Skip to Content
Author's profile photo Former Member

Using the ABAP stack to perform Java stack UME group activities

In a single-stack Java environment, it is often useful to be able to perform user/group assignments based on external factors. For example, group membership could be derived based upon an organisation structure maintained in a separate ABAP stack.


If the underlying persistence mechanism is LDAP, such assignments might be able to be defined using LDIF file creation and upload or by using the existing ABAP/LDAP interface tools, but I wanted to provide a more generic mechanism.


My idea was to write a portal component that was able to take a set of group operation commands passed by URL, process those commands and return appropriate responses. The second task was to write an ABAP demonstration program that could then be used to invoke the component, pass commands and handle the responses.


The commands I decided to support are:
Unexpected command “command” foundGroup “group” not foundGroup “group” already existsGroup “group” createdaction ” failed – ” + e.getLocalizedMessage()+”Group “group” does not existUser “user” does not existUser “user” added to group “groupaction” failed – ” + e.getLocalizedMessage()+”Group “group” does not existUser “user” does not existUser “user” removed from group “groupaction” failed – ” + e.getLocalizedMessage()+”“);

}

};

public void doContent(
IPortalComponentRequest request,
IPortalComponentResponse response) {

}
}

In the portalapp.xml we need to include a service reference to com.sap.portal.usermanagement.

The ABAP test program uses the HTTP_GET function module to invoke the URL pass the command. The command is passed in a table structure (REQUEST_ENTITY_BODY) and the response is returned in another table structure (RESPONSE_ENTITY_BODY).

The response needs to be concatenated into a string so that it can be parsed.

The test code follows.


&—-



*& Report  ZMN3                                                        *
*&                                                                     *
&—-



*&                                                                     *
*&                                                                     *
&—-



REPORT  ZMN3.


parameters: host(30) default ‘portalhost’ lower case,
            port(5) default ‘50000’ lower case,
            comp(50) default ‘com.sap.anz.UMEthings.Remote’ lower case,
            username(12) default ‘i016416’ lower case,
            password(20) lower case,
            user(20) default ‘test-user’ lower case ,
            group(20) default ‘testgroup’ lower case,
            donewgrp as checkbox,
            doadd as checkbox,
            doremove as checkbox.
TYPES: BEGIN OF t_body_wa,
         line(255) TYPE c,
       END OF t_body_wa,
       BEGIN OF t_header_wa,
         line(120) TYPE c,
       END OF t_header_wa,

  • table types

t_body_itab TYPE t_body_wa OCCURS 0,
t_header_itab TYPE t_header_wa OCCURS 0.


data: fullURL(150).
data: len type i.
data: searchfor(10).
data:   l_request_body_itab TYPE grmg_response_itab,
        l_response_body_itab type grmg_response_itab,
        l_response_header_itab TYPE t_header_itab,
        l_request_body_wa TYPE t_body_wa.


concatenate ‘http://‘  host  ‘:’  port  ‘/irj/servlet/prt/portal/prtroot/’
  comp into fullURL.
concatenate fullURL ‘?j_user=’ username ‘&j_password=’ password into fullURL.
*write: / fullURL.


perform listgroups.


if donewgrp <> space.
  perform newgroup.
endif.


perform showmembers.


if doadd <> space.
  perform addmember.
endif.


if doremove <> space.
  perform delmember.
endif.


&—-



*&      Form  listgroups
&—-



  •       text

—-



form listgroups.


  l_request_body_wa-line = ‘showgroups’.
  len = 10.


  searchfor = ‘Group’.
  write: / ‘Groups on portal:’.
  perform do_it.


endform.                    “listgroups


&—-



*&      Form  addmember
&—-



  •       text

—-



form addmember.
  concatenate ‘addmember:’ group ‘:’ user into l_request_body_wa-line.
  len = 11 + strlen( group ) + strlen( user ).


  searchfor = ‘Message’.
  uline.
  write: / ‘Adding member’, user, ‘to group’, group, ‘:’.
  perform do_it.


endform.                    “addmember
&—-



*&      Form  showmembers
&—-



  •       text

—-



form showmembers.
  concatenate ‘showmembers:’ group into l_request_body_wa-line.
  len = 12 + strlen( group ).


  searchfor = ‘User’.
  uline.
  write: / ‘Members of group’, group, ‘:’.
  perform do_it.


endform.                    “showmembers


&—-



*&      Form  delmember
&—-



  •       text

—-



form delmember.
  concatenate ‘delmember:’ group ‘:’ user into l_request_body_wa-line.
  len = 11 + strlen( group ) + strlen( user ).


  searchfor = ‘Message’.
  uline.
  write: / ‘Removing member’, user, ‘from group’, group, ‘:’.
  perform do_it.


endform.                    “delmember
&—-



*&      Form  newgroup
&—-



  •       text

—-



form newgroup.
  concatenate ‘newgroup:’ group into l_request_body_wa-line.
  len = 9 + strlen( group ).


  searchfor = ‘Message’.
  uline.
  write: / ‘Creating new group’, group, ‘:’.
  perform do_it.


endform.                    “newgroup


&—-



*&      Form  do_it
&—-



  •       text

—-



form do_it.
  data: wholelot(10000).
  data: found(1).
  data: pos type i.
  data: start(12).
  data: end(13).
  data: slen type i.


  free l_request_body_itab.
  append l_request_body_wa to l_request_body_itab.
  free l_response_body_itab.


