Show TOC

 User Data SynchronizationLocate this document in the navigation structure

The AS Java has an open service provider architecture for storing user data. In the standard system, SAP uses the user data management functions of the user management engine (UME) store provider. The UME is the default active user store interface on the AS Java. The UME itself has a number of options for storing user data.

More information: UME Data Sources .

Overview of User Stores

You can configure the use of several user stores in parallel and specify which user store is active in a server configuration. At runtime, the active user store is transparent to the user, and the user is not aware of the user store provider that is actually used for user authentication and authorization.

User Data Management in UME

Consistent with the open architecture of user management in the AS Java, UMEalso allows you to import and export user data from and to LDAP, database or AS ABAP data sources.

For an overview of the architecture and the process flow of user data replication in the UME, see the figure below.

You can use the transport layer security mechanisms available for the corresponding communication protocols to secure the remote communication for UME data sources.

More information: Communication Security for Persistency Stores .

For identity provisioning, UME provides a remote interface using the Service Provisioning Markup Language (SPML) standard. Using the SPML APIs of the UME, you can perform identity management functions on users, group and role objects. The APIs can be used for user management with all of the data sources (SAP system, LDAP server or other database), supported by the UME.

The AS Java can accept SPML requests to perform the following identity management functions. The available functions can also be bundled together in batch requests:

  • Creating objects
  • Modifying objects
  • Searching for objects
  • Deleting objects

The AS Java accepts and processes the SPML request using Simple Object Access Protocol (SOAP) messages (according to the SPML 1.0 Bindings specification). The URL address used by the SPML service on the AS Java is <server>:<port>/spml/spmlservice.

 

More Information: