sap ag 2001, title of presentation, speaker name 1 thomas ryan product manager sap markets sap...
Post on 25-Dec-2015
248 Views
Preview:
TRANSCRIPT
SAP AG 2001, Title of Presentation, Speaker Name 1
Thomas Ryan Product Manager
SAP Markets
SAP Internet Transaction Server
SAP AG 2001, Title of Presentation, Speaker Name 2
Agenda
Introduction11
Architecture22
ITS Programming Models33
Scalability44
Security and Single Sign-On55
ITS Platforms66
More Information77
SAP AG 2001, Title of Presentation, Speaker Name 3
What is an Internet Application?
SAP Application Internet Application
Powerful, but complex (built to handle all possible
situations)
Powerful, but complex (built to handle all possible
situations)Simple!Simple!
Designed for the professional user
Designed for the professional user
Designed to be used by everyone
(large number of users)
Designed to be used by everyone
(large number of users)
Requires a trained userRequires a trained user No user training requiredNo user training required
Take advantage of Internet technology and multimediaTake advantage of Internet technology and multimedia
SAP AG 2001, Title of Presentation, Speaker Name 4
SAP R/3 and the Web: The Task
Intranet
Browser
Browser
GUI
PC
PC
InternetWeb Server
Browser
Browser
Browser
ITS
Firewall
SAP System
SAP AG 2001, Title of Presentation, Speaker Name 5
SAP R/3 and the Web: The Solution
Intranet
Browser
Browser
GUI
PC
PC
InternetWeb Server
Browser
Browser
Browser
ITS
Firewall
SAP System
SAP AG 2001, Title of Presentation, Speaker Name 6
SAP Internet Transaction Server
Extends the reach of SAP systems into the Web by mapping SAP screens to HTML, WML, or similar Web formats
Drives transactions within the SAP system or calls function modules from SAP
Application server sees a SAP GUI
Separation of business logic and visual appearance
Supported through release upgrades
SAP AG 2001, Title of Presentation, Speaker Name 7
SAP System
How to Offer a Service on the Web?
Web Server
AGateWGate
Service Files•Service description•HTML Templates•Language Resource Files•Flow Files
ITS
MIME Files•Images•Videos•Sound•...
Application•ABAP•Dynpro Screens•Customization
Browser
Inside SAP R/3Business Logic
Outside SAP R/3HTML Visualization
SAP@WebStudio or
ABAP Workbench
SAP@WebStudio or
ABAP Workbench
ABAP Workbench
SAP AG 2001, Title of Presentation, Speaker Name 8
Agenda
Introduction11
Architecture22
ITS Programming Models33
Scalability44
Security and Single Sign-On55
ITS Platforms66
More Information77
SAP AG 2001, Title of Presentation, Speaker Name 9
Components and Interfaces
WG
ate
AG
ate
TCP/IP
NSAPIISAPI
DIAG
ITSITS
RFC
CGI
ApacheModule
SAP AG 2001, Title of Presentation, Speaker Name 10
WGate and AGate
WGate
Encapsulates the various supported HTTP server interfaces such as
CGI (Common Gateway Interface)
NSAPI (Netscape Server Application Programming Interface)
ISAPI (Internet Server Application Programming Interface)
In a transparent manner Passes the requested data to the
AGate component Receives the HTML pages from
AGate in a secure way
AGate
Is the main component of ITS Is responsible for session
management including Mapping of SAP R/3 screens
or function modules to HTML Web session timeout
handling SAP R/3 connection
management Generation of HTML
documents
SAP AG 2001, Title of Presentation, Speaker Name 11
SAP R/3 InternetApplication Component
SAP R/3 InternetApplication Component
BAPIBAPI
SAP R/3 DataSAP R/3 Data
SAP System
AGate
Architecture – ITS
Browser
WGate
Web Server
User RequestUser RequestSend Prepared
RequestSend Prepared
Request
R/3 InputR/3 Input
R/3 OutputR/3 Output
HTML PageHTML Page
Call WGateCall WGate
Load Service File
Load Service File
Load HTML Template or Style
Load HTML Template or Style
HTMLTemplates
Styles
HTML PageHTML Page
SAP AG 2001, Title of Presentation, Speaker Name 12
Installation Methods
Single Host Installation WGate and AGate are
installed on the same physical server
Scope Intranet
Dual Host Installation WGate and AGate are
installed on different physical servers
Scope Security (firewalls) High availability/
Load balancing
AGateWGateWebserver
WGateWebserverAGate
SAP AG 2001, Title of Presentation, Speaker Name 13
Virtual HTTP Servers enable several complete ITS instances to be installed on one physical server
Virtual ITS
VirtualWeb Servers
ITSCON
ITSPRD
Central ITS Server
