cancel
Showing results for 
Search instead for 
Did you mean: 

Link ECC roles to Portal roles (Portal is using LDAP source for UME)

Former Member
0 Kudos

Hi all,

If a user is assigned a certain ECC ABAP role, they should also receive a related portal role. Our portal is using LDAP.

If our portal ume source was an ABAP system, I think it would be easy to achieve the ECC to ABAP role linkage.

We were thinking of developing a UME java webservice and have an ABAP proxy class consume it to allow our abap system to assign the correct portal role, and delete the portal role.

Any other ideas?

Accepted Solutions (0)

Answers (4)

Answers (4)

Former Member
0 Kudos

Just adding another reply - we are nearly complete with developing the same web service approach where custom functions in the portal are called by the ABAP backend in order to assign users to Portal Groups based on mapping maintained in custom tables in the backend (e.g. if you have X role in the backend you need to have be in the Y portal group).

The initial handshake from ABAP to Portal took a few OSS messages, but so far so good (not yet in production yet!!)

Former Member
0 Kudos

Rajendra,

Thx for your reply. Can you provide any more details as to the design of your solution with the web service? We are thinking of running a batch job nightly with a some mapping table in ECC to determine what ABAP role should link to the portal group then call the webservice to add the user to the portal group or delete the user from the portal group.

A second question is...does SAP Identity Manager offer any solution for this type of requirement?

Thanks

Former Member
0 Kudos

Hi,

One solution I have seen is using a custom configuration table in the ECC system that is used by a batch job that creates a flat file that is uploaded into the LDAP. It is not a web service based solution but is quite simple to implement. LDAP groups are mapped to portal roles in the portal UME and the user to group assignments are managed by the extract file from ECC.

BRgds,

Simon

former_member182416
Active Contributor
0 Kudos

yes,

we have a generic webservice which takes groups and userid as input params and assigns the Groups to the portal users.

Do make sure that the web service is secured using security role!

I dont have idea @ identity management offering similar solution.

Regards

Rajendra

former_member182416
Active Contributor
0 Kudos

Yes, you are on the right path.go ahead with the webservice.

we have done a similar thing.

Cheers!

Regards

Rajendra

Former Member
0 Kudos

Hi,

I think if you have an ABAP system as the UME you can import the ECC roles and they become groups in the EP system. You can then assign the portal roles to those groups. That way any users with those roles in the ECC will automatically have the right role in the EP.

BRgds,

Simon