on 09-28-2005 8:14 PM
When an ABAP proxy is created,what controls are available to ensure that only authorized access to it occurs?
When a proxy is in the ESR, what controls who can use it? So if I have a XI system that is using the proxy, what is ther to stop another XI system to access the same object, or someone who can send the right soap messages?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Rick,
If i'm not wrong your question is
" Is the proxy created is unique for particular interface pointing the XI system?"
Yes, Proxy u create for the message interface in SAP system is unique and u cannot access the same proxy from some other XI system.
Regards,
Dhana
Message was edited by: Dhanachezhiyan Mahalingam
Hi Rick,
An interesting question... what is stopping any other application from sending an XML message of the right format into the receiver pipeline of the application system.
Well, the answer is user authentication. You can disable anonymous logon to the XI engine (in transaction SICF). When you configure the connection from XI either using a sm59 destinaton or URL directly in the communication channel, you specify a username and password. The connection can be made over HTTPS ensuring further security.
Of course , if you know the username and password, theoretically you should be able to configure a stand-alone J2EE adapter to pick up, for example, a file and convert into the XML format expected by the proxy and send it in to the receiver pipeline for the proxy to be executed. Have never tried it yet though.
Cheers
Manish
Hope this helps you.
your question is not clear, please elaborate.
regards
Shravan
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
90 | |
10 | |
10 | |
10 | |
7 | |
7 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.