ITSDEV
ITS
SAP AG 2001, Title of Presentation, Speaker Name 14
Web Server
Virtual ITS Instances
ITSQAS
ITSPRD
Central ITS Server
ITSDEV
SAP R/3 DevelopmentDEV
SAP R/3 ConsolidationQAS
SAP R/3 ProductionPRD
TransportIAC
CustomizingTemplates
TransportIAC
CustomizingTemplates
ITS
SAP AG 2001, Title of Presentation, Speaker Name 15
Agenda
Introduction11
Architecture22
ITS Programming Models33
Scalability44
Security and Single Sign-On55
ITS Platforms66
More Information77
SAP AG 2001, Title of Presentation, Speaker Name 16
Web Server
R/3 based dialog flow Non-SAP R/3- based dialog flow
IACs*
HTML Templates
HTML Functions
FlowLogic
Flow Files
HTML Functions
HTML Templates
SAP GUI for HTML
(implicit) HTML Functions
Different Programming Models
Growing learning effort, more features
Browser
ITS
SAP System
*IAC: Internet Application Component
SAP AG 2001, Title of Presentation, Speaker Name 17
Business logic and dialog flow reside in SAP R/3 (system)
Presentation layer is strictly separated and resides on ITS
Communication between ITS and application is carried out via data fields on SAP screens
ITS places the data field content into the HTML template and creates a complete HTML page
HTML page is sent to the Web browser (via Web server)
HTML templates reside outside SAP but are included in SAP Source Control
SAP@Web Studio supports development of HTMLtemplates
SAP R/3-Based Dialog Applications
SAP AG 2001, Title of Presentation, Speaker Name 18
or
SAP Screens Correspond to HTML Pages
with HTMLtemplate
without HTMLtemplate
ITS provides the mapping
SAP AG 2001, Title of Presentation, Speaker Name 19
SAP GUI for HTML maps SAP screens to HTML files
Simple, SAP R/3 screen-based layoutLimited graphical layout mechanisms can be used via HTML styles technique (for example, font, font size, or background color)
1:1 mapping from SAP screen fields (for example, text or input fields) to SAP GUI for HTML fields
No special techniques applicableFor example, dynamic help texts that open on mouse-click or mouse-over
No development effort
HTML templates allow a different look and feel for a Web
application
Flexible layoutTemplate and MIME usage allow arbitrary layout techniques
Flexible field mapping Fields with default values can be hidden from the Web page
Special functionality can be implementedPull-down help texts, for example
Additional development effort HTML templates need to be designed and published, additional functions need to be implemented
SAP Screens vs. HTML Template Usage
SAP AG 2001, Title of Presentation, Speaker Name 20
Screen 3000Screen 1000
ITSHTML Template 1000
HTML Template 3000
Web page 3000
Web page 1000
Mapping R/3 screens to Web pages
SAP AG 2001, Title of Presentation, Speaker Name 21
ITS Flow Logic
Separation of: Business logic, Presentation logic Dialog flow logic
Modeling the dialog flow as a network of states
Population of HTML templates with data
Handling of user interface events Events can trigger state transitions States can trigger data-providing module
Bottom LineAllows you more flexibility with look and feel of your
Internet applications without ever changing the business logic
SAP AG 2001, Title of Presentation, Speaker Name 22
Agenda
Introduction11
Architecture22
ITS Programming Models33
Scalability44
Security and Single Sign-On55
ITS Platforms66
More Information77
SAP AG 2001, Title of Presentation, Speaker Name 23
ITS Benefits From SAP R/3 Scalability
Efficient transaction management Multiple work processes Load balancing
Database buffering Database tables (material master and sales text, for examples) can be
buffered on application server to achieve fast access to data
SAP R/3 can handle thousands of dialog users
SAP AG 2001, Title of Presentation, Speaker Name 24
ITS Performance and Scalability
Lightweight multithreaded implementation
Compilation and caching of HTML templates
Separation of WGate and AGate
Achievements: Large number of concurrent users Efficient interface to SAP
Four-tier architecture of Internet-enabled SAPoffers maximum flexibility in terms of scalability
ITS as a dedicated SAP solution, provides highly optimized access to SAP application servers
SAP AG 2001, Title of Presentation, Speaker Name 25
Pool of Workthreads Session Pool
Dispatcher
R/3In Port
AGate
Workthread/Session Model
SAP System