  CALL FUNCTION ‘HTTP_GET’
    EXPORTING
      ABSOLUTE_URI                      = fullURL
     REQUEST_ENTITY_BODY_LENGTH        =  len

  •               RFC_DESTINATION                   =
  •               PROXY                             =
  •               PROXY_USER                        =
  •               PROXY_PASSWORD                    =
  •               USER                              =
  •               PASSWORD                          =
  •               BLANKSTOCRLF                      =
  •               TIMEOUT                           =
  •             IMPORTING
  •               STATUS_CODE                       =
  •               STATUS_TEXT                       =
  •               RESPONSE_ENTITY_BODY_LENGTH       =

    TABLES
     REQUEST_ENTITY_BODY               = l_request_body_itab
      RESPONSE_ENTITY_BODY              = l_response_body_itab
                  RESPONSE_HEADERS                  = l_response_header_itab

  •               REQUEST_HEADERS                   =

   EXCEPTIONS
     CONNECT_FAILED                    = 1
     TIMEOUT                           = 2
     INTERNAL_ERROR                    = 3
     TCPIP_ERROR                       = 4
     DATA_ERROR                        = 5
     SYSTEM_FAILURE                    = 6
     COMMUNICATION_FAILURE             = 7
     OTHERS                            = 8
            .
  IF SY-SUBRC <> 0.
    MESSAGE ID SY-MSGID TYPE SY-MSGTY NUMBER SY-MSGNO
            WITH SY-MSGV1 SY-MSGV2 SY-MSGV3 SY-MSGV4.
  else.
    wholelot = ”.
    loop at l_response_body_itab into l_request_body_wa .

  •    write: / l_request_body_wa-line.

      concatenate wholelot l_request_body_wa-line into wholelot.
    endloop.
    concatenate ‘<‘ searchfor ‘>’ into start.
    concatenate ‘</’ searchfor ‘>’ into end.
    slen = strlen( start ).


    found = ‘y’.
    while found = ‘y’.
      search wholelot for start.
      if sy-subrc <> 0.
        found = ‘n’.
      else.
        pos = sy-fdpos.
        pos = pos + slen.

  •    write: / ‘found at’, sy-fdpos.

        shift wholelot by pos places.
        search wholelot for end.
        pos = sy-fdpos.
        write: / wholelot(pos).
      endif.
    endwhile.


  ENDIF.
endform.                    “do_it

The test program can be used to see examples of using the different commands. In this way, an ABAP could be written that could be scheduled to run nightly to:

    • get the current membership of a group
    • compare that with some details from an org structure or PFCG memberhip etc
    • use appropriate addmember and delmember commands to add and remove users


Assigned Tags

      6 Comments
      You must be Logged on to comment or reply to a post.
      Author's profile photo Igor Vernelen
      Igor Vernelen
      Hi,

      I like the solution proposed, we have been looking for something like this. I will for sure test this out.

      Isn't there a security risk as you are passing a portal user and password in the URL ?

      Regards,
      Igor.

      Author's profile photo Former Member
      Former Member
      Blog Post Author
      A similar technique is used with GRMG, which is where I got the idea from. I'm not sure if anyone would ever see the URL being invoked, or if using https might help.
      Author's profile photo Former Member
      Former Member
      Hi Michael,

      I've tried using the code that you've provided in your blog. I'm unable to proceed as the Abstract Portal Component keeps on giving me Portal Runtime Errors. Is there anything more that needs to be done ??

      Awaiting a response.

      Thanks,

      Pinac Bendre

      Author's profile photo Former Member
      Former Member
      Blog Post Author
      What sort of errors? Make sure you added the lines to portalapp.xml for the sharingreference to com.sap.portal.usermanagement.
      Author's profile photo Dhruv Shah
      Dhruv Shah

      Hi Michael,

      Indeed a very good blog. I have developed Portal component for performing UME activities, i am looking for create user, so can you let me know how to include that part in ABAP report.

      Regards,

      Dhruv

      Author's profile photo Scott Seaman
      Scott Seaman

      We've been using this for several years, thank you!

      We're planning to migrate to the 7.4 portal soon, are there any changes needed for it to work on that version?