Closed smushkam closed 8 months ago
Hello @smushkam,
use actual users SNC name from SU01 transaction for authentication through SNC?
yes, actual ABAP users can be also authenticated via SNC and pyrfc. In SNC scenario only user PSE client certificate is sent from Python to ABAP system and the ABAP system must be able to determine the ABAP user ("from SU01 transaction") based on user client PSE. Mapping of user PSE to ABAP user must be therefore configured in ABAP system. Using EXTID_DN
transaction it can be done for each ABAP user, "one by one". It is unpractical in scenarios with many users and rule based certificate mapping can be used instead, using CERTRULE
transaction.
Which ABAP system release are you using ? WebSocket RFC might be an option in your scenario ?
Hi @bsrdjan ,
In SNC scenario only user PSE client certificate is sent from Python to ABAP system
With SAP Cryptolib, is it possible to specify a specific PSE to be used by pyRfc / nwsdk?
Hi @bsrdjan - Could you please help with below?
I understand that pyrfc client need to be setup as a trusted system in all the sap systems and have a user id created with SNC partner name associated with pyrfc client certificate and use the configured user's SNC partner name in pyrfc connection parameters for achieving encryption + authentication using SAP crypto lib
can we achieve this not just for pyrfc client related user which is setup in SAP systems but use actual users SNC name from SU01 transaction for authentication through SNC? if so could you please let me know the details around this