User Access via the Access Control Engine (ACE) in mySAP CRM · ©SAP AG 2005, SAP TechEd ’05 /...

Session ID: AGS206

User Access via the Access Control Engine (ACE) in mySAP CRM

Contributing Speaker(s)

Larry JusticePlatinum Technical Consultant, SAP America

Learning Objectives

As a result of this workshop, you will be able to:

Understand an overview of ACE functionalityUnderstand the underlying architecture for ACEHave better understanding of developing and both from the developer’s perspective and from a security perspective using ACEHave a better understanding of the impact that implementing ACE has on user access management in CRM 4.0

Development / Security Section C

Summary Section D

Overview Section A

Architecture Section B

Channel Management

Object 2

Object 3

Brand Owner

Channel Manager

Partner 1 Partner 2

Miller

Partner Employee

Partner Manager

Portal Role

Company

Partner Employee

Partner Manager

Jones Smith Gold Silver

Object

Object 1 Object 4

Object 5

Object 6action

Relations in the Business

Typical relations of business objects to a partner company organization

Relation to Assign Access Rights

The relation “MyCompaniesLeads”

The Actor (Org-Element) in the Relation

Use Cases in the Channel Management

Partner Employee can create, read, edit, and analyze accounts within his partner company. He can also read and edit (but not delete) accounts assigned by Channel Manager

Partner Manager Channel Commerce creates, reads, edits, deletes, and analyses partner specific condition records

Partner Manager and Partner Employees are only allowed to see their accounts (Relation: "is account of" / "has accounts")

Partner Manager has read access to leads where his organization is the Sales Partner of this lead

Use Cases in the Channel Management

Partner Manager has full access (create, read, edit, delete, analyze) to opportunities created by himself or an employee of the own company

Channel Manager has only access to read, edit and analyze an order (not to create or delete) for all orders of all partners. View own organization‘s customer orders only; no further restrictions. View, edit, etc. own organization‘s catalog (i.e. catalog with subscribed products) only; Product Subscription & Lead Time maintenance: Partner Manager – Channel Commerce only

Limitations to the Uses Cases

Covered by existing authority conceptThe create action is not possible for ACE

Future ReleasesIntegration of BW and ACE is a point for future releases to analysis requirementsAdditional actions like “negotiate” or “dispatch” planned for future releasesValidating rights for a creation or dispatch process planned a for future release

Rule Administration

Administration of rules:Actor type is the type of the organization element in the relation between user and business objectGetActorsFromUser calculates the Actors to every user assigned to that rightGetActorsFromObject calculates the Actors to every object returned by the GetObjectsByFilter

Relation ID (Rule ID)

Actor Type Object Type

GetActors FromUser

GetActors FromObject

GetOb-jectsByFilter

MyLeads Contact Lead UserS Contacts

LeadSPartner-Contacts

MyCompa-niesLeads

Partner Company

Lead UserSPartner-Companies

LeadSPartner-Companies

German Leads

Rights Administration

Administration of rightsIn the most cases user groups are based on roles (portal-roles)Rules describe the relation between user and objectsActions are the combination of the single actions of read, write and delete

After some changes in the rights tables the administrator has toactivate the changes with an activation-tool

Rights

Right User Group Object Type Rule Action

R314 All Partner Roles Lead MyCompaniesLeads Read

R315 Partner Manager Lead MyCompaniesLeads Change

R316 All Partner Roles Lead MyLeads Full

Definition of Rights Access Control List

Rule (Scenario) interface

To develop a rule, the scenario owner has to develop three interfaces:

Determine actors from userDetermine actors from business objectDetermine lists of objects in the focus of the rule

The Channel Management team has to be involved with the development of the rules for their use cases

Application Interface

For application integration SAP provides three kinds of interfaces:

Runtime interfaces:Single object checkMultiple objects checkGet access control list for some objects

Management interface:Inform ACE about new objects (call synchronously if possible)Inform ACE about changed objects

