Applies To: Guided Procedures within SAP NetWeaver 7.1 (NetWeaver Composition Environment)
Summary: This blog describes how to use impersonation for Guided Procedures to pass user information to backend services (CAF, Java EE) at runtime.
Author(s): Raghavendra (Rao) Subbarao
Company: Cardinal Health
Created on: 21 February 2008
Author Bio: Raghavendra Subbarao is a Sr. Enterprise Architect covering enterprise architecture, business process management, forward engineering, and related areas.
Introduction: By default, GP uses the “Guest” user account while invoking services. This document provides the steps to pass the user information instead of the guest account. Previous experience with Guided Procedures is assumed in this document. For an introduction and general information about Guided Procedures please refer to online help. For guidelines on specifying composite applications please read ‘Guidelines for Specifying Composite Applications’ published on SDN.
Step 1: Make sure:
• All Logical destinations are available before proceeding further.
• The Callable Object is in an Inactive state.
Step 2: Create the GP Process with Callable Object (Service > Web Service). Use the Logical destination and NOT the WSDL. Use the Logical destination endpoint (*Exec) and not the Interface Port . Leave the Callable Object in an Inactive state. Save the Process.
Step 3: Go to GP Administration > Impersonation Manager.
Step 4: Select the Callable Object you would like to enable authentication. Click Open.
Step 5: Check the impersonation checkbox. Then click on the ADD button on selected principles. Search “Portal Users” Roles from the find drop down box. Click ADD button.
Step 6: Click the ADD button.
Step 7: Click Save.
Step 8: Activate the Callable Object. Make sure to sync up it’s versions with the rest of the GP Process.
The backend services will now be able to identify the user (user Id) who’s the processor of the particular process instance via:
Further details around managing impersonations in GP: