WebRFC Logon Administration 
WebRFC Logon Administration
When users log on to the R/3 System via the SAP Graphical User Interface (SAPgui), they have to enter the usual logon information such as user name and password, together with any other relevant details (for example, language). Their user authorizations then determine what they can or cannot do.
When users access the R/3 System from the Web, they click on a URL which, in most cases, also takes them to a logon page where they enter logon information. What they are then allowed to do again depends on their user authorizations in the R/3 System.
URLs that point to WebRFC applications may contain predefined logon information. You can specify values for any of the parameters in the following table.
Logon Information in URLs
URL parameter |
Example value |
Description |
~service |
XGWFC |
ITS service name. |
~client |
000 |
Client. |
~login |
WEBLOGIN |
SAP user name. |
~password |
******** |
SAP user password. |
~language |
E |
Language. |
The ~service parameter is mandatory, since it specifies the service file in the SAP Internet Transaction Server (ITS) that contains the information required to access an R/3 System.
For information on service files, see
WebRFC Service File Administration.The other parameters are optional.
http://<mymachine:myport>/scripts/wgate/xgwfc/!?_FUNCTION=WWW_GET_TREE_LIST
This URL calls the function module WWW_GET_TREE_LIST, but the logon information is incomplete. The URL specifies the service as required, but not the client, user name, password, or language. Any Web user who clicks on this URL would see a logon screen requesting entry of the missing information.
The more logon information you specify in the URL, the less the user is required to enter on the logon screen.
http://<mymachine:myport>/scripts/wgate/xgwfc/!?~language=E&_FUNCTION=WWW_GET_TREE_LIST
This URL specifies the language. Therefore, a Web user who clicks on this URL would see a reduced logon screen.
If a URL contains all necessary logon information, the user gains immediate access to R/3.
For security reasons, you should exercise caution when specifying passwords in URLs.
Logon information is stored in the ITS for the duration of a user’s terminal session.