Skip to Content
In a single-stack Java environment, it is often useful to be able to perform user/group assignments based on external factors. For example, group membership could be derived based upon an organisation structure maintained in a separate ABAP stack.


If the underlying persistence mechanism is LDAP, such assignments might be able to be defined using LDIF file creation and upload or by using the existing ABAP/LDAP interface tools, but I wanted to provide a more generic mechanism.


My idea was to write a portal component that was able to take a set of group operation commands passed by URL, process those commands and return appropriate responses. The second task was to write an ABAP demonstration program that could then be used to invoke the component, pass commands and handle the responses.


The commands I decided to support are:
Unexpected command “command” foundGroup “group” not foundGroup “group” already existsGroup “group” createdaction ” failed – ” + e.getLocalizedMessage()+”Group “group” does not existUser “user” does not existUser “user” added to group “groupaction” failed – ” + e.getLocalizedMessage()+”Group “group” does not existUser “user” does not existUser “user” removed from group “groupaction” failed – ” + e.getLocalizedMessage()+”“);

}

};

public void doContent(
IPortalComponentRequest request,
IPortalComponentResponse response) {

}
}

In the portalapp.xml we need to include a service reference to com.sap.portal.usermanagement.

The ABAP test program uses the HTTP_GET function module to invoke the URL pass the command. The command is passed in a table structure (REQUEST_ENTITY_BODY) and the response is returned in another table structure (RESPONSE_ENTITY_BODY).

The response needs to be concatenated into a string so that it can be parsed.

The test code follows.


&—-



*& Report  ZMN3                                                        *
*&                                                                     *
&—-



*&                                                                     *
*&                                                                     *
&—-



REPORT  ZMN3.


parameters: host(30) default ‘portalhost’ lower case,
            port(5) default ‘50000’ lower case,
            comp(50) default ‘com.sap.anz.UMEthings.Remote’ lower case,
            username(12) default ‘i016416’ lower case,
            password(20) lower case,
            user(20) default ‘test-user’ lower case ,
            group(20) default ‘testgroup’ lower case,
            donewgrp as checkbox,
            doadd as checkbox,
            doremove as checkbox.
TYPES: BEGIN OF t_body_wa,
         line(255) TYPE c,
       END OF t_body_wa,
       BEGIN OF t_header_wa,
         line(120) TYPE c,
       END OF t_header_wa,

  • table types

t_body_itab TYPE t_body_wa OCCURS 0,
t_header_itab TYPE t_header_wa OCCURS 0.


data: fullURL(150).
data: len type i.
data: searchfor(10).
data:   l_request_body_itab TYPE grmg_response_itab,
        l_response_body_itab type grmg_response_itab,
        l_response_header_itab TYPE t_header_itab,
        l_request_body_wa TYPE t_body_wa.


concatenate ‘http://‘  host  ‘:’  port  ‘/irj/servlet/prt/portal/prtroot/’
  comp into fullURL.
concatenate fullURL ‘?j_user=’ username ‘&j_password=’ password into fullURL.
*write: / fullURL.


perform listgroups.


if donewgrp <> space.
  perform newgroup.
endif.


perform showmembers.


if doadd <> space.
  perform addmember.
endif.


if doremove <> space.
  perform delmember.
endif.


&—-



*&      Form  listgroups
&—-



  •       text

—-



form listgroups.


  l_request_body_wa-line = ‘showgroups’.
  len = 10.


  searchfor = ‘Group’.
  write: / ‘Groups on portal:’.
  perform do_it.


endform.                    “listgroups


&—-



*&      Form  addmember
&—-



  •       text

—-



form addmember.
  concatenate ‘addmember:’ group ‘:’ user into l_request_body_wa-line.
  len = 11 + strlen( group ) + strlen( user ).


  searchfor = ‘Message’.
  uline.
  write: / ‘Adding member’, user, ‘to group’, group, ‘:’.
  perform do_it.


endform.                    “addmember
&—-



*&      Form  showmembers
&—-



  •       text

—-



form showmembers.
  concatenate ‘showmembers:’ group into l_request_body_wa-line.
  len = 12 + strlen( group ).


  searchfor = ‘User’.
  uline.
  write: / ‘Members of group’, group, ‘:’.
  perform do_it.


endform.                    “showmembers


&—-



*&      Form  delmember
&—-



  •       text

—-



form delmember.
  concatenate ‘delmember:’ group ‘:’ user into l_request_body_wa-line.
  len = 11 + strlen( group ) + strlen( user ).


  searchfor = ‘Message’.
  uline.
  write: / ‘Removing member’, user, ‘from group’, group, ‘:’.
  perform do_it.


endform.                    “delmember
&—-



*&      Form  newgroup
&—-



  •       text

—-



form newgroup.
  concatenate ‘newgroup:’ group into l_request_body_wa-line.
  len = 9 + strlen( group ).


  searchfor = ‘Message’.
  uline.
  write: / ‘Creating new group’, group, ‘:’.
  perform do_it.


endform.                    “newgroup


&—-



*&      Form  do_it
&—-



  •       text

—-



form do_it.
  data: wholelot(10000).
  data: found(1).
  data: pos type i.
  data: start(12).
  data: end(13).
  data: slen type i.


  free l_request_body_itab.
  append l_request_body_wa to l_request_body_itab.
  free l_response_body_itab.


  CALL FUNCTION ‘HTTP_GET’
    EXPORTING
      ABSOLUTE_URI                      = fullURL
     REQUEST_ENTITY_BODY_LENGTH        =  len

  •               RFC_DESTINATION                   =
  •               PROXY                             =
  •               PROXY_USER                        =
  •               PROXY_PASSWORD                    =
  •               USER                              =
  •               PASSWORD                          =
  •               BLANKSTOCRLF                      =
  •               TIMEOUT                           =
  •             IMPORTING
  •               STATUS_CODE                       =
  •               STATUS_TEXT                       =
  •               RESPONSE_ENTITY_BODY_LENGTH       =

    TABLES
     REQUEST_ENTITY_BODY               = l_request_body_itab
      RESPONSE_ENTITY_BODY              = l_response_body_itab
                  RESPONSE_HEADERS                  = l_response_header_itab

  •               REQUEST_HEADERS                   =

   EXCEPTIONS
     CONNECT_FAILED                    = 1
     TIMEOUT                           = 2
     INTERNAL_ERROR                    = 3
     TCPIP_ERROR                       = 4
     DATA_ERROR                        = 5
     SYSTEM_FAILURE                    = 6
     COMMUNICATION_FAILURE             = 7
     OTHERS                            = 8
            .
  IF SY-SUBRC <> 0.
    MESSAGE ID SY-MSGID TYPE SY-MSGTY NUMBER SY-MSGNO
            WITH SY-MSGV1 SY-MSGV2 SY-MSGV3 SY-MSGV4.
  else.
    wholelot = ”.
    loop at l_response_body_itab into l_request_body_wa .

  •    write: / l_request_body_wa-line.

      concatenate wholelot l_request_body_wa-line into wholelot.
    endloop.
    concatenate ‘<‘ searchfor ‘>’ into start.
    concatenate ‘</’ searchfor ‘>’ into end.
    slen = strlen( start ).


    found = ‘y’.
    while found = ‘y’.
      search wholelot for start.
      if sy-subrc <> 0.
        found = ‘n’.
      else.
        pos = sy-fdpos.
        pos = pos + slen.

  •    write: / ‘found at’, sy-fdpos.

        shift wholelot by pos places.
        search wholelot for end.
        pos = sy-fdpos.
        write: / wholelot(pos).
      endif.
    endwhile.


  ENDIF.
endform.                    “do_it

The test program can be used to see examples of using the different commands. In this way, an ABAP could be written that could be scheduled to run nightly to:

    • get the current membership of a group
    • compare that with some details from an org structure or PFCG memberhip etc
    • use appropriate addmember and delmember commands to add and remove users


To report this post you need to login first.

6 Comments

You must be Logged on to comment or reply to a post.

  1. Igor Vernelen
    Hi,

    I like the solution proposed, we have been looking for something like this. I will for sure test this out.

    Isn’t there a security risk as you are passing a portal user and password in the URL ?

    Regards,
    Igor.

    (0) 
    1. Michael Nicholls Post author
      A similar technique is used with GRMG, which is where I got the idea from. I’m not sure if anyone would ever see the URL being invoked, or if using https might help.
      (0) 
  2. Pinac Bendre
    Hi Michael,

    I’ve tried using the code that you’ve provided in your blog. I’m unable to proceed as the Abstract Portal Component keeps on giving me Portal Runtime Errors. Is there anything more that needs to be done ??

    Awaiting a response.

    Thanks,

    Pinac Bendre

    (0) 
  3. Dhruv Shah

    Hi Michael,

    Indeed a very good blog. I have developed Portal component for performing UME activities, i am looking for create user, so can you let me know how to include that part in ABAP report.

    Regards,

    Dhruv

    (0) 
  4. Scott Seaman

    We’ve been using this for several years, thank you!

    We’re planning to migrate to the 7.4 portal soon, are there any changes needed for it to work on that version?

    (0) 

Leave a Reply