Authority mode interface:Informs about states of the ACE

Summary Section D

Overview Section A

Architecture Overview

Architecture:Instance-based authorizationBuilding subset of usersBuilding subset of objectsUsing business relations to calculate authorization

Processes:Database cacheUser context calculationActivating rightsSession cache and authorization checkObject creationObject changes

Authorizations in Channel Management

Basis AuthorizationsBased on authorization objectsReaches down to transaction, field, and field value level

Dynamic AuthorizationsFramework to determine user dependent access rights on object levelApplication can check access rights for actions on business objects

Basis authorization conceptUser

object classauthorization object

authorizationauthorization fields(ex. display, change)

SAP AuthorizationsSAP Authorizations

Dynamic Authorizations

Portal Role APortal

User 1

Company 1 Company 2

Object 1Object 2Object 3

actionaction

User 2

Building Subset of Users

ACE User Groups

UserRole

Roles known by ACE User Groups (R1 & R2)

Gr2Gr2

Gr1Gr1

Roles assigned to Users Example: User “5” has Role “R3” and “R4”

User not under ACE control

Building Subset of Objects

ACE Object Filter

F1Lead 01

Lead 02

Lead 03

Lead 04

Lead 05

Lead 06

Lead 07

Lead 08

Lead 09

Lead 10

Lead 11

Lead 12

ObjectsObjects returned by an object filter

Objects not under ACE control

User- and Object-Context

User-contextThe functions „GetActorFormUser()“ calculate the user-contextExamples for types in the user-context:

CompaniesOrg-UnitPositionSales Area

We call this types „Actor-Type“We call the values in the user context „Actor“

Object-contextThe function „GetActorFromObject()“ calculate the object-contextExamples for values in the object-context:

CompaniesOrg-Unit

User- and Object-Context II

Objects

ACE Object Filter

Gr2Gr2

Gr1Gr1

ACE User Groups

User-Object-Context

Business function to calculate theUser/Object Context

Lead 01

Lead 03

Lead 04

Lead 05

Lead 06

Lead 07

Lead 10

Definition of Rule

Parts of a Rule:1. User Context: GetActorFormUser()

2. Actor Type3. Object Context: GetActorFormObject()

4. Object Type5. Filter: GetObjectByFilter()

F1Lead

Rule ID Actor Type Object Type

GetActors FromUser

GetActors FromObject

GetOb-jectsByFilter

MyLeads Contact Lead UserS Contacts

LeadSPartner-Contacts

MyCompa-niesLeads

Partner Company

Lead UserSPartner-Companies

LeadSPartner-Companies

German Leads

Definition of Right

Parts of a Right:1. User Group2. Rule3. Action: What kind of action can a user do with his objects4. (Not “Object Type”, makes administration easy)

Rights

R314 All Partner Roles Lead MyCompaniesLeads Read

R315 Partner Manager Lead MyCompaniesLeads Change

R316 All Partner Roles Lead MyLeads Full

RoleRoleGr1Gr1

12 Lead

Lead 01

Results

No new roles for authorization necessary

Add new rights without code modification in the business object code

Customer code used as an add-on

Use of business relations make the coding of rules very easyDefinition of actor types is very important task when using ACE in a project

Runtime Cache

Calculate every rule by every authorization check?Good performance can be achieved for authorizations by pre-calculation (caching) rule results

Structure of the database cache

Additional memory caches exist

There are processes working with this data:First authorization check User ContextActivating rights ACL (User Context)Authorization checkCheating objects ACLChanging objects ACL

User Context

ACE Group ID

ACE Group

Right ID

Access Control List

Business Object ID

ACE Group ID

Action

ACE Group ID1 *1*

Summary Section D

Overview Section A

Overview of Authorizations and ACE

Access Control Engine

Authorization Objects

Implicit Authorizations

Other concepts

Portal Role

Authentication

Portal Content

Application

AuthorizationPortal User

CRM User

CRM Business Partner

First Authorization Check (User Context)

The first steps are:1. Is the ACE inactive? (CUSTOM)2. Is this query a „Friendly Call“ ?3. Is the action to be checked supported by the ACE?4. Is the object type to be checked relevant for the ACE?5. Is the user an active ACE user?

