Skip to Content
author's profile photo Former Member
Former Member

Authorization needed to invoke Webservices on WAS640

Hi

We have a ECC 5.0 box that is based on WAS640. We created a Webservice definition on the ECC5.0 box based on a XI message interface endpoint and we released the webservice for SOAP runtime.

When we try to invoke the webservice from a SOAP client - I get the following response

http://schemas.xmlsoap.org/soap/envelope/">

<soap-env:Body>

<soap-env:Fault>

n0:FailedAuthenticationhttp://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">n0:FailedAuthentication>

<faultstring xml:lang="e">Authority check failed</faultstring>

</soap-env:Fault>

</soap-env:Body>

</soap-env:Envelope>

There is a single role for the userid that is used by the SOAP client to consume the webservice on R3 - SAP_XI_APPL_SERV_USER .

What role am I missing for the webservice user - inorder to fix this problem

Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

3 Answers

  • Posted on Jan 10, 2008 at 04:59 PM

    Hi,

    are you using SOAP adapter between ECC and XI? I think PROXY, RFC or IDoc are the best adapters for communicatiob between SAP systems.

    Someone correct me if was wrong..!!

    VJ

    Add a comment
    10|10000 characters needed characters exceeded

  • Posted on Jan 10, 2008 at 05:05 PM

    Hi,

    Try these authorizations..

    SAP_XI_DEVELOPER (Composite)

    SAP_SLD_DEVELOPER

    SAP_XI_DEMOAPP

    SAP_XI_DEVELOPER_ABAP

    SAP_XI_DEVELOPER_J2EE

    and also refer to http://www.erpgenie.com/sap/netweaver/xi/xiauthorizations.htm

    I hope this will help you.

    Regards

    Aashish Sinha

    PS : reward points if helpful

    Add a comment
    10|10000 characters needed characters exceeded

  • author's profile photo Former Member
    Former Member
    Posted on Jan 10, 2008 at 05:06 PM

    Hi !

    Your scenario is SOAP->XI->IDOC/RFC/PROXY ? I mean, you published a webservice in XI (not in ECC) to allow access to a ECC process. And then use another type of connection (IDOC/RFC/Abap Proxy) to connect XI to ECC. Is that right?

    If yes, you should have 2 users, one that is used in every soap client to connect to XI, that should be an XI user with role SAP_XI_APPL_SERV_USER. then another user, created in ECC that should be used in XI to connect to ECC depending on the type of connection.

    Regards,

    Matias.

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.