Network & Communication Security
In SAP SRM, data exchange occurs with HTTPS connection using SSL encryption that is used to protect data from unauthorized access. SSL stands for Secure Socket Layer. While performing secure network and communication in SAP system, the following points can be considered −
- Network topology of SAP system
- Firewall configuration
- Transport layer security
- Using multiple network zones
In SAP SRM system, all the components that use HTTP protocol support encryption of data using SSL protocol and as per the protocol data are transferred. The components include confidential data like system password, etc. As per data transfer and protocol, you can also apply transport level security.
SSL can be used to increase the security between business systems and adapters, business system and integration server.
| Destination |
Delivered |
Type |
| SAP ERP (Classic Scenario) |
No |
RFCs and SOA Services |
| SAP ERP (Extended Classic Scenario) |
No |
RFCs and IDocs |
| SAP Customer Relationship Management (SAP CRM) |
No |
RFCs and SOA Services |
| Collaboration Projects (cPro) |
No |
XML communication using SAP NetWeaver Process Integration (SAP NetWeaver PI) (Web services) |
| CFolders |
No |
RFCs |
This shows the system and components and relevant communication destinations for the SAP SRM system.
To communicate with external systems, you need to activate the following services in SAP SRM system −
- /sap/bc/webdynpro/sapsrm
- /sap/bc/srm
- /sap/bc/bsp/sapsrm
- /sap/sapsrm/
- /default_host/sap/bc/srm
- /default_host/sap/bc/webdynpro/sapsrm
- /default_host/sap/bc/bsp/sapsrm
To use NetWeaver Business client for SRM, you need to activate the following −
- /default_host/sap/bc/nwbc/srm
To use Live Auction cockpit, you need to activate the following −
To activate these services, use T-code — SICF
In Hierarchy type, select service and click on Execute button. In the next window, you can maintain service. Select the required ICF service in the ICF tree in transaction SICF.
Activate the ICF service in one of the following ways −
- Using menu option Service/Host → Activate
- Using the context menu and choosing Activate Service
Default_host node is inactive in transaction SICF; the HTTP requests could result in ABAP runtime error RAISE_EXCEPTION with the following short text −
Exception condition "HOST_INACTIVE" triggered.
If a service is inactive in transaction SICF, an error text appears when you try to access the service.
To support internet protocols HTTP, HTTPS and SMTP — /default_host/sap/public/icman is activated in transaction.
This service is used to decide how HTTP requests are distributed.
Other Internal Services in SAP
Let us now understand the other internal services in SAP −
default_host/sap/bc/echo
This is used to provide information about the logon procedure in use, header and form fields and the SSO cookie generated for the processed request. This service should be activated only for error analysis.
/default_host/sap/bc/error
This service creates some error situations in the system and should only be activated for error analysis. To activate/deactivate service, you have to right-click on service.
