Srm 6.0

© SAP AG 1
©SAP AG 2005
SRM 6.0 –
Portal Configuration

© SAP AG 2
© SAP AG 2006
Objectives
Contents
Portal Setup for mySAP SRM
Objectives
At the end of this chapter, you will be able to:
Download and install SRM Business Packages using JSPM
Configure User Management and Create Users
Setup connections to different SRM components
Understand how to configure Single Sign-On (SSO)
Configure Universal Work List (UWL)

© SAP AG 3
©SAP AG 2005
SRM Business Packages
Portal User Management
Portal Connections
Catalog Integration into Portal
Portal SSO Configuration
Portal UWL Configuration
JSPM Introduction

© SAP AG 4
© SAP AG 2006
Business Package for mySAP SRM 6.0 - Offerings
The business package for mySAP SRM 6.0 offers
Predefined portal content and roles for SRM-related business processes
Predefined integration with SAP applications and single sign-on to these applications.
A solution for portal user administration when various backend systems are deployed
Ongoing development of additional features with a predefined, reliable release schedule
A fully tested business package
SAP Consulting and customer support
Comprehensive SAP documentation within SAP Solution Manager
The business package includes different roles for specialists in the
procurement process like
Strategic purchaser
Operational Purchaser
Purchasing assistant
Purchasing Manager etc.

© SAP AG 5
© SAP AG 2006
Where to find SRM Business Packages
choose the sub-component, for example
BP SRM 6.0, and then OS-independent
and download it
6
There are two options for downloading EP Business Packages:
1) From the SAP Software Distribution Center (SWDC)
2) From the SAP Developer Network (SDN)
The preferred option is the SWDC, here is a description:
choose Entry by Component, and Portal Content
5
choose SAP SRM (with SAP EBP), and then SAP SRM 6.0
4
choose Entry by Application Group, then Application Components
3
choose Download, then Support Packages and Patches
2
Logon to the Support Portal: http://service.sap.com/swdc1
Download the Business Package for SAP SRM 6.0 from SAP Software Distribution Center:
http://service.sap.com/swdc → Download → Support Packages and Patches → Entry by Application
Group → SAP Application Components → SAP SRM (WITH SAP EBP) → SAP SRM 6.0 → Entry by
Component → Portal Content → BP SRM 6.0.
Business Packages are provided as .SCA (Software Component Archive Files)
SCA Files were originally designed for get installed by the SAP Software Delivery Manager (SDM) tool.
As of NetWeaver2004s, SAP provides the JAVA Support Package Manager (JSPM).
The JSPM is used the SDM as underlying tool. The JSPM is now the recommended tool to apply SCA
files.
Similiar to the ABAP Support Package Manager (SPAM), the JSPM uses per default the
usrsaptransEPSin as input directory.
For more information, see SAP Note 731386 (refers to JSPM), which applies to business packages on SAP
Enterprise Portal (EP) 7.0.

© SAP AG 6
© SAP AG 2006
Choose SAP NetWeaver
BP-ERP Business Packages in SDN
The 2nd option is You can also download the ESS business packages from
the SAP Developer Network. You find it under http://sdn.sap.com
Choose Portal
Choose Portal Content Portfolio
2
3
4
Choose Quick Link „List of Packages“ and download
„Business Package for SRM 6.0“
5
Logon to the SAP Developer Network: http://sdn.sap.com1
However, it is recomended to use the SAP Service Marketplace for downloads. The reason why we
introduce the SDN here is that you have access to the BP documentation via a link in the SDN. Please see
the next slide for further details.
Instead of navigating through the SDN, you can jump directly to the Portal Content Portfolio with the
following URL:
https://www.sdn.sap.com/irj/sdn/developerareas/contentportfolio

© SAP AG 7
©SAP AG 2005
Portal Connections
JSPM Introduction

© SAP AG 8
© SAP AG 2006
JSPM – Introduction (1)
New NetWeaver 2004s Tool: Java Support Package Manager (JSPM)
Most important JSPM features:
Displays support package level information
Checks dependencies between versions of software components
Checks whether a new software component version may correctly
upgrade an existing software component version
Checks deployment dependencies between development
components
JSPM is automatically deployed as part of every AS-JAVA usage type
(as of NetWeaver 2004s)
JSPM uses the former SAP deployment tool SDM (Software Delivery
Manager) as underlying layer
As of SAP NetWeaver Release 2004s, you can use the Java Support Package Manager (JSPM) to apply
support packages to the deployed software components. You can also deploy new software components
that are not part of an SAP usage type, to which you can then apply support packages.
All JSPM features:
Shares a common GUI with SAPinst and SAPJup
Automatically detects and offers you only components that can upgrade deployed components
Shows only necessary information and additional details at your request
Shows log files in an integrated Log Viewer
Deployed Component Overview
- Displays support package level information
Support Package Level Administration
- Allows the definition of dependencies between versions of software components
- Checks whether a new software component version may correctly upgrade an existing software
component version
Development Component Level Administration
- Checks deployment dependencies between development components

