Show TOC

Consumer Application DetailsLocate this document in the navigation structure

Prerequisites

You have created a consumer application. For more information, see Configuring Consumer Applications .

Features

Security Considerations

If the WSDL document of the service endpoint that the client application consumes (using a service reference) does not contain any policies or SAP-specific features, the security mechanism of a service endpoint cannot be determined. In this case, the system examines only the security policies of the communication profile that is used in the system connection and the assigned user account. The system tries to consume the service endpoint using the available security mechanisms and creates a logical port for the successful attempts.

Despite the configuration entities that are created, it is possible that the logical port remains inconsistent with the security policies of the service endpoint and thus cannot consume the Web service correctly. In this case, the system displays the processed with warnings state of the Service Group assignment. This warning shows that the communication between the logical port and the service endpoint may be corrupted or even impossible. We recommend that you manually create configuration entities (logical ports) of the Service Groups (and the respective service references) which consume service endpoints whose security policies cannot be determined.

Processing States

The system displays the current state of the assignment process in the Processing State column. The following states are available:

to be processed

The configuration is pending for processing. This state might occur directly (for example, when the Service Group has been assigned to another system), or indirectly (for example, when the provider system has been changed and the relevant assignments need to be reconfigured). If the previous state of the assignment was processed, there might be a period of time where old configurations are still available; they should be removed or updated when the assignment is processed.

processed

The configuration of each service reference in the appropriate Service Group is generated successfully.

processed with warnings

Can occur if the provider system does not support the WS-Policy standard and, consequently, the configuration framework cannot determine the exact policies required by a given endpoint, for example, if user and password authentication is supported or Single Sign-On. In this case, the framework assumes a default policy - if there is a user account, it assumes that user and password authentication is supported, otherwise Single Sign-On. The generated configuration needs to be double checked by an administrator, and if it is not the right one, he or she would have to configure the whole Service Group manually.

failed

There was a failure during the creation of logical ports. Use the Show Log button to see error details.

You can display more information about the processing state in the Log Viewer application. For more information, see Log Viewer .

Allowed Authentication Methods

The table below shows the allowed authentication methods for each authentication profile.

Authentication Profile

Authentication Methods

Business or Technical User

  • If the user account has credentials for basic authentication over the HTTP protocol, then the allowed authentication methods are:

    • User Name/Password (Basic)

    • User Name/Password Doc.Auth.

    • SAP Logon Ticket

    • None

  • If the user account has credentials for secure SSL communication over the HTTPS protocol, then the allowed authentication methods are:

    • X.509 Client Certificate

    • SAP Logon Ticket

    • None

  • If the user account has credentials for authentication over the Web Service Security protocol, then the allowed authentication methods are:

    • SAML Assertion

    • X.509 Certificate Doc.Auth.

    • SAP Logon Ticket

    • None

  • If there is no user account, then allowed the authentication methods are SAP Logon Ticket and None .

Business User

SAP Logon Ticket

Technical User

  • If the user account has credentials for basic authentication over the HTTP protocol, then the allowed authentication method is User Name/Password (Basic) .

  • If the user account has credentials for secure SSL communication over the HTTPS protocol, then the allowed authentication method is X.509 Client Certificate .

  • If the user account has credentials for authentication over the Web Service Security protocol, then the allowed authentication methods are SAML Assertion and X.509 Certificate Doc.Auth. .

No Authentication

  • If the user account has credentials for basic authentication over the HTTP protocol, then the allowed authentication methods are:

    • User Name/Password (Basic)

    • User Name/Password Doc.Auth.

    • None

  • If the user account has credentials for secure SSL communication over the HTTPS protocol, then the allowed authentication methods are:

    • X.509 Client Certificate

    • None

  • If the user account has credentials for authentication over the Web Service Security protocol, then the allowed authentication methods are:

    • SAML Assertion

    • X.509 Certificate Doc.Auth.

    • None

  • If there is no user account, then the allowed authentication method is only None .

The allowed authentication methods have to be set to the communication profile.