Now ACE starts working with:Is the user cached? (App-Server)Has the user context expired? (customizable; default value = 16 hours)Determining the active status

Remark:App-server cache and database cache are the same

User Context Cache

Calculating the new user context1. Get all Roles of the user2. Get all ACE-User-Groups of the user3. Get all Rights for the user4. List all different “GetActorFromUser()” functions5. Calculate all different Actors6. Create all new ACE-Group entries (Right-ID, Actor) pair7. Change Entries in User-Context-Table

Create App-Server-Cache for user context

Remark: Start and end-time of a right is only used in the user context, not in ACLIf a user’s roles change, the administrator has to refresh the user-context manually

Activation of Rights and User-Groups

The first step of activating is to copy the design-time data into the corresponding runtime tables

Changing ACE configuration has no influence on the runtime until they are activated

You find the list of active rights and user groups by using the deactivation value-help

Activating Rights (ACL- Calculation)

Two separate steps:1. Get all objects, using the

filter2. Calculate all ACL-entries

in small parallel processes

Retrieve all objects to be activated

Insert objects into the work table, block by block

Read N blocks of 100 objects at most

Enqueue objects in this block and proceed with activation

Update information on the success/failure as well as reporting

Commit the work in this LUW and dequeue objects in the block

Create reporting data

Runtime Authorization Check

Some processes call the ACE authorization check very often for the same object

There is a runtime cache for checked ACE entriesThis cache is a session cacheThe runtime store isonly for objects createdin the same session

CHECK_SINGLE_OBJECT_GUID /CHECK_MULTIPLE_OBJECTS_GUID

CL_ACE_RUNTIME_STORE

CL_ACE_USER_OBJECTS_CACHE

DB TableXX_ACL

e.g. read from ACL

Runtime-Store

UserObjects-Cache

Runtime Changes of Business Objects

All business objects under ACE control send change and create notifications to ACE

There are two different calls from the business object to ACEHandleNewObjects()

HandleChangedObjects()

Two different calls are necessary, because of different processes

Creating New Object

During the creation process, the following happens:Write full access in the session runtime storeWrite the temporary ACL entry (Full control for the creator) in the DBStart a background process to calculate the new ACL entries

In the background processList all “Filter” for this ObjectCalculate all used “GetActorFormObject()” functions using the “Filter”Calculate all actors for this objectWrite all new ACE-Group entriesWrite all new ACL entriesRemove temporary ACL entry

RemarkThe creator can directly access his created object(s)

Change Object

During the change process the following happens:Start a background process to calculate the changes of ACL entries

In the background processList all “Filter” for this objectCalculate all used “GetActorFormObject()” functions using the “Filter”Calculate all actors for this objectWrite all new ACE-Group entriesCalculate the delta of ACL entriesWrite all new ACL entriesRemove all unused ACL entries

Remark:If only right independent attributes are changed, there is no write access to the DB

Dynamic Authorizations – Example 1

Megan (User A, manager with a partner company) wants to see the leads assigned to her company

Hierarchical structure of partner organization Business objects

Business objects

Dynamic Authorizations – Example

Rules to determine access for the lead

Rule 1: Check which contact person the lead is associated with

Rule 1b: Look up primary partner company for contact person

Rule 2a: Retrieve the contact person for user Megan

Rule 2b: Look up primary partner company for contact person

Rule 3: Compare partner companies, if identical: show lead to Megan

Dynamic Authorizations – Example Cont’d.