© SAP AG 9
© SAP AG 2006
JSPM – Introduction (2)
New NetWeaver 2004s Tool: Java Support Package Manager (JSPM)
Most important JSPM features (continued):
Allows you to
apply
Allows you to update kernel binaries and the SDM itself
Allows you to restart the deployment of support packages
Informs you if restarting of the J2EE Engine is necessary during the
deployment process
a support
package stack
single support
packages
new software
components that
are not part of
an SAP usage
type
All JSPM features (continued):
Update of Kernel Binaries and Software Deployment Manager (SDM)
- Allows you to update kernel binaries
- Allows you to update SDM
Deployment
- Allows you to apply a support package stack
- Allows you to apply single support packages
- Allows you to deploy new software components that are not part of an SAP usage type
- Informs you if restarting of the J2EE Engine is necessary during the deployment process
- Logs the deployment processAllows you to restart the deployment of support packages

© SAP AG 10
© SAP AG 2006
JSPM - Startup and Logon
Execute „go.bat“ in the <instance>j2eeJSPM directory to launch JSPM
Enter SDM Administrator password, so that JSPM can connect to SDM
In the file system, go to the <Drive>:usrsap<SAPSID><Central_Instance_Name>j2eeJSPM directory.
Depending on the system, the name of the central instance has the following syntax:
• For a standalone system – JC<xx>
• For an add-in system – DVEBMGS<xx>, where xx is the number of the central instance.
Run the go script file to start JSPM.
Enter your password for the SDM and choose Log On.
If you enter an incorrect password three times in a row, the SDM server will be stopped. You must start it
and log on to the JSPM again.
JSPM connects to the SDM server to deploy support packages and software components. The SDM server
performs additional validation of the support packages and software components for deployment.
A software component archive (SCA), Java archive (JAR) or SAP archive (SAR) can be deployed by the
JSPM.
Before the deployment of a software component, the SDM server performs additional version checks.
Only new software components that have a higher counter than the counter of the old software
components can be deployed. For more information, see SAP Note 621928.

© SAP AG 11
© SAP AG 2006
JSPM – Deployment Options
Choose „Deployment“, and then „New Software Components“ to
apply new Java components to an existing system
JSPM
Allows you to apply a support package stack
Allows you to apply single support packages
Allows you to deploy new software components that are not part of an SAP usage type
Informs you if restarting of the J2EE Engine is necessary during the deployment process
Logs the deployment processAllows you to restart the deployment of support packages

© SAP AG 12
© SAP AG 2006
JSPM – Deploy new Software Components
Launch JSPM an log on to JSPM
If you apply SRM business packages to an existing landscape, one of your
tasks will be to deploy a new software component to your Enterprise
Portal System.
In this example, we assume that you want to install:
BPSRM01_0.SCA (contains the SRM Package for the Enterprise Portal)
The JSPM procedure is:
Choose “Deployment”, and then “New Software Components”
Choose all .SCA files which you want to install from the
usrsaptransEPSin directory. In our example it will be:
•BPSRM01_0.SCA
1
2
3
Choose and dowload
„Business Package for Employee Self-Service (mySAP ERP) 1.0“
4
JSPM builds a queue with the correct deployment order and performs a status check
Choose „Deployed Components to check if the SCA´s were really applied
5
JSPM builds (similar to the ABAP transaction SPAM) a deployment queue and checks dependencies
within the queue
After the installation, use JSPM to check if the desired .SCA files were applied successfully.

© SAP AG 13
©SAP AG 2005
Portal Connections
JSPM Introduction

© SAP AG 14
© SAP AG 2006
Portal WebDynpro Authentication
AS-JAVA
Enterprise Portal
SAP SRM Server (AS-ABAP)
Certificate
User: ABC
User: ABC
Important facts:
Identical user name in all systems
Local assignment to roles/
authentications
WebDynpro Application
BP-SRM
The user name (Example user: ABC) must be identical in the AS-ABAP and the AS-JAVA. However, in
each system (AS-ABAP and AS-JAVA) you have to assign individual roles and authentications locally.
The WebDynpro Application connections can be configured with:
Explicit logon with user/password
- username AND password must be kept identical in both systems
Logon ticket
- Password not used in SAP LogonTicket-based communication
Certificate (X.509)
- certificates must be generated in both system
- ensure that all certificates have the same expiration date

© SAP AG 15
© SAP AG 2006
Portal WebDynpro User Management - Overview
AS-JAVA
AS-JAVA
Enterprise Portal
System Landscape Directory
SAP SRM Server (AS-ABAP)
JCO
RFCLogonTicket
The WebDynpro Server connects to the
SLD via an HTTP connection,
with user „Administrator“, or an SLD
user which belongs to group
SAP_SLD_ADMINISTRATORS
The WebDynpro Server connects to the
SLD via an HTTP connection,
with user „Administrator“, or an SLD
user which belongs to group
SAP_SLD_ADMINISTRATORS
User Administrator
SU01: User ABC
UME:
UME:
User ABC
WebDynpro Application
BP-SRM
UME:
The system uses the administration user for the J2EE server with which you are logged on to check the
authorizations. If this user does not exist in the SAP SRM system, the system issues the following error
message when you check the connection:
com.sap.mw.jco.JCO$Exception: (103) RFC_ERROR_LOGON_FAILURE: Unable to check the issuer
of the SSO ticket.

