How to handle non-SAP users

Development (ABAP Development WorkBench, ABAP/4 programming)

Moderators: Snowy, thx4allthefish, YuriT, Gothmog

Post Reply
new2sapfans
Posts: 71
Joined: Thu Jan 01, 2009 11:01 am

How to handle non-SAP users

Post by new2sapfans » Sat Jan 10, 2009 6:44 pm

We just upgraded to ECC 6.0 and the client wants to create the facility for vendors to log on
and view their open items.
I could write a BSP / Webdynpro application to get data like the FBL2N, but am not sure how the authentication should be set up?
As only one SAP user would be used to run the webdynpro, how will the various "vendors" be authenticated?
We do not have Enterprise Portal, should I be writing a custom BSP for the logon and authentication? and custom session maintenance?

Rich
Posts: 7116
Joined: Thu Oct 31, 2002 4:47 pm
Location: Liverpool
Contact:

Re: How to handle non-SAP users

Post by Rich » Mon Jan 12, 2009 2:13 am

You will need a way of identifying each vendor individually. The easiest way would be to assign them user names. That then gives you the entire SAP Authorisation concept to work with to prevent further unauthorised access to your system.

However, if you are limited to a single web dynpro user then you would need to have a single custom table with the vendor number in it and a password (well... not the actual password but the MD5 hash value of the password). A logon screen would be presented to the vendor and they would be required to enter their vendor number and password.

If the vendor number and password are valid then they then get passed onto a custom screen which just displays the data they require to see.
Regards

Rich

Image
Abap KC:http://www.richard-harper.me.uk/Kb
SFMDR:http://www.se37.com

Post Reply