Creating Users (Step 2)
There are two types of users that are relevant for the set-up of data archiving:
● Technical communication user: Used in the HTTP connection between the application system(s) and XML DAS
● Individual administration user: Used to login to XML DAS Administration
An arbitrary number of users is possible. Both types of users must be known to the user management of the AS Java hosting XML DAS. For the users to be valid, they must be assigned to the security role XMLDASSecurityRole.
The assignment of the security role XMLDASSecurityRole is valid for both types of users in SAP NetWeaver 7.0 (2004s) up to SP12. For the individual administration user in SP13 see the appropriate documentation.
The procedure for
creating a user and assigning it to a security role depends on the SAP
NetWeaver Application Server installation option (add-in or standalone –
see
Selecting
the UME Data Source). The following section describes which procedure you
need to follow for which option.
Procedure
The following steps apply to the AS Java hosting the XML DAS.
Add-in installation
1.
Create a user or as
many users as you like via the ABAP transaction SU01. For more information see
Creating and
Maintaining User Master Records.
a. For administration users: We recommend that you create a dialog user (type A).
b. For communication users: We recommend that you create a system user (type B) to prevent the password change request from terminating the system communication.
2. Assign the users you created to a role of your choosing using transactions SU01 or PFCG. You could create new roles for this purpose using transaction PFCG:
a. For administration users create role Z_XMLDAS_ADMIN for example
b. For communication users create role Z_XMLDAS_CLIENT for example
3. Assign each role to the security role XMLDASSecurityRole:
a. Start the Visual Administrator.
b. Select <your server> → Services → Security Provider.
c. In the Policy Configurations tab and under Components select sap.com/tc~TechSrv~XML_DAS*DataArchivingService.
d. Go to the Security Roles tab and select XMLDASSecurityRole.
e. Under Mappings use the Add function for Groups to search for the roles you created in step 2.
Standalone AS Java installation (assuming the users are stored in the database of the AS Java)
...
1. Create a user or as many users as you like:
a. Start the Visual Administrator.
b. Select <your server> → Services → Security Provider.
c. In the User Management tab choose Create User.
For a communication user we recommend that you activate the No password change required option in the Account detail information screen. You can reach the screen by searching for and then selecting the user you just created.
2. Assign the users you created to a group of your choosing. You could create new groups for this purpose in the User Management tab choosing Create Groups:
a. For administration users create group Z_XMLDAS_ADMIN for example.
b. For communication users create group Z_XMLDAS_CLIENT for example.
3. Assign the groups to the Security Role XMLDASSecurityRole:
a. In the Security Provider go to the Policy Configurations tab.
b. Under Components select sap.com/tc~TechSrv~XML_DAS*DataArchivingService.
c. Go to the Security Roles tab and select XMLDASSecurityRole.
d. Under Mappings use the Add function for the Groups you created in step 2
Result
You have created the necessary technical communications and individual administration users and assigned them to the security role XMLDASSecurityRole for your type of AS Java installation.