© SAP AG 16
© SAP AG 2006
Configure User Management
The users created for the business package must have
a business partner
central person
organization unit relationship
assigned within the EBP system.
In addition to its own user store, the portal can be configured
against the SRM Server system’s user management, LDAP, or EBP
Central User Management Administration (CUA) ABAP client.
There are a number of potential scenarios for user management:
Use Database only as Data Source
Use LDAP Directory as Data Source
Use Application Server ABAP as Data Source

© SAP AG 17
© SAP AG 2006
Logon to the Portal as Adminstrator user and choose System
Administration -> System Configuration -> UME Configuration
or call directly http://<portal-host>:<port>/useradmin
UME Data Sources
Select „ABAP System“ as Data Source
Please Note:
„ABAP System“ is the default Setting in Double-Stack-Installations
(for example, XI Systems)
„Database“ is the default Setting in Single-Stack-Installations
(for example, Portal Systems)
Select „ABAP System“ as Data Source
Please Note:
„ABAP System“ is the default Setting in Double-Stack-Installations
(for example, XI Systems)
„Database“ is the default Setting in Single-Stack-Installations
(for example, Portal Systems)
Several, so-called Data Source Configuration Files are offered:
dataSourceConfiguration_r3_roles_db.xml
- Create, read, and modify users in the AS ABAP system.
- You view ABAP roles as groups, but cannot modify them. You can create groups in the local AS
Java database only.
dataSourceConfiguration_r3.xml
- The UME reads users from the AS ABAP system. You can only create and modify new users in the
local AS Java database.
- You can create, read, and modify groups in the local AS Java database only.
dataSourceConfiguration_r3_rw.xml
- Create, read, and modify users in the AS ABAP system.
- You can create, read, and modify groups in the local AS Java database only.
The file dataSourceConfiguration_r3_roles_db.xml is functionally equivalent to
dataSourceConfiguration_abap.mxl. The file dataSourceConfiguration_r3_roles_db.xml exists for upgrade
compatibility only.
For information about when to change your configuration file, see SAP Note 718383.
For more information about dataSourceConfiguration_abap.xml, see User Management of Application
Server ABAP as Data Source.

© SAP AG 18
© SAP AG 2006
User Management of ABAP System as Data Source
If „ABAP System“ is selected as Data Source:
• an ABAP user SAPJSF with role
SAP_BC_JSF_COMMUNICATION_RO must exist
• Users of the ABAP system are visible as users in the
UME and can log on with their passwords from the
ABAP system
• Roles of the ABAP system appear as groups in the UME
• The hierarchy between collective roles and single roles is
realized as nested group structures
• New groups created with the AS Java are created in the
database of the AS Java
If „ABAP System“ is selected as Data Source:
• an ABAP user SAPJSF with role
SAP_BC_JSF_COMMUNICATION_RO must exist
• Users of the ABAP system are visible as users in the
UME and can log on with their passwords from the
ABAP system
• Roles of the ABAP system appear as groups in the UME
• The hierarchy between collective roles and single roles is
realized as nested group structures
• New groups created with the AS Java are created in the
database of the AS Java
The User Management Engine (UME) can use an SAP NetWeaver Application Server (AS) ABAP as its
data source for user management data. This enables for the following:
Users of the ABAP system are visible as users in the UME and can log on with their passwords from
the ABAP system.
Roles of the ABAP system appear as groups in the UME. The hierarchy between collective roles and
single roles is realized as nested group structures. New groups created with the AS Java are created in
the database of the AS Java.
Different interpretations of the “contains in” relationship between ABAP systems and the UME results in a
reversal of the visual arrangement of groups. A group representing a collective role is a child element of
the group representing a single role. In the ABAP system, the single roles appear as child elements of
collective roles.
User and role assignments in the ABAP system appear as user and group assignments in the UME. You
can use the ABAP roles for authorization management in the UME, by adding the groups representing the
ABAP roles to the UME roles.
When you use an AS ABAP as the data source for user management data, the following constraints apply
when using the tools of the AS Java:
Password Administration
- Due to the security policy of the AS ABAP, users can change their passwords only once per day. This
is true, even if an administrator resets the user’s password. However, if the administrator provides a
new password, the user can and must change his or her password the next time he or she logs on.

