData (systemalias, iuser);
Is there a similiar SET method?
TIA -hs

hI
When you use umdata.enrich(map), soon after that, use SET property in the Hash Map and finally call umdata.storeLogonData(Map). This map should contain updated credentials.
Hope this works.
Pls reward points if useful
Murali.

Unable to map the portal user with back end user through web dynpro coding

Hi All,
I 've a portal user which is mapped to back end user by system in the portal.
i 'm able to get the portal user from web dynpro application.
But unable to get the mapped back end user
this is my code
String systemalias = "SAP_CRM_PROD";
Map mapattr = new HashMap();
          //     IPrincipal principal = (IPrincipal) request.getUser();
//   get user user mapping information
IUserMappingData userMapping =
               //(IUserMappingData) UMFactory.getUserMapping().getUserMappingData(systemalias, principal, mapattr);
               (IUserMappingData) UMFactory.getUserMapping().getUserMappingData(systemalias,principal,mapattr );
//                  For testing purposes only
               //mappingData = userMapping;
               HashMap map = new HashMap();
               userMapping.enrich(map);
               mappedPassword = map.get(UMAP_KEY_PASSWORD).toString(); //String "user"
               mappedUserId = map.get(UMAP_KEY_USER).toString(); /
following is the error reported .
The project was not built since its classpath is incomplete. Cannot find the class file for javax.xml.soap.SOAPMessage. Fix the classpath then try rebuilding this project.
please help.

Hi Sanjay,
   request component need to be initialized before using it. Include these lines before ur code.
IPortalComponentRequest request = (IPortalComponentRequest) this.getRequest();
String mappedPassword = null;
String mappedUserId = null;
Also check these threads for ur help.
Accessing Mapped Username / Password
How to access user id and password via UserMapping ?
Reward points for helpful answers.
Regards,
Harini S

Exception in User Mapping (Remote iViews) in Federated Portal Network (FPN)

Hi all,
I am trying to implement Federated Portal Network. Content Usage mode as 'Remote Delta link' but getting runtime exception at Consumer Portal side while navigating through following path:
Ideally it should display login page asking for user credentials to connect to remote producer portal
Path at Consumer Portal side: Personalize -> User Mapping (Remote iViews) -> select remote producer portal alias from Remote Content Provider dropdown
Consumer portal : EP1 SPS 12
Producer portal: EP4 SPS 11
Exception as below:
The initial exception that caused the request to fail, was:
com.sapportals.portal.pcd.gl.PermissionControlException: Access denied (Object(s): portal_content/every_user/general/eu_role/com.sap.portal.portal_personalization/com.sap.portal.umeEnduserRemoteUserMappingWD/com.sap.portal.umeEnduserRemoteUserMappingWD)
at com.sapportals.portal.pcd.gl.PcdFilterContext.filterLookup(PcdFilterContext.java:422)
    at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1248)
    at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254)
    at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254)
    at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254)
Request you to kindly share your inputs.
Thanks and Regards

Hi all,
I am trying to implement Federated Portal Network. Content Usage mode as 'Remote Delta link' but getting runtime exception at Consumer Portal side while navigating through following path:
Ideally it should display login page asking for user credentials to connect to remote producer portal
Path at Consumer Portal side: Personalize -> User Mapping (Remote iViews) -> select remote producer portal alias from Remote Content Provider dropdown
Consumer portal : EP1 SPS 12
Producer portal: EP4 SPS 11
Exception as below:
The initial exception that caused the request to fail, was:
com.sapportals.portal.pcd.gl.PermissionControlException: Access denied (Object(s): portal_content/every_user/general/eu_role/com.sap.portal.portal_personalization/com.sap.portal.umeEnduserRemoteUserMappingWD/com.sap.portal.umeEnduserRemoteUserMappingWD)
at com.sapportals.portal.pcd.gl.PcdFilterContext.filterLookup(PcdFilterContext.java:422)
    at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1248)
    at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254)
    at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254)
    at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254)
Request you to kindly share your inputs.
Thanks and Regards

Retriving user details from user rofile in portal database

HI all,
any one knows how to retrive user details from user rpofile in portal database. I am using webdynpro appliction.Please reply.
Thank you
Maruthi

Hi maruti Rao ,
All Gives U gud Idea..here i give u some brief procedure.First of all u need to add 2 jar file in ur project structure for proper working of "com.sap.security.api.IUser" Interface. After that for retriving Users data Stored on LDAP Server.
If you are using an LDAP directory as a data source for your user-related data, the logical attribute names used by the Java application programming interface (API) of SAP User Management Engine (UME) must be mapped to the physical attribute names used in the schema of your corporate LDAP directory.
Example Data-Source File is as Below From Where U can Get All The Information of Logged user...
<dataSources>
<dataSource id="CORP_LDAP"
 className="com.sap.security.core.persistence.datasource.imp.LDAPPersistence"
 isReadonly="false"
 isPrimary="true">
<responsibleFor>
 <principal type="account">
 </principal>
 <principal type="user">
 <nameSpaces>
 <nameSpace name="com.sap.security.core.usermanagement">
 <attributes>
 <attribute name="firstname" populateInitially="true"/>
 <attribute name="displayname" populateInitially="true"/>
 <attribute name="lastname" populateInitially="true"/>
 <attribute name="fax"/>
 <attribute name="email"/>
 <attribute name="title"/>
 <attribute name="department"/>
 <attribute name="description"/>
 <attribute name="mobile"/>
 <attribute name="telephone"/>
 <attribute name="streetaddress"/>
 <attribute name="uniquename" populateInitially="true"/>
 </attributes>
 </nameSpace>
 </nameSpaces>
 </principal>
 <principal type="group">
 </principal>
</responsibleFor>
<attributeMapping>
 <principals>
 <principal type="account">
 </principal>
 <principal type="user">
 <nameSpaces>
 <nameSpace name="com.sap.security.core.usermanagement">
 <attributes>
 <attribute name="firstname">
 <physicalAttribute name="givenname"/>
 </attribute>
 <attribute name="displayname">
 <physicalAttribute name="displayname"/>
 </attribute>
 <attribute name="lastname">
 <physicalAttribute name="sn"/>
 </attribute>
 <attribute name="fax">
 <physicalAttribute name="facsimiletelephonenumber"/>
 </attribute>
 <attribute name="uniquename">
 <physicalAttribute name="uid"/>
 </attribute>
 <attribute name="loginid">
 <physicalAttribute name="null"/>
 </attribute>
 <attribute name="email">
 <physicalAttribute name="mail"/>
 </attribute>
 <attribute name="mobile">
 <physicalAttribute name="mobile"/>
 </attribute>
 <attribute name="telephone">
 <physicalAttribute name="telephonenumber"/>
 </attribute>
 <attribute name="department">
 <physicalAttribute name="ou"/>
 </attribute>
 <attribute name="description">
 <physicalAttribute name="description"/>
 </attribute>
 <attribute name="streetadress">
 <physicalAttribute name="postaladdress"/>
 </attribute>
 <attribute name="pobox">
 <physicalAttribute name="postofficebox"/>
 </attribute>
 <attribute name="preferredlanguage">
 <physicalAttribute name="preferredlanguage"/>
 </attribute>
 </attributes>
 </nameSpace>
 </nameSpaces>
 </principal>
 <principal type="group">
 </principal>
 </principals>
</attributeMapping>
</dataSources>
regard's
Dheerendra Shukla

Portal User Mapping

Hi,
I have installed AS ABAP and AS JAVA on one host.
I have installed EP along with AS JAVA.
ecc6.0 with EP simply.
no i have created a system alias in portal and done the connection parameters.
during the connection test the user mapping is failed.
I cannot create a user in portal also.
my erp users are also not signing in .
Let me know how to move further.
Regards,
Saravanan.S

Hi Saravanan,
Normally, if you installed ECC 6.0 with Java Stack together, Java Stack is connected to the Client 001. All the Users within this client must be able to logon to portal. If you want another Client to be used with portal, then you've to modify SAP Conneciton Parameters via Configtool > Global Server Configuration > Services > com.sap.security.core.ume.service and for parameters:
ume.r3.connection.master.client
ume.r3.connection.master.*
parameters
Usually a connector User created and named SAPJSF in client 001. Easiest way is to create those Portal Connector Users within the New client, or make a client copy with profile SAP_USER from 001 > <target_client>
After you must be able to logon portal with users
As PortalUID and SAPUID will be same, you must use SAP Logon Ticket to enable SSO between them. Also please check the profile parameters to enable SSO.
for details please refer to
http://help.sap.com/saphelp_nw04s/helpdata/en/1c/22afe3b26011d5993800508b6b8b11/frameset.htm
regards

How to access a Portal User Info from a J2EE application?

Hi,
I have deployed a j2ee application in portal and its running fine.
from that application i need to assign some roles to some users.i have the user id.
so my doubt is can i access the portal user info from this j2ee application?i have some servlets in the j2ee application....can i get the portal user info from this servlet?
plz help me
regards,
Visweswar

Hi,
Please check out this to get the portal user information from Java -
WdClientUser class/Interface to aciehve this.
Please check out these links on the same -
WDClientUser.getClientUser IUser
help needed
Regards
Lekha

User mapping from portal to R/3

Similar Messages

Maybe you are looking for