SAP AG 2001, Title of Presentation, Speaker Name 26
Web Server/ITS Scalability
AGate
One WGate passes requests on to one AGate One AGate can be connected to several Web servers/WGates
WGate
Web ServerBrowser
WGate
Web ServerBrowser
SAP System
SAP AG 2001, Title of Presentation, Speaker Name 27
ITS Scalability
AGate
Several ITSs can be connected to the same SAP R/3 system
WGate
Web ServerBrowser
WGate
Web ServerBrowser
AGate
SAP System
SAP AG 2001, Title of Presentation, Speaker Name 28
ITS – SAP R/3 Scalability
AGate
One ITS can use several application servers of one SAP R/3 system via:
Load balancingSeparate selection of a specific application server
SAP System
WGate
Web ServerBrowser
MessageServer
Appl.Server
SAP AG 2001, Title of Presentation, Speaker Name 29
AGate
AGate
AGate
WGate/AGate Loadbalancing (4.6D)
WGate just passes requests on to AGate AGate does the actual work
Session management HTML page generation Control caching
CPU utilization of AGate is much higher than WGate Fault tolerance for AGate
SAP System
WGate
Web ServerBrowser
SAP AG 2001, Title of Presentation, Speaker Name 30
HTTP Router
AGate
AGate
AGate
HTTP Routing (SAP R/3 4.6D)/High Availability
WGate
Web Server
Browser
WGate
Web Server
SAP AG 2001, Title of Presentation, Speaker Name 31
ITS Watchdog Service
NT or Win2000 service, installed on WGate, has following tasks:
Monitors all ITS instances performingtests periodically
Recognizes ITS instances and their administration URLs and Web servers and registers them within an LDAP directory(optional)
Activates or deactivates all corresponding port rulesdepending on test results (optional)
Initially implemented for Microsoft Network Load Balancing(NLB/ WLBS)
Will also work with other load balancing products
First customer shipment with ITS 4.6DC4
SAP AG 2001, Title of Presentation, Speaker Name 32
How Does ITS Watchdog Work?
ITS Watchdog Service on WGate host periodically calls ITS service ITS_PING through URL http://localhost/scripts/wgate/ITS_PING/!
ITS_PING service flow file calls RFC function RFC_PING
AGate returns HTML page
Watchdog scans this HTML page for specific pattern(“SAP R/3 Status – OK”)
WGate
Web ServerITS Watchdog
AGate
SAP System
RFC
Reply page
SAP AG 2001, Title of Presentation, Speaker Name 33
Agenda
Introduction11
Architecture22
ITS Programming Models33
Scalability44
Security and Single Sign/On55
ITS Platforms66
More Information77
SAP AG 2001, Title of Presentation, Speaker Name 34
Internet Security
Access control Network and file access authorization
Privacy Data encryption
Authentication Clear identification of communication parties
Integrity Secure data transfer without falsification
SAP AG 2001, Title of Presentation, Speaker Name 35
WGateIIS / Netscapeserver
Web Server
AGateBrowser
SAP System
ITS Infrastructure – Security Measures
Firewall
Web access via HTTPS
and SSL
Web access via HTTPS
and SSL
Firewall
Secure network access viaSAP Protocol SNC
(Secure Network Communication)
Secure network access viaSAP Protocol SNC
(Secure Network Communication)
Firewall(optional)
SAP AG 2001, Title of Presentation, Speaker Name 36
ITS Infrastructure – Security Measures
Use different machines to separate AGate and WGate Protect your Web server and AGate Server (NT security) Protect the ITS configuration files (NT security) Use firewalls Use HTTPS
SAP AG 2001, Title of Presentation, Speaker Name 37
Single Sign-On in the mySAP.com Workplace
Client and server certificate ensures encrypted channel using “Secure Sockets Layer (SSL)” Protocol
Initial authentication against Web Server using X.509 user certificate Mapping from certificate to user is done by the workplace server
Further transactions fired from menu use same steps again
2
Table USREXTID maps
Certificate to SAP R/3 UserWork-
placeserver
WorkplaceMiddle-ware
3
1
SAP AG 2001, Title of Presentation, Speaker Name 38
Single Sign-On in the mySAP Workplace
Role-based menu
HTML GUI
Any otherWeb page
Windows GUI
WebRFC
SAP AG 2001, Title of Presentation, Speaker Name 39
Using an X.509 User Certificate
Mechanism protection: Secure key generation and
distribution (registration) Secure storage for private
key Uses the SSL protocol
Usage conditions: Enable HTTPS for all Web servers Provide certificates for all users Import User Certificate into
browser (or connect via Smartcard)
Provide mapping to SAP Userid (