© SAP AG 19
Read-Only and Read-Write Access to the ABAP User Management
- The file dataSourceConfiguration_abap.xml grants the UME read-write access to the AS ABAP by
default. Write access to the AS ABAP system fails if one of the following is true for the system user
communication between the UME and the AS ABAP (default name SAPJSF):
- The user has no ABAP role
- The user is assigned to an ABAP role with read-only access
When the AS Java starts, the UME checks the roles assigned to the system user and if it finds no roles or
only the role SAP_BC_JSF_COMMUNICATION_RO, the UME switches to read-only access for users
located in the ABAP system.
If the UME has read-only access, you cannot modify user attributes stored in the ABAP system, like first
name, and last name. You can modify attributes stored in the UME database, like street. Even if read-only
access is assigned, users can still change their own passwords.
If the UME has read-write access, you can create users using the AS Java tools. They are stored as users in
the AS ABAP. Extended user data that cannot be stored in the standard AS ABAP user record is stored in
the database of the UME.
To enable read-write access to the system user, assign the system user the ABAP role
SAP_BC_JSF_COMMUNICATION.
You can activate the self-registration and maintain-own-profile functions provided by the UME. In this
way users can change their e-mail address, which they cannot change using the tools provided in the
ABAP system

© SAP AG 20
© SAP AG 2006
User Mapping
Please Note:
In Identity Management you don´t need a user mapping if you have identical user
names in the portal and the backend system
On the other hand, you need user mapping if you DON´T have identical user
In the Portal Alias, you can select EITHER user mapping OR normal sap logon
You cannot mix both methods within a Portal Alias
Please Note:
In Identity Management you don´t need a user mapping if you have identical user
On the other hand, you need user mapping if you DON´T have identical user
In the Portal Alias, you can select EITHER user mapping OR normal sap logon
You cannot mix both methods within a Portal Alias

© SAP AG 21
© SAP AG 2006
Creating Users
Users need to be created for the business package. You can create users
manually in the portal; alternatively, purchasers can create their own
portal users through the process of self-registraton in SRM Server.
Log on to the SAP Enterprise Portal with the SRM Administrator user.
In the SRM Administration workset, navigate as follows:
Enterprise Buyer → Manage User Data
Click the Create Users button
Complete the information in the Enter User Data form that appears on the far
right side of the screen
Save
User Creation by Purchasers via Self Registration
Execute the following URL in a browser:
http://<SRMhost>:<port>/<ITS Path>/bbpat03/!
This will start an internal workflow that needs to be approved by a
manager.
The SRM Manager of the backend system ensures that the user, business
partner, and central person in the organizational structure are associated
correctly.
Now, users can log on to the portal with their SRM user data password.

© SAP AG 22
© SAP AG 2006
SRM Roles - Portal
The portal provides standard roles for SRM applications
1
3
2
Besides the SRM roles, a user should have the roles eu_core_role, eu_role and Everyone assigned.

© SAP AG 23
© SAP AG 2006
Assigning Business Package Roles to Users in SAP EP
Users in the SAP Enterprise Portal must be assigned the appropriate roles within the
portal for access to the content of the Business Package for SRM 6.0.
Logon to the SAP EP as a portal administrator.
Assign a BP role to each portal user according to the user’s business responsibility
For information on how to assign business package roles to portal users, see the documentation on
Assigning Roles to Users and Groups on the SAP Help Portal.
In the portal choose User Administration -> Identity Management
Enter „Role“, „All Data Sources“ and „*srm*“ as search critera and press „GO“
Double-click on a role, for example „Strategic Purchaser“ to display the role details
In the Details, choose „Assigned Users“
Enter „All Data Sources“ and „*“ as search critera and press „GO“

© SAP AG 24
© SAP AG 2006
SRM Groups - Portal
The portal provides standard groups for SRM applications
1
3
2
Instead of assigning roles directly, you can also assign roles to a group and assign the groups to the users.

© SAP AG 25
© SAP AG 2006
Assigning Backend System Roles to Users in the Backend
System
You need to assign
roles to existing users
in the backend
systems that
correspond to their
portal role
assignments.
In each backend
system, use
transaction SU01 to
assign users to
backend system roles.

© SAP AG 26
©SAP AG 2005
Portal Connections
JSPM Introduction

© SAP AG 27
© SAP AG 2006
Systems and System Aliases
To use the Business Package for SRM 6.0, you must create a system that
points to the SAP SRM 6.0 server.
You must assign the alias SAP_SRM to the system you create.
For the Business Intelligence (BI) Reports to be displayed, you must create
an additional system that points to a SAP BI system, You must assign the
alias SAP_BW to the BI system you create.
This following slides outline how to configure the following:
Creating System Objects
Configuring System Objects for Backend Systems
Creating and Adding a Backend System Alias
SAP BW 7.0
BI_CONT 7.0.3
Basis plug-in
mySAP
SRM 6.0
server
WD
EBP
SAP R/3 back-end
system
SAP R/3 plug-in
FI/CO
Portal layer
Business package
for mySAP SRM 6.0
http(s)
Portal core

© SAP AG 28
© SAP AG 2006
Connection Alias to SRM System
Logon as Portal Administrator and choose
„System Administration -> System Configuration“
Browse the content tree for system objects,
for example choose „Content Provided by SAP -> Systems“
Logon as Portal Administrator and choose
„System Administration -> System Configuration“
Browse the content tree for system objects,
for example choose „Content Provided by SAP -> Systems“
This procedure outlines how to add a system alias for each system object.
You are logged on the SAP EP as a portal administrator.
You have created system objects.
You have configured system objects for corresponding external backend systems.
Use the alias name that corresponds to each backend system as indicated in the graphics
From the System Administration workset, navigate as follows:
System Administration → System Configuration → System Landscape and select your previously-
created system object
Choose Open → System Aliases.
Enter an alias from the table below and choose Add.
Save your entry.

© SAP AG 29
© SAP AG 2006
Connection to AS-ABAP (in SRM System)
Enter the hostname and port number
of the ICM, which is running in the
WebAS of your SRM Server
WebAS of your SRM Server
Create a system object for each backend system you decide to integrate with the Business Package for SRM 6.0.
You must log on to the Portal as System Administrator.
Identify if your system landscape includes SAP System with Load Balancing or a Dedicated Application Server for
R/3.
The decision to choose either SAP System with Load Balancing or a Dedicated Application Server for R/3 was
made when your backend systems were implemented.
We recommend SAP System with Load Balancing
Create the system objects. To do this, go to the SRM Portal Administration workset, navigate to the System
Landscape iView as follows:
System Administration → System Configuration → System Landscape and select the desired location where
you want to create the system objects, for example, you might create a folder called Systems.
Using the context menu (right-click), select New → System (from template).
Depending on your system landscape, select one of the following:
- SAP System with Load Balancing or Dedicated Application Server for R/3 System
Choose Next.
Enter at least the values in the following fields:
- System Name
- System ID
- Choose Next.
- Choose Finish.
If you want to create a connection to a BSP, ITS, or BW BEx Analyzer, you must fill in additional fields, like
WebAS Path, WebAS Protocol.

© SAP AG 30
© SAP AG 2006
Connection to ITS (in SRM System)
Enter the hostname and port number of the
integrated ITS, which is running in the WebAS of
your SRM Server.
Also, enter /sap/bc/gui/sap/its/webgui as ITS path
This path can be found in the Service Tree of
transaction SICF.
your SRM Server.
transaction SICF.
Enter the Host Name always in the form: <server>.<domain>:<port>
R/3.
Choose Next.
- System Name
- System ID
- Choose Next.
- Choose Finish.

© SAP AG 31
© SAP AG 2006
Connection Alias to SUS (in SRM-SUS System)
Save your entry.

© SAP AG 32
© SAP AG 2006
Connection to SUS (AS-ABAP in SRM System)
WebAS of your SRM-SUS Server
WebAS of your SRM-SUS Server
R/3.
Choose Next.
- System Name
- System ID
- Choose Next.
- Choose Finish.

© SAP AG 33
© SAP AG 2006
Connection to SUS ( ITS in SRM System)
your SRM-SUS Server.
transaction SICF.
your SRM-SUS Server.
transaction SICF.

© SAP AG 34
© SAP AG 2006
Connection Alias to BW System
Save your entry.

© SAP AG 35
© SAP AG 2006
Connection to BEx Analyzer (in BW System)
Enter the hostname and port number of the ICM,
which is running in the WebAS of your BW Server.
Also, enter /sap/bw/bex as BSP path of the BEx
Analyzer.
transaction SICF.
Enter the hostname and port number of the ICM,
which is running in the WebAS of your BW Server.
Also, enter /sap/bw/bex as BSP path of the BEx
Analyzer.
transaction SICF.

© SAP AG 36
© SAP AG 2006
Portal iView to ABAP WebDynpro Assignment
As you can see here,
the Portal iView „My Purchasing Documents“ is assigned as „WebDynpro for ABAP“
to the Application „powl“ with the Configuration „/SAPSRM/WDA_SRM_PA_PURCHASING“
Technically, the WebDynpro is called via URL
„http://p163045.wdf.sap.corp:8000/sap/bc/webdynpro/sap/powl“
Please note: This iView is shipped as part of the SRM 6.0 Business Package
the Portal iView „My Purchasing Documents“ is assigned as „WebDynpro for ABAP“
to the Application „powl“ with the Configuration „/SAPSRM/WDA_SRM_PA_PURCHASING“
Technically, the WebDynpro is called via URL
„http://p163045.wdf.sap.corp:8000/sap/bc/webdynpro/sap/powl“
Logon to the Portal with a user who is a Content Administrator.
Choose Content Administration -> Portal Content
Expand the content tree to Portal Content -> Content Provided by SAP -> specialist -> SRM 6.0 -> iViews
In the example, we selected the iView Purchasing Assistant -> My Purchasing Documents

© SAP AG 37
© SAP AG 2006
Finding the Corresponding WD in the SRM Server
As you saw on the previous slide, application „powl“ with configuration „/SAPSRM/WDA_SRM_PA_PURCHASING“
was assigned to a portal iView
In the SRM Server, call transaction SE80, select „Web Dynpro Comp./Inf.“ and search for „*POWL*“
Expand the tree until you find „/SAPSRM/WDA_SRM_PA_PURCHASING“
As you saw on the previous slide, application „powl“ with configuration „/SAPSRM/WDA_SRM_PA_PURCHASING“
was assigned to a portal iView
In the SRM Server, call transaction SE80, select „Web Dynpro Comp./Inf.“ and search for „*POWL*“
Expand the tree until you find „/SAPSRM/WDA_SRM_PA_PURCHASING“
If you double-click on „POWL“, you can see the URL
http://p163045.wdf.sap.corp:8000/sap/bc/webdynpro/sap/powl in the right frame of the window
Remember that this URL only works, if you previously activated the path „/sap/bc/webdynpro“, and the
corresponding sub-paths in transaction SICF.

