Skip to Content

Configuring web-service with Authentication - UME group restriction

Hi,

I'm trying to configure a web-service created with CAF so that access is restricted to a particular UME group. I've found the page in the [SAP help |http://help.sap.com/saphelp_nwce10/helpdata/en/44/4d2bb1c6b00597e10000000a155369/content.htm] that describes the ability to configure the authentication for a particular web-service.

What I can't find is how to restrict the access to a particular UME group.

Anyone have any ideas?

Thanks.

Dick

Add comment
10|10000 characters needed characters exceeded

  • Follow
  • Get RSS Feed

1 Answer

  • Best Answer
    author's profile photo
    Former Member
    Sep 18, 2008 at 11:07 AM

    Dear Richard,

    I restricted access to my simple test web service to a defined UME group this way:

    NetweaverAdministrator -> SOA Management -> Business Administration -> WebService Management:

    - configure authentication method, e.g. user/pw

    WebService implementation:

    - restrict access to a JEE role with @RolesAllowed annotation

    Example:

    com.sap.demo.kaitest.modeled.appsrv.calculator.CalculatorBean {

    @com.sap.caf.dt.CAFOperation(name = "sum")

    @javax.jws.WebMethod(exclude=false, operationName="sum")

    @javax.jws.WebResult(name="result")

    @RolesAllowed("calculator")

    public java.lang.Integer sum(@javax.jws.WebParam(name="val1")

    java.lang.Integer val1, @javax.jws.WebParam(name="val2")

    java.lang.Integer val2) {

    return val1+val2;

    }

    After deploying the application the JEE role "calculator" is available as UME action in Identity management. You can then add this action to a UME role.

    -> only users with this role can access the web service

    Best Regards

    Kai

    Add comment
    10|10000 characters needed characters exceeded