Skip to Content

In my recent blog (Why we use Amazon AWS as our SAP System Landscape), I gave our SAP Landscape information hosted on Amazon Cloud Services.

But, we do have On Premise Landscape in our office and we’ve ERP, CRM IDES, NetWeaver Solutions (Portal, PI, BPM in all releases) and Active Directory.

To manage the Identities in all systems is a big issue for us. So we decided to implement NetWeaver Identity Management (IdM) 7.20 for 2 reasons:

  1. To learn and setup a demo landscape for IdM
  2. To manage identitied for FIT Consulting

But we have to decide which system will be the leading system. We decided to use our email provider (Google Apps) accounts and assigned groups to decide the authentication and authorization for users.

For this, we need to read the accounts and assigned groups from Google Apps.

For this, we used Google Data Protocol (http://code.google.com/apis/gdata/)

Here is a code snipped attached to this blog written to read the Users and Assigned Groups from Google Apps. (Thanks Salih Atak for help in Coding)

import java.io.BufferedWriter;
import java.io.File;
import java.io.FileWriter;
import java.io.IOException;
import sample.appsforyourdomain.AppsForYourDomainClient;
import com.google.gdata.client.appsforyourdomain.AppsGroupsService;
import com.google.gdata.data.appsforyourdomain.AppsForYourDomainException;
import com.google.gdata.data.appsforyourdomain.generic.GenericEntry;
import com.google.gdata.data.appsforyourdomain.generic.GenericFeed;
import com.google.gdata.data.appsforyourdomain.provisioning.UserEntry;
import com.google.gdata.data.appsforyourdomain.provisioning.UserFeed;
import com.google.gdata.util.ServiceException;
public class GoogleGetUsers {
          public static void main(String[] args) {
                    // TODO Auto-generated method stub
                    try {
                              AppsForYourDomainClient client =
                         new AppsForYourDomainClient("<serviceuser>@<domain>.com", "<password>", "<yourdomain.com>");
                              // To make calls to the groups provisioning, you need to obtain a
                              // groups service object from authenticated client:
                              if (new File("C:/GoogleApps/GoogleGetUsers.csv").exists() && !new File("C:/GoogleApps/GoogleGetUsers.csv").delete()){
                                        return;
                              }
                              FileWriter fstream = new FileWriter("C:/GoogleApps/GoogleGetUsers.csv", true);
                              BufferedWriter out = new BufferedWriter(fstream);
                              out.write("Username;Groups\n");
                              UserFeed usr = client.retrieveAllUsers();
                              AppsGroupsService groupsService = client.getGroupService();
                              String line = "";
                              for (UserEntry u : usr.getEntries()) {
                                        GenericFeed grup = groupsService.retrieveGroups(u.getId()
                                                            .substring(u.getId().lastIndexOf("/") + 1), true);
                                        for (GenericEntry g : grup.getEntries()) {
                                                  line = u.getId().substring(u.getId().lastIndexOf("/") + 1);
                                                  line += ";"
                                                                      + g.getId().substring(
                                                                                          g.getId().lastIndexOf("/") + 1,
                                                                                          g.getId().lastIndexOf("%"));
                                                  line += "\n";
                                                  out.write(line);
                                        }
                              }
                              out.close();
            } catch (AppsForYourDomainException e) {
                              e.printStackTrace();
                    } catch (ServiceException e) {
                              e.printStackTrace();
                    } catch (IOException e) {
                              e.printStackTrace();
                    } catch (Exception e) {
                              e.printStackTrace();
                    }

Whats Next?

Our next step will be to read the exported data and import into IdM to tirgger Provisioning Framework.

To report this post you need to login first.

6 Comments

You must be Logged on to comment or reply to a post.

  1. DJ Adams

    Just a side point of interest – you are of course using the Google Data protocol, which, based on AtomPub, is closely related to OData and therefore SAP NetWeaver Gateway. Wonder whether we’ll see these worlds come closer?

    dj    

    (0) 
    1. Hüseyin Bilgen Post author

      Hi DJ,

      As NetWeaver Gateway still requires specific Basis Release, we’ll see it widely when everyone have at least NW 7.02 or NW 7.3

      (0) 
      1. Gregor Wolf

        Hi DJ, Hi Huseyin,

        DJ: I hope that SAP will provide a OData ABAP client  to make use of the OData resources out there.

        Huseyin: Only the Gateway needs to be on the latest release level. The Backend systems must only get a small AddOn.

        Best regards
        Gregor

        (0) 
  2. Matt Pollicove

    Sorry, not much of a Java programmer, but let me see if I get this straight… From what I think I see in the code, you are connecting to GApps via this Java code and dumping a user list to a CSV file?

    If so, how are you triggering this load?  This looks like a really good way to demonstrate ways of linking the Enterprise to the Landscape.

    Matt

    (0) 

Leave a Reply