© SAP AG 38
© SAP AG 2006
Portal iView to BW Query Assignment
the BW Query „0SR_MC01_Q0007“ which belongs
to the BW InfoCube „0SR_MC01“ is assigned to
the portal iView „ABC Analysis for Suppliers“
Please note: This iView is shipped as part of the
SRM 6.0 Business Package
the BW Query „0SR_MC01_Q0007“ which belongs
to the BW InfoCube „0SR_MC01“ is assigned to
the portal iView „ABC Analysis for Suppliers“
Please note: This iView is shipped as part of the
SRM 6.0 Business Package
Logon to the Portal with a user who is a Content Administrator.
Choose Content Administration -> Portal Content
Expand the content tree to Portal Content -> Content Provided by SAP -> specialist -> SRM 6.0 -> iViews
In the example, we selected the iView BI Reports-> ABC Analysis for Suppliers

© SAP AG 39
© SAP AG 2006
Connection to Category Management
The SRM Scenario Category Management requires the Business
Package „BP for Category Management“ to be installed in the
Enterprise Portal
The Package uses the SAP WebDynpro JAVA Programming Model
A WebDynpro JAVA-based application does not only use Portal
System Objects and Aliases, but also JCO Connections
For setting up the JAVA WebDynpro JCO Connection for Category
Management, refer to the Unit „WebDynpro Configuration“
mySAP SRM
6.0 server
CatMan
Bids,
contracts, and
master data
SAP BW 7.0
BI_CONT 7.0.3
Basis plug-in
Portal layer
Knowledge management /
collaboration room / UWL
cProjects
4.0
cProjects
4.0
CatMan
Web Dynpro
Java application
RFC
Business package
for mySAP SRM 6.0
Business package
for CatMan
Business package
for project portfolio management
and design collaboration 4.0
http(s)

© SAP AG 40
© SAP AG 2006
Performing a Connection Test
Please perform a „SAP Web AS connection“ test
for each portal system object you created.
Please perform a „SAP Web AS connection“ test
for each portal system object you created.
Logon to the Portal with a user who is a System Administrator.
Choose System Administration -> System Configuration
Edit a system object, and choose „Connection Tests“

© SAP AG 42
© SAP AG 2006
Portal Access to Multiple Catalogs - Example
a user called the „shop“ iView in the Portal.
In this example, the iView offers access to four
different catalogs.
The next slide shows, how this can be configured
a user called the „shop“ iView in the Portal.
In this example, the iView offers access to four
different catalogs.
The next slide shows, how this can be configured

© SAP AG 43
© SAP AG 2006
Assignment of Portal iView to Catalog URLs
the Portal iView „Shop“ is assigned as „WebDynpro for ABAP“
to the Application „wda_l_fp_gaf“ with the Configuration „/SAPSRM/WDAC_GAF_SC“
Technically, this WebDypro Module is called via the URL
„http://p163045.wdf.sap.corp:8000/sap/bc/webdynpro/sapsrm/wda_l_fp_gaf“
the Portal iView „Shop“ is assigned as „WebDynpro for ABAP“
to the Application „wda_l_fp_gaf“ with the Configuration „/SAPSRM/WDAC_GAF_SC“
„http://p163045.wdf.sap.corp:8000/sap/bc/webdynpro/sapsrm/wda_l_fp_gaf“
Retrieving the corresponding WebDynpro on the SRM Servers works exactly the same way a described
earlier:
In the SRM Server, call transaction SE80, select „Web Dynpro Comp./Inf.“ and search for
„/SAPSRM/*WDA_L_FP_GAF*“
Expand the tree until you find „/SAPSRM/WDAC_GAF_SC“
Double-click on „/SAPSRM/WDAC_GAF_SC“
Now you can see the URL http://p163045.wdf.sap.corp:8000/sap/bc/webdynpro/sapsrm/wda_l_fp_gaf
in the right frame of your window

© SAP AG 45
© SAP AG 2006
Typical Testing Error – User not in Org. Structure
Administrator users might run into testing problems, because
their user is not assigned in the Organizational Structure
(Transaction PPOMA_BBP in the SRM Server)
Here is an example for a typical error message:

© SAP AG 47
© SAP AG 2006
Certificate Configuration
ABAPJ2EE
Enterprise Portal
+ Web Dynpro Java
System
SRM
System
1. Create Portal Certificate
2. Export Portal Certificate
3. Import Portal Certificate
4. Distribute Portal Certificate
For a detailed description, see SAP Note 711768For a detailed description, see SAP Note 711768
To implement Single
Sign-On (SSO),
Certificates must be
created and distributed
To implement Single
Sign-On (SSO),
Certificates must be
created and distributed
Single sign-on must be configured for the SAP Enterprise Portal and for each backend system to be
integrated with the business package; the configuration procedure is the same.
The system objects for the mySAP SRM system within the system landscape have been configured with
the logon method saplogonticket.
Users must have the same user ID in all SAP Systems that are accessed using SSO with logon tickets
If you want to use SAP Logon Tickets for SSO between different systems (J2EE Engines and ABAP
Stacks), you have to exchange the ticket verification certificates.
Typically, users first logon on to the Enterprise Portal before starting an application on the backend
system. Then the general guideline is:
Export the public key certificate of the cryptographic key pair that is used for ticket signature generation
out of the store that stores it in the Enterprise Portal.
Import this public key certificate into the store in the Backend System that stores the certificate of all
trusted Single Sign-On parties.

© SAP AG 48
© SAP AG 2006
Enterprise Portal - Create Portal Certificate
Create a new Portal
certificate, by using the
“Keystore Administration”
utility in the Enterprise Portal
Create a new Portal
certificate, by using the
“Keystore Administration”
utility in the Enterprise Portal
2
1
Log on to the SAP EP as a portal administrator. From the System Administration workset, navigate as
follows:
System Administration → System Configuration → KeyStore Administration
Choose Download Verify .der file.
Save the file to your user-specified location.
In the backend system:
Extract the .zip file to upload the .der file into the system’s trust center.
To upload the file, go to the backend system and use the transaction strust.
Save your changes.

© SAP AG 49
© SAP AG 2006
Enterprise Portal – Export Portal Certificate
Export the Enterprise Portal
Certificate to a local file
Choose (*.key) as file type
Example: KTP.key
Export the Enterprise Portal
Certificate to a local file
Choose (*.key) as file type
Example: KTP.key
2
3
4
1
5
Please Note:
SAP J2EE Engines 6.30 SP4 or later use the UME as user store.
Procedure:
Log on to the Visual Administrator.
In the list "views" mark "TicketKeystore".
Then, mark "SAPLogonTicketKeypair-cert" in the list "entries" and click "export".
Save under verify.crt, for instance. The file extension "crt" in this ui means the same format as "der" in
the previous cases.
Exporting the ticket verification certificate:
- Start SAP J2EE Engine Visual Administrator (C:usrsap<SID>JC<nr>j2eeadmingo.bat):
- On the lefthand tab, click "cluster“ and navigate in the tree to Server->Services->Key Storage
- On the right panel, select the view “TicketKeystore“.
- The list of entries in this keystore view shows up.
- Select the entry SAPLogonTicketKeypair-cert and press button “Export”.
- Both supported export formats for the certificates are also supported for import in the ABAP stack, so
it’s your choice

© SAP AG 50
© SAP AG 2006
SRM System - Import Portal Certificate
Import the Portal Certifcate (Example: KTP.cert)
into the backend system (/nSTRUSTSSO2)
Choose type “Base64” and “Add to certificate List”
Now, the new System (here:KTP) appears in the SSO List
Import the Portal Certifcate (Example: KTP.cert)
into the backend system (/nSTRUSTSSO2)
Choose type “Base64” and “Add to certificate List”
Now, the new System (here:KTP) appears in the SSO List
1
2
3
4
Importing the ticket verification certificate into an ABAP Stack
In order to use SAP Logon Tickets issued by your engine to authenticate against an ABAP Stack, you
have to import the ticket verification certificate of the issuing engine.
Start transaction STRUSTSSO2
In the left panel tree expand the node “Logon Ticket”.
In the right panel frame “Certificate” press button “Import certificate” to import your certificate.
Add the certificate to your certificate list by pressing the corresponding button “Add to Certificate List”
Add the certificate to your SSO ACL by pressing the corresponding button “Add to ACL”
In the following popup type in your engine’s <SID> in the field “WPS system” and the client ID you
configured for ticket creation in your engine in the field “Client” (default is “000”)
Save your changes.
Import the public key certificate of J2EE engine into the ABAP Stack:
for each client (for example: 000, 004, 888), import the certificate and add it to the ACL (enter “000” in the
field “client”)
Distribute the tickets on all application servers (using STRUSTSSO2)

© SAP AG 51
© SAP AG 2006
SAP SRM System – Distribute Certificate
Do not forget to distribute the CertificatesDo not forget to distribute the Certificates
1

© SAP AG 53
© SAP AG 2006
Configure the Universal Worklist (UWL)
Configure the Universal Worklist for the Business Package for mySAP SRM 6.0
A system connection for the SRM backend must already exist
Create the UWL system: System Administration → System Configuration →
Universal Worklist & Workflow → Universal Worklist Administration → New
Register the UWL system under: System Administration → System
Configuration → Universal Worklist & Workflow → Universal Worklist
Administration
Configure the Universal Worklist for the Business Package for mySAP SRM 6.0.
A system connection for the SRM backend must already exist.
Create the UWL system: System Administration → System Configuration → Universal Worklist &
Workflow → Universal Worklist Administration → New.
Create the WebFlow Connector (for the Tasks pane):
Set the System Alias as the one used for configuring the backend system.
Set the connector type as WebFlowConnector.
Create the Alert Connector (for the Alerts pane):
Set the System Alias as the one used for configuring the backend system.
Set the connector type as AlertConnector.
Register the UWL system under: System Administration → System Configuration → Universal
Worklist & Workflow → Universal Worklist Administration.
Choose Register.

