SAP Basis Services
Interfaces
In order for the stored business logic of an application to be executed correctly, the executing user must also have the necessary permission objects in the flow logic of the OData services in his role. If Authority Checks are performed here, e.g. to query or change data on the backend server, the corresponding role must be authorised. These permissions are expressed in a role by permission objects, as in any ABAP report. If you follow these steps, your Launchpad users should have the Fiori permissions necessary to launch the launchpad, view all relevant tiles, and run the specific apps with their business logic.
This makes the technical user the dialogue user and a login in the SAP system is unrestricted. So Johannes logs in with the known password of the RFC user in the production system. Thanks to very extensive permissions, it now has access to all sorts of critical tables, transactions, and programmes in production. With the identity of the RFC user Johannes starts with the technical compromise of the production system... RFC Security: All invented - or everyday threat? Whether a simple trim, altered biometric properties or an encapsulated technical user in the SAP system: the basis of the compromise is the same. A person uses a different identity to gain access and permissions to protected areas. Moreover, the evil in all three stories could have been prevented by pro-activity. When was the last time you thought about the security of your RFC interfaces? Can you say with certainty that all your technical RFC users only have the permissions they actually need? And do you know who exactly knows the passwords of these users? Can you 100% rule out that not now in this moment an SAP user with a false identity infiltrates your production systems? Change now: It's about pro activity! But before you start now and start looking for the "identity converter" (which I really do not recommend!), I suggest that you take root of evil and proactively strengthen your RFC security. So if you want to find out more, I have the following 3 tips for you: 1) Our e-book about SAP RFC interfaces 2) Clean up our free webinar about RFC interfaces 3) Blog post about our approach to optimising RFC interfaces As always, I look forward to your feedback and comments directly below these lines!
Introduction/training of the in-memory database
Practical experience at home and abroad has given us a proven view of heterogeneous system landscapes. This flows into our consulting as a further plus point and creates not only smooth functionality but also cost efficiency of your individual system landscape.
EDI enables companies to exchange business data such as purchase orders or invoices electronically. This data exchange is known as Electronic Data Interchange (EDI). What steps are needed to exchange data between two systems? In this post, I'd like to show you how to configure your SAP system so that an order, after it has been released, is sent electronically to your supplier. Data exchange between two systems requires a valid RFC connection to the receiver system and a transactional RFC IDoc port.
"Shortcut for SAP Systems" is a PC application that simplifies or even facilitates many activities in the SAP base.
This allows us to focus on optimizing your SAP systems, not only reactively in the event of an error, but also proactively to avoid possible errors before they occur.
It is possible to specify a trace level for each rule in the ACL file to monitor each communication channel individually.