2023 Sep 09 9:33 AM
Hello all,
I have a question about ABAP proxy consumer classes.
If you generate consumer classes from a SAP PI-ESR via SPROXY transaction, do you need to explicitly build in authentication checks before calling the ABAP proxy method?
So by means of "AUTHORITY-CHECK OBJECT <object>" and own Z-/Y--authorization objects?
Is there a recommendation or a rule? Unfortunately I did not find anything in the SNOTES.
Only the protection by SOAMANAGER. But this refers, as I understand it, only to the technical user.
Could you please send me SNOTES links or other sources?
Thank you very much.
2023 Sep 09 9:42 AM
From my point of view, the connection between SAP ERP and PI should be already considered as being secure.
Anyways it’s just using the technical user to connect to PI.
Of course you can perform an authority check on ERP side to make surr the user running the program etc. is allowed to call the proxy.
But this needs only to be done if you call the proxy in dialog mode.