© SAP AG 54
© SAP AG 2006
Assignment of Portal iView to UWL
the Portal iView „UWL“ is assigned as „WebDynpro for ABAP“ to the Application „wda_l_fp_oif“
with the Configuration „/SAPSRM/WDAC_OIF_SC_PROF_PURCH“
„http://p163045.wdf.sap.corp:8000/sap/bc/webdynpro/sapsrm/wda_l_fp_oif“
the Portal iView „UWL“ is assigned as „WebDynpro for ABAP“ to the Application „wda_l_fp_oif“
with the Configuration „/SAPSRM/WDAC_OIF_SC_PROF_PURCH“
„http://p163045.wdf.sap.corp:8000/sap/bc/webdynpro/sapsrm/wda_l_fp_oif“
Retrieving the corresponding WebDynpro on the SRM Servers works exactly the same way a described
earlier:
In the SRM Server, call transaction SE80, select „Web Dynpro Comp./Inf.“ and search for
„/SAPSRM/*WDA_L_FP_OIF*“
Expand the tree until you find „/SAPSRM/WDAC_OIF_SC_PROF_PURCH“
Double-click on „/SAPSRM/WDAC_OIF_SC_PROF_PURCH“
Now you can see the URL http://p163045.wdf.sap.corp:8000/sap/bc/webdynpro/sapsrm/wda_l_fp_oif
in the right frame of your window

© SAP AG 55
© SAP AG 2006
Summary
Contents
Portal Setup for mySAP SRM
Now you are able to:
Download and install SRM Business Packages using JSPM
Configure User Management and Create Users
Setup connections to different SRM components
Understand how to configure Single Sign-On (SSO)
Configure Universal Work List (UWL)

© SAP AG 56
© SAP AG 2006
No part of this publication may be reproduced or transmitted in any form or for any purpose without the express permission of SAP AG. The information contained
herein may be changed without prior notice.
Some software products marketed by SAP AG and its distributors contain proprietary software components of other software vendors.
Microsoft, Windows, Outlook, and PowerPoint are registered trademarks of Microsoft Corporation.
IBM, DB2, DB2 Universal Database, OS/2, Parallel Sysplex, MVS/ESA, AIX, S/390, AS/400, OS/390, OS/400, iSeries, pSeries, xSeries, zSeries, z/OS, AFP,
Intelligent Miner, WebSphere, Netfinity, Tivoli, and Informix are trademarks or registered trademarks of IBM Corporation.
Oracle is a registered trademark of Oracle Corporation.
UNIX, X/Open, OSF/1, and Motif are registered trademarks of the Open Group.
Citrix, ICA, Program Neighborhood, MetaFrame, WinFrame, VideoFrame, and MultiWin are trademarks or registered trademarks of Citrix Systems, Inc.
HTML, XML, XHTML and W3C are trademarks or registered trademarks of W3C®
, World Wide Web Consortium, Massachusetts Institute of Technology.
Java is a registered trademark of Sun Microsystems, Inc.
JavaScript is a registered trademark of Sun Microsystems, Inc., used under license for technology invented and implemented by Netscape.
MaxDB is a trademark of MySQL AB, Sweden.
SAP, R/3, mySAP, mySAP.com, xApps, xApp, SAP NetWeaver, and other SAP products and services mentioned herein as well as their respective logos are
trademarks or registered trademarks of SAP AG in Germany and in several other countries all over the world. All other product and service names mentioned are
the trademarks of their respective companies. Data contained in this document serves informational purposes only. National product specifications may vary.
The information in this document is proprietary to SAP. No part of this document may be reproduced, copied, or transmitted in any form or for any purpose without
the express prior written permission of SAP AG.
This document is a preliminary version and not subject to your license agreement or any other agreement with SAP. This document contains only intended
strategies, developments, and functionalities of the SAP®
product and is not intended to be binding upon SAP to any particular course of business, product strategy,
and/or development. Please note that this document is subject to change and may be changed by SAP at any time without notice.
SAP assumes no responsibility for errors or omissions in this document. SAP does not warrant the accuracy or completeness of the information, text, graphics, links,
or other items contained within this material. This document is provided without a warranty of any kind, either express or implied, including but not limited to the
implied warranties of merchantability, fitness for a particular purpose, or non-infringement.
SAP shall have no liability for damages of any kind including without limitation direct, special, indirect, or consequential damages that may result from the use of
these materials. This limitation shall not apply in cases of intent or gross negligence.
The statutory liability for personal injury and defective products is not affected. SAP has no control over the information that you may access through the use of hot
links contained in these materials and does not endorse your use of third-party Web pages nor provide any warranty whatsoever relating to third-party Web pages.
Copyright 2006 SAP AG. All Rights Reserved

Srm 6.0

More Related Content

What's hot (19)

Viewers also liked (12)

Similar to Srm 6.0 (20)

Recently uploaded (20)

Srm 6.0