Maintaining the User Mapping for Incoming Connections that Use Authentication
Use
For incoming connections that use SSL with client authentication, the server must be able to determine the SAP user ID to use for the connection. This is done using a mapping table (table USREXTID) on the AS ABAP. Here, you maintain the mapping between the Distinguished Name provided with the public-key certificate used for the connection and the user ID on the AS ABAP.
Prerequisites
You know the Distinguished Name used for specific connections. You can find the Distinguished Names in the corresponding PSE that is used for each connection. For more information, see Specifying that a Connection Should Use SSL.
Procedure
-
Using table view maintenance (transaction SM30), maintain the table view VUSREXTID.
-
Enter DN as the External ID Type.
-
Check for any existing entries for the Distinguished Names used for the connections. If there are existing entries, make sure the user mapping is set up the way you want it to be.
-
Create entries for those Distinguished Names that are not already maintained. Choose New entries and enter the data as required.
-
Save the data.
Example
|
Hash val.for Ext.ID |
External ID |
User |
Act. |
|---|---|---|---|
|
Not activated |
CN=MyUser, O=MyCompany, C=US |
MYUSER |
Activated |