SAP Permissions

Sepasoft MES Module Suite

SAP Permissions

In order to connect with SAP, the Interface for SAP ERP module requires a user account with properly configured permissions.

User Account Types

The acceptable SAP user-account types to use with the module include:

• Communication: for users that communicate between systems and don't login to SAP GUI.
• Service: for larger and anonymous group of users and may be exempt from password changing policies.
• Dialog: for interactive system access in the user interface. Keep in mind that a Dialog account works but is not required since the SAP GUI is not being used to log in.

Authorizations

The Interface for SAP ERP module provides a visual interface for navigating to Business Objects and BAPIs inside the Business Object Repository (BOR). To populate this interface, permission must also be granted to call the following Function Modules:

• SWO_QUERY_OBJTYPES
• RPY_BOR_TREE_INIT
• SWO_QUERY_METHODS

Beyond these, the built-in role "SAP_BC_JSF_COMMUNICATION" (assigned to user "SAPJSF", if it exists) should include the additional requisite authorization objects. If this role is not available, the SAP documentation provides the following information for communicating via the RFC protocol, which is used by the Java Connector (JCo) – and hence the Interface for SAP ERP module – under the hood:

The authorization profile of the user must contain the S_RFC authorization object, whereby the fields are filled as follows: ACTVT: 16 RFC_TYPE: FUGR RFC_NAME: SYST, SYSU, "X" where "X" is the name of the function group whose function modules you want to call.

Sepasoft MES Module Suite