ACL - Confine users sending messages

Former Member · ‎06-16-2006

An Access Control List (ACL) can be defined for several adapters on service level and on the level of sender agreements for checking the contents of a message against these allowed users upon receipt of a message via these adapters. Putting it in more simple words, we can restrict the incoming messages by jut allowing those coming from the users specified in the Access Control List. The adapters supporting these are - On Integration Server: XI HTTP IDOC - On Adapter Engine SOAP RFC RNIF 1.1 & 2.0 CIDX Business Connector Marketset adapters There are several cases to consider: • The messages received under a certain runtime user will be accetped by the IS or the Adapter Engine o If the user is contained in the the sender service´s ACL, but the ACL is empty in the sender agreement of the corresponding message interface of the received message.

o If the user is contained in the sender service´s ACL, and the same user is contained in the ACL of the sender agreement of the corresponding message interface of the received message. o If the sender service´s ACL is empty, and the user is contained in the ACL of the sender agreement of the corresponding message interface of the received message.

o If the sender service´s ACL is empty and the ACL is empty in the sender agreement of the corresponding message interface of the received message. • The message received under a certain runtime user will be rejected by the IS or the Adapter Engine (with a HTTP 403 (forbidden request ) error is sent back to the partner) o If the sender service`s ACL is not empty and does not contain the user. o If the sender agreement`s ACL is not empty and does not contain the user.

ACL - Confine users sending messages

Are you there, SAP? It's me, Jelena

Integration Point of MM-FI-SD in SAP ERP

SAP Project System - A ready Reference ( Part 1 )