Portal Role

Sales Area

Object

1520/99/40

1010/99/32

1600/99/34

Schmitt

Müller

Manager

Employee

Elektro-Heinz

Rights

R007 Manager Customer MySalesAreasCustomes Full

R008 Empoyee Customer MySalesAreasCustomes Read

Portal role consists of applications user is able to work withNo application available in the role no access at all

User is assigned to portal roleDifferent portal roles enable different authorization on role level

Application itself consists of “implicit” authorizationE.g. Sales Order Management does not include Opportunity Management

Application supports authorization checks via ACEApplication (resp. the assigned CRM object) supports ACE checks, the current user is activated for ACE checks, and corresponding ACE rule is activated

Application/CRM offers authorization checks via Basis AuthorizationAuthorization object is available, application does checks on authorization objects, and user is assigned to authorization objects

Different levels and possibilities of authorizations:Top-down view

To implement an authorization matrix, as proposed, there are several possibilities and dependencies, which have to be taken into account First of all, there is the portal role definition. If the authorization matrix does not have a mark for a specific role-application combination, this particular application should not be part of the role definition at all. Therefore the user assigned to this role does not have the application available and therefore no authorization at all

Next level is to use specific BSP application view to implement "functional" authorizations on UI level, e.g. remove a create button restrict this capability for a specific role.A role specific application may also be used in combination withunderlying authorization concepts to implement an "ideal solution"This means for example, if you only have read-access to a certain object without the right to create new ones, but there is a create button available, this button can be completely removed by defining a corresponding BSP application view

Now ACE comes into play, if activated and if necessary for a specific business process. Authorizations implemented via ACE using rules(which) and rights (how) define which documents a user (assigned to a certain role) may see and how these documents may be accessed.Currently implemented and available actions are write, read, anddelete. ACE sits on top of basis authorization

Last, but not least, the basis authorization can be used to define "overall" authorizations in the system. Here authorization objects assigned to users/user groups define what access is allowed

The role itself represents the center of all authorization, and it is used at each "level" (portal role definition, BSP application view, ACE, and basis authorization) as a kind of anchor in the authorization model/matrix

Comments about Basis Authorizations

Basis authorization and ACE:Basis authorization may be used best to define basis authorizations, e.g. a whole role should only have read access to a certain transaction or application. This should be implemented using basis authorization objects assigned to a role/user group (even if it could be accomplished via ACE)

By doing as much of the restrictions in the backend using basis authorizations for the affected roles, the development work using ACE is simplified

Comments about Basis Authorizations

Basis authorization and ACE:If a certain role should only have access to a specific range ofdocuments, e.g. only for a particular channel partner (<=> sales partner), then the ACE should be used implementing corresponding rules (which documents should be visible) and rights (how documents are accessible)In this case it is necessary to clearly define which characteristics (partner functions; relations; etc.) are used to determine the rule process (actors from user; actors from object)To come to such a clear technical definition, a list of business rules describing the business requirement in a matrix is extremely helpfulA combination of both, basis and ACE, can be used, but from a business perspective it can increase user administration costs (duplicated effort; potential confusion of access modes used in complex roles; etc.)

ACE Right Definition Process Detail cont’d.

Example of External Matrix

Rights/Roles

Roles Partner Manager

Lead Manager

Sales Manager

Portal Administrator (web support center)

Partner Management Rights

Partner Profile Management R/M/D/E R R R/M/D/E

Account Management R/M R R/M/D R/M/D/E

User Management R/M/D/E

Sales Cycle

Activities R/M/D R/M/D R/M/D R/M/D

Leads R R/M/D R

Opportunities R/M/D R/M/D/E

Orders (B2B-Shop) R/M/D R/M/D/E

Legend: R = Read only E = Execute (reports, search) D = Delete M = Maintain

ACE Right Definition Process Detail

Steps for coming from an authorization matrix to ACE-based authorizations access control on document level:

Authorization matrix generated by business departmentTranslation of authorization matrix into ACE-related building blocksCustomizing and implementation of ACE building blocks

Overview(Preliminary) Activation for testingTesting

Results of final ACE rights activationOverviewTesting

Runtime monitoring of ACE authorizationsOverviewTesting

ACE Right Definition Process Detail

Now let’s look at the actual screen shots involved in setting up ACE functionality.

This involves both developers and security resources working together.

The first part of the process involves a developer resource to do the configuration part

Log on to CRM Development Instance

Execute /nspro

Select „SAP Reference IMG“

Select Customer Relationship Management

Next select Basic Functions

Now select Access Control Engine

Next select User Groups

Click on Assign Users to User Groups

Setting Up Rules for ID’s/Roles for ACE

Finally, we are in the proper part of the IMG, so:

The first step in the process is to assign the ‘role’ or ‘user’ ID’s to an ID or role. In this situation, we are going to tie a user ID to a specific role. If you are going to assign it to a ‘group’ of people, you would assign the backend ‘Z’ BASIS security role as shown in the following Screen Shot

But in this case, we are going to assign the CRD_SARF2 user to the SAP_CRM_PARTNER_EMP group and assign the user group child type as ‘U User’since this is a user ID.

Unfortunately, currently there is no search for the ‘User Group Child’ functionality, you have to know the ID or the BASIS role you wish to attach.

Once this is completed, we have to decide what rules we wish to activate. For this case, we are going to make it so a CP can maintain, edit, change, display BP’s. If this is the first time ACE is being used, you must enter the developers tool to activate the necessary groups and rules. For this scenario I have activated the following group’s and ID’s.

SAP_CRM_PARTNER_EMP User Group is Activated

Rules which have been activated

LEAD_CHP_CP_EMP

a) PARTNER EMPLOYEE: CONTACTPERS. CHANGE

b) Account (ACCOUNTCRM)

c) Partner employee (SAP_CRM_PARTNER_EMP)

d) Grants the partner employee, as contact person with the relationship type "is contact person for" and the portal role Partner Employee, access (read- and write authorization (ACT_GRP_CHANGE)) to all end customer business activities. Here, the business partner must be a contact person, who in turnhas the relationship "is contact person for" a business partner who has the relationship "is end customer of" his or her own company

LEAD_CHP_ENDCUST_EMP

a) PARTNER EMPLOYEE: END CUSTOMER CHANGE

d) Grants the partner employee, as contact person with the relationship type "is contact person for" and the portal role "Partner Employee", access (read- and write authorization (ACT_GRP_CHANGE)) to his or her own company’s end customers. The business partner must have the relationship "is end customer of" his or her own company

LEAD_CHP_PROSP_EMP

a) PARTNER EMPLOYEE: PROSPECT CHANGE

d) Grants the partner employee, as contact person with the relationship type "is contact person for” and the portal role "Partner Employee", access (read- and write authorization (ACT_GRP_CHANGE)) to all of the user’s company’s prospects. The "Prospect" must be in an "is end customer of" relationship to the "Company" that the current partner employee is a contact person of. Or the "Prospect" is the "Company" itself, then the current user also has access ("to own company as prospect "; this is only of interest if the lead is used as a quotation for the channel partner itself).

CHP_CONSUMER_EMP

a) PARTNER EMPLOYEE: CONSUMERS DISPLAY

d) Grants the partner employee, as contact person with the relationship type "is contact person for" and portal role Partner Employee, access (read authorization (ACT_GRP_READ)) to all consumers. The business partner must exist in the business partner role "Consumer".

Working with the Business Package

The security team will be involved in this activity

Once you have activated the rights, let us create/modify the Business Package (BP) associated with the test user ID and then assign them a organization. Open up the BP associated with the user ID. (note, if you are assigning ACE rules to a specific ‘role’ you must maintain the Role in the Role area of the following screen shot)

In the BP you have open, maintain a ‘Contact Person’ as well as the ‘internet user’ role of the partner

Once this is done, now assign user to the organization that he represents when he logs in. For example, if I am an employee atAce Apple’s than I would assign myself as a contact person at Ace.

Working with the Business Package

Create Ace Apple’s BP and Associate crd_Sarf2 to it

Activating User Group SAP_CRM_PARTNER_EMP

Back in the ACE Administration Tool:

Select the user group to activate (here it is the SAP_CRM_Partner_EMP)

Once this is completed successfully, then you will notice all of the condition ‘traffic lights’ will be green as seen on the next slide.

Activating User Group SAP_CRM_PARTNER_EMP

Rights Have Been Activated

Final Step

Back to the administration tool and the last thing needed to do is to refresh the user (note, if you use roles you do not have to do this) Once this is done, everything should be active for the test ID

Schematic View of what has been set up

Summary Section D

Overview Section A

Summary

ACE functionality based on Rules, Rights and Roles in the portaland the backend system

It is important for the developer team and security to work together during the initial configuration of ACE functionality

Where ever possible use the capabilities of the basis authorizations in the backend system to simplify the development and use of ACE functionality

It is very important to have an overall naming convention for the portal roles, the ACE user groups, and backend user roles BEFORE implementing ACE

Final Comments

When ACE is activated initially, there is no access to any documents for an activated user as long as there is no ACE rule to grant access!

ACE cannot “extend” authorizations granted by Basis Authorizations, but refine

Extend: the basis authorization object does not grant access “at all”, then no ACE rule can change thisRefine: if the basis authorization object does allow “change”, but ACE rule(s) does not user is not able to change object(s). So it can act as an additional filter of allowed access.

ACE can be used if authorization per “object” based on “object”attributes are required for different user groups

Further Information

Public Web:www.sap.comSAP Developer Network: www.sdn.sap.comNetWeaver Developer‘s Guide: www.sdn.sap.com/sdn/developersguide.sdnSAP Customer Services Network: www.sap.com/services/

Related SAP Education Training Opportunitieshttp://www.sap.com/education/

Questions?

Please complete your session evaluation.

Be courteous — deposit your trash, and do not take the handouts for the following session.

Feedback

Thank You !

No part of this publication may be reproduced or transmitted in any form or for any purpose without the express permission of SAP AG. The information contained herein may be changed without prior notice.Some software products marketed by SAP AG and its distributors contain proprietary software components of other software vendors.Microsoft, Windows, Outlook, and PowerPoint are registered trademarks of Microsoft Corporation. IBM, DB2, DB2 Universal Database, OS/2, Parallel Sysplex, MVS/ESA, AIX, S/390, AS/400, OS/390, OS/400, iSeries, pSeries, xSeries, zSeries, z/OS, AFP, Intelligent Miner, WebSphere, Netfinity, Tivoli, and Informix are trademarks or registered trademarks of IBM Corporation in the United States and/or other countries.Oracle is a registered trademark of Oracle Corporation.UNIX, X/Open, OSF/1, and Motif are registered trademarks of the Open Group.Citrix, ICA, Program Neighborhood, MetaFrame, WinFrame, VideoFrame, and MultiWin are trademarks or registered trademarks of Citrix Systems, Inc.HTML, XML, XHTML and W3C are trademarks or registered trademarks of W3C®, World Wide Web Consortium, Massachusetts Institute of Technology. Java is a registered trademark of Sun Microsystems, Inc.JavaScript is a registered trademark of Sun Microsystems, Inc., used under license for technology invented and implemented by Netscape. MaxDB is a trademark of MySQL AB, Sweden.SAP, R/3, mySAP, mySAP.com, xApps, xApp, SAP NetWeaver and other SAP products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of SAP AG in Germany and in several other countries all over the world. All other product and service names mentioned are the trademarks of their respective companies. Data contained in this document serves informational purposes only. National product specifications may vary.Development section content contributed by Matthew Parker, SAP America

The information in this document is proprietary to SAP. No part of this document may be reproduced, copied, or transmitted in any form or for any purpose without the express prior written permission of SAP AG.This document is a preliminary version and not subject to your license agreement or any other agreement with SAP. This document contains only intended strategies, developments, and functionalities of the SAP® product and is not intended to be binding upon SAP to any particular course of business, product strategy, and/or development. Please note that this document is subject to change and may be changed by SAP at any time without notice.SAP assumes no responsibility for errors or omissions in this document. SAP does not warrant the accuracy or completeness of the information, text, graphics, links, or other items contained within this material. This document is provided without a warranty of any kind, either express or implied, including but not limited to the implied warranties of merchantability, fitness for a particular purpose, or non-infringement.SAP shall have no liability for damages of any kind including without limitation direct, special, indirect, or consequential damages that may result from the use of these materials. This limitation shall not apply in cases of intent or gross negligence.The statutory liability for personal injury and defective products is not affected. SAP has no control over the information that you may access through the use of hot links contained in these materials and does not endorse your use of third-party Web pages nor provide any warranty whatsoever relating to third-party Web pages.

User Access via the Access Control Engine (ACE) in mySAP CRM · ©SAP AG 2005, SAP TechEd ’05 /...

Documents

New Functionality of SAP Patient Management 4.63 Katharina Drouin mySAP Healthcare

mySAP™ ERP FINANCIALS - Hoffman Marketing … · With the mySAP ERP solution, SAP has evolved its vision of increasing efficiency ... nal control-process steps •Simplify bank

Thomas Salomon SAP AG Session Code: 3502 mySAP PLM EH&S Status

Enabling Full-Text Search for Business Objects in …...SDN Contribution Enabling Full-Text Search for Business Objects in mySAP ERP Applies to: SAP NetWeaver 2004s, mySAP ERP 2005

SAP v Diageoinjunction requiring Diageo to permit SAP reasonable access to the mySAP ERP software so as to verify usage by Diageo and for an account of any additional licence and maintenance

MySAP Training for Finance Content: SAP System Architecture SAP Enterprise Model: SD SAP Navigation Customer Master Data (Payment Terms) Credit

mySAP ERP - BIUshnaidh/zooloo/erp/mySAP_ERP_Solution... · mySAP ERP SAP NetWeaver ... Warehouse Management Inbound and Outbound Logistics Transportation Management ... Global Trade

mySAP Enterprise Portal -SAP EP 6.0 Technology- Enterprise Portal-SAP EP 6.0 Technology- ... Basic Portal Building Blocks Basic SAP J2EE ... Overview SAP Enterprise Portal 6.0 offersone

Oracle Service Bus - MySAP adapter synchronous events with SAP … · OracleAS MySAP adapter synchronous events with SAP R/3 Page 3 In the case of synchronous events with SAP R/3,

SAP CRM 4.0 & mySAP CRM Edition 2004: Learning …sapidp/... · gfedc mySAP CRM Powered by SAP NetWeaver (BBP for SAP CRM 4.0) SAP Library (HTM) Use this link to the SAP Library to

The Philosophy Behind the mySAP Framework - Project Rescue for SAP…logosworld.com/www5/mySap/PDF/Book_02.pdf · The mySAP Revolution ... 2.1 SAP R/3 Java Connector jCO,.....8 10

Research Cluster in SAP Research Data Management and … · 2014-07-29 · SAP, R/3, mySAP, mySAP.com, xApps, xApp, SAP NetWeaver und weitere im Text erwähnte SAP-Produkte und -Dienstleistungen

MySAP SCM for Healthcare Marko Sommer SAP AG. SAP AG 2002, Public Services Sales & Partner Summit b4_sommer 2 Agenda Overview Healthcare Logistic

(2) SAP How to Migrate From SAP Business One to MySAP

Some thing about mySAP ERP SAP AG Some thing about mySAP ERP SAP AG

Manage Supply Network Planning in MySAP SCM SAP APO (PDF)

Mastering HR Management with SAP - iProCon · PDF fileMastering HR Management with SAP ... 2 Overview of mySAP ERP HCM 19 ... 2.2 The Elements of mySAP ERP HCM and SAP R/3 HR

SAP Learning Solution - MySAP ERP - HCM

Performance and Scalability of mySAP Business Solutions Bernd F. Lober SAP AG

Mysap Erp 2005 Faq for Sap r 3 Customers