Beruflich Dokumente
Kultur Dokumente
DEMO 07
The SAP Connector is built on the Web Services Connector. Please refer to the
TechNet documentation for the Web Services Connector for additional information.
Summary
Features
Connected data source
versions
Scenarios
Operations
Schema
Supported variants
SAP ECC 5.0
SAP ECC 6.0
Object Lifecycle Management
Password Management
Full import
Export (Add, Remove, Replace)
Employee
Release
2012 June
Revision list
First release of the Web Services Connector.
b. Next license agreement screen appears; click Yes to accept the terms and conditions.
c. The next screen prompts to specify the location for installing the default project. Specify the location:
%FIM_INSTALL_DIR\2010\Synchronization Service\Extensions and click OK.
d. The installation starts and the successful completion is reported. Click OK to exit setup wizard.
The default project consumes the exposed BAPIs in the form of web service through WSDL path. Ensure
that the web service is exposed correctly and includes all the required native BAPIs. For more
information, see Exposing Web Service for SAP ECC 6 Connector.
BAPI_ADDRESSEMP_CHANGE
BAPI_ADDRESSEMPGETDETAILEDLIST
BAPI_EMPLCOMM_CHANGE
BAPI_EMPOYEE_DEQUEUE
BAPI_EMPLOYEE_ENQUEUE
BAPI_PERSDATA_CHANGE
BAPI_PERSDATA_GETDETAILEDLIST
BAPI_TRANSACTION_COMMIT
BAPI_USER_CHANGE
BAPI_USER_CREATE1
BAPI_USER_DELETE
BAPI_USER_GET_DETAIL
BAPI_USER_GETLIST
BAPI_USER_UNLOCK
SUSR_USER_CHANGE_PASSWORD_RFC
Important:
There are few attributes that are defined for the default projects of each of the supported data source
These are mandatory for calling the BAPIs/CIs/APIs successfully.
Below is the list of these mandatory attributes:
Functions
Attributes
BAPI_PERSDATA_GETDETAIL
BAPI_ADDRESSEMP_GETDETAI
L
employeeID
personalDataFromDate
personalDataToDate
personalDataRecordNu
mber
employeeID
addrDataFromDate
addrDataToDate
addrDataRecordNumbe
r
Workflows
A native BAPI in SAP is used to perform a single task. There are certain operations for which native
BAPIs are not available and hence the default project does not have support them.
But they can be configured with the help of custom BAPIs by including them in the web service and then
configuring the required workflow. Following are the workflows that are supported for:
Employee Object
FIM Operation
Full Import
Delta Import
Export Add
Export Delete
Export Replace
Set Password
Change Password
For a web service to be discovered, it is first required to be exposed at the SAP ECC 5. This topic
describes the process of exposing the web service from SAP ECC 5 workbench.
Login to SAP ECC 5 and enter the ABAP workbench using Transaction Code SE80. This will open the
Object Navigator screen, where you maintain different SAP application components like packages,
viewing function groups, BSP programs etc.
To create a Web service that can be utilized by Web Service Configuration Tool, you must first create a
package so that all the objects can easily navigate through different systems.
Click yes to proceed for package creation. Give the required details in the following
screen and click create button.
Now right click on the Package name and select Enterprise Service.
Click continue
Give the Virtual Interface name its short description and select the endpoint as
Function Group and click continue.
The function group chosen in the example is already defined and encapsulates the
BAPIs related to users.
Add the required BAPIs in the function group and select those required BAPIs and
click continue.
Now, give the name of the Webservice and its short description and the Profile as
Basic authorization and click continue.
Once you click continue Webservice and the Virtual interface are created.
After the Web Service is created, you must change the Profile settings of the Service
definition. Under Features Tab, check the Select Feature checkbox and activate the
Service definition. This will enable Stateful communication.
Note: A Stateful service retains its status within the framework of a HTTP session throughout several calls
form the same service consumer. The standard value for services is Stateless. If you require stateful
communication, you can choose this instead.
If the Webservice is marked with red icon then Double click on Service it will take
you to the following screen and click on ICF Details.
Click Yes and the service gets activated and click back button and now you can the
service with green icon.
Goto T.code WSADMIN. Select your web service. You can find this under SOAP
Application for RFC-Compliant FMs tree. Expand that and click on your webservice
name. To test the URL click on WSDL icon and URL will open in a new browser.
Provide the required details in the Create Package screen and click Create button. You can choose to
specify the Application Component. This would restrict the scope of object created only to the application
(SAP module, for ex: ABAP, MM, PS, LW etc.) specified. It is recommended that you do not specify the
application component which makes the object global.
The system prompts for a transport request. Click Save button to save the transport request.
4. On Service Provider screen, select Existing ABAP Objects (Inside Out) and
press Continue. With inside out you start at the backend with an existing
application and enable service for a particular functionality. It means that you
start with the implementation and move out towards the interface.
5. For the selected Object Type, provide the Service Definition name,
description and Endpoint Type as Function group. You must choose
Function Group as Endpoint type since the Web Service configuration tool for
FIM requires a single URL for all the selected BAPIs.
Click Continue.
6. On Choose Endpoint screen, select the required Function Group name and
press Continue. The web service configuration tool works with HR data and
hence, extracts all the data related to users. The function group chosen in the
example is already defined and encapsulates the BAPIs related to users.
7. On Choose Operations screen, select all the required BAPIs and add the BAPIs
that are not included in the function group. Click Continue.
8. On Configure Service screen, choose a profile for Security Settings. There are
four profiles defined by SAP for selection. Select one profile as per requirement.
PRF_DT_IF_SEC_HIGH
Authentication using certificates and transport guarantees
PRF_DT_IF_SEC_MEDIUM
Authentication using UserID and password and transport guarantee
PRF_DT_IF_SEC_LOW
Authentication using User ID and password, no transport guarantee
PRF_DT_IF_SEC_NO
No authorization and no transport guarantee.
Check Deploy Service checkbox and press Continue.
Important:
It is mandatory to check the box for Deploy Service. This will ensure that the newly created web service
is automatically deployed as well i.e. the service and endpoint will be created.
While in case, when the checkbox for Deploy Service is not checked then the endpoint and service will
not be created.
In the absence of endpoint, SOA Manager screen will look like this.
In this scenario, you must create a Service first, by going to the Configurations tab.
For detailed steps to create a service in SOAMANAGER, see Create Service in SOAMANAGER.
After the Web Service is created, you must change the Profile settings of the Service
definition. Under Configuration Tab, select Stateful communication properties and
activate the Service definition.
Note:
A Stateful service retains its status within the framework of a HTTP session throughout several calls form
the same service consumer. The standard value for services is Stateless. If you require stateful
communication, you can choose this instead.
The next step is to configure the service created using SOA manager and defining
the security level.
2. Provide the Service Definition name in the box Service Pattern and click Go.
Under Security tab you can define Transport Security setting and Authentication
Security setting.
Security at transport level can be ensured by means of mechanisms used on the Internet.
HTTPS sets up an encrypted connection between the client and the server and is suitable for
simple situations for example, when a client communicates directly with a single server. Every
single message that is exchanged is sent through an encrypted channel.
Security at message level is possible through an encryption and signature concept. Here, not the
transport channel but the message itself is protected.
WS Security is a security model based on SOAP message transmission. WS Security essentially
integrates XML Encryption and XML Signature.
To use a Web service, the user (or another client) sends a document to a server using the Simple
Object Access Protocol (SOAP). It is sent through the network using the HTTP protocol. The
document transmission is safeguarded through the use of HTTP or SSL, or by applying
signatures and/or encryption to SOAP documents.
Using the security profile settings for high, medium, and low, you can set
strong or basic
authentication levels.
Go to Overview tab and get the URL by clicking Display selected Bindings WSDL URL.
Important:
Certificate Authentication is not implemented for the Beta release of Web Service Configuration Tool for
FIM Synchronization Service.
2. Provide the Service Definition name in the box Service Pattern and click Go.
3. Select the Service definition and click Apply Selection. Then click Show WSDL
Options.
4. Under WSDL Document Options, by default the WSDL Format is WS Policy that implements
custom binding for the generated web service.
5. Change the WSDL Format to Standard to implement the Basic HTTP binding.
This will display the generated URL for the exposed Web Service.
Performance Testing
Scale
Topology
10000
Employees
FIM Synchronization
Service and FIM
Synchronization database
collocated on one server.
(Test Machine)
Hardware
Test Machine hardware
configuration.
Single volume
Note: The server hardware used is not representative for a large organization. The numbers presented
should be used to understand the difference between different operations. You are encouraged and
expected to configure your own test environments to more accurately estimate capacity and performance.
Microsoft cannot guarantee that organizations will experience the same capacity or performance
characteristics, even if the FIM Synchronization service components are deployed and configured
identically to the components that are described in this guide,
The tests and results shown in the following table were performed using scripted provisioning code.
Elapsed
Operati
time
on
(minutes:
seconds)
Web
Service
Connector
Full Import
(Employee
Object)
Web
Service
Connector
Export
-Replace
(Employee
Object)
Warm up
Time
(minutes:
seconds)
Statistics
Rate
41:45
00:30
Staging:
10000
Employee
4 Employee
objects
read/second
166:47
00:20
Staging:
10000
Employee
1 Employee
Object
exported/Secon
d
Reference information