Technical Articles
ABAP Dump:CALLBACK_REJECTED_BY_WHITELIST resolution into SE51 Screen Painter layout
Introduction:
I am working on S/4HANA 1909 FPS01 release as a partner. Post Installation, we faced few issues and one of the issues related to Screen Painter Layout.
In this Blog we will learn how to resolve ABAP Dump while opening Screen layout editor in SE51.
In S/4HANA, during initial setup or post upgrade the Profile parameter rfc/callback_security_method is set as “3” for Higher security and System starts giving ABAP dump while opening the Screen Painter Layout.
ABAP Dump we receive: CALLBACK_REJECTED_BY_WHITELIST
It will help to those who are installing/upgrading S/4HANA and sets the Security profile paramater and after the required configuration/Setting, Layout Editor will open.
Solution:
When we analyze the ABAP Dump in ST22, we understand that it has been occuring due to missing of few Whitelist Function Modules into TCP/IP Destiation Port EU_SCRP_WN32.
Go to SM59 and expand TCP/IP Connection for Port “EU_SCRP_WN32”. Go inside this Destination as below. Goto Logon & Security tab.
We need to add below Callback Positive( Whitelist) List FMs. These callback FMs are called while opening the Screen Painter. If we miss any of the FMs then ABAP dump will be continued.
Called Function is RS_SCRP_GF_PROCESS_640 & Callback function are different.
Called FM Callback FM
RS_SCRP_GF_PROCESS_640 RFC_GET_FUNCTION_INTERFACE
RS_SCRP_GF_PROCESS_640 RS_SCRP_GF_PROCESS_640RFC_GET
RS_SCRP_GF_PROCESS_640 RS_SCRP_GF_RBUILDINFO
RS_SCRP_GF_PROCESS_640 RS_SCRP_GF_RELEMTABLE
RS_SCRP_GF_PROCESS_640 RS_SCRP_GF_RICONS
RS_SCRP_GF_PROCESS_640 RS_SCRP_GF_RKEYS
RS_SCRP_GF_PROCESS_640 RS_SCRP_GF_RKEYTEXTS
RS_SCRP_GF_PROCESS_640 RS_SCRP_GF_RMESSAGES
RS_SCRP_GF_PROCESS_640 RS_SCRP_GF_RPROPTABLE
RS_SCRP_GF_PROCESS_640 RS_SCRP_GF_RSTATUS_40
RS_SCRP_GF_PROCESS_640 RS_SCRP_GF_RTEXTS
RS_SCRP_GF_PROCESS_640 RS_SCRP_GF_RDDICFIELDS
RS_SCRP_GF_PROCESS_640 RS_SCRP_GF_RHELPGETTEXT
RS_SCRP_GF_PROCESS_640 RS_SCRP_GF_RPROP_DELETE
RS_SCRP_GF_PROCESS_640 RS_SCRP_GF_RSHLP
Once these FMs are maintained then Layout will open. This is how security is maintained while calling RFC with destination parameter.
Note:
I would like to mention that because of below Parameter profile set as 3 , we get RFC callback check secure is set as Green else it is shown as Red.
You can see RFC Callback status is Green as highlighred.
Thanks.
Apprecite your comments!!
Just for interest see my question and the answers here: https://answers.sap.com/questions/12984331/adt-382-debugger-not-triggering.html
This issue I was getting was debugging not working with unit tests, and was related to rfc/ext_debugging. It turned out that the recommend value for this parameter was (incorrectly) zero!
It would be quite nice if it were hardcoded to 3.
Armin Beil said
Dear Matthew Billingham ,
today, I experienced the same strange behaviour! Thank you for pointing me to the solution!
I raised it as an issue with my client. Now the basis team are saying it needs to be applied in test and production (which it does, but I only care about development). Now there's discussion about whether applying it to production fits in with the security policy.
Which it must, otherwise, debugging of RFCs is no longer possible...
Look for OSS notes like 2251931 - Runtime error CALLBACK_REJECTED_BY_WHITELIST in graphical Screen Painter.
(Use keywords like EU_SCRP_WN32, name of the RFC connection for graphical screen painter, connection fail and got editor back in time...)
Thank you. That was exactly the solution to the problem.
Thank you Samir Dutta !
I had this issue already twice and now decided to investigate a bit more. Thank you for providing the answer & solution!
Best regards,
Aleks
Thanks for sharing. I haven't encountered this but very likely in future : D
Add this FM : RS_SCRP_GF_RDDICFIELDS
Check this note https://launchpad.support.sap.com/#/notes/1686632
Hi,
Thanks for the information.
However, i am still getting an error, even after adding the callbacks.
Now, it is raising an error . can you please help regarding this.
Hi Ali,
Pls check if additional spaces are not there during copy/paste. We maintain the whitelist parameters in Logon & Security tab as shown in screenshot.
Also test the RFC Destination once.
If everything is fine, you should not get error.
Regards
Samir
And That my Sir, was the actual problem 🙂
Thanks for the prompt reply and support.
Thank you
The blog post doesn't contain up-to-date information, some function modules are missing compared to the note.
So, I recommend to add a comment at the top of your blog post, that people can find up-to-date information in this note (as Fuentes Tafall Xavier said 2 years ago):
2251931 - Runtime error CALLBACK_REJECTED_BY_WHITELIST in graphical Screen Painter.
Thank you Sandra.
I have updated the FMs.
This blog is to help how we can resolve Screen painter issue with missing FMs.
If anyone facing similar kind of issue with different FM missing as per ST22 dump, can follow the same steps to add in RFC.
Regards
Samir
If anyone facing similar issue, they should first go to SAP notes, and would find the note mentioned above. I don't get the goal of your blog post. Is it just a copy of the SAP note with a screenshot? Be careful about SAP Copyright.
Thanks Sandra for your comment.
I just wrote a blog on issue what I experienced and solved myself. Thought of sharing that would help others and save time.
Many things you come to know by debugging itself. I d'dnt refer any SAP Note.
Sometimes Blogs are more useful !
Regards
Samir
Hi,
Thank you for sharing the solution!
Thank you, Samir - It was helpful to me as we just migrated from on-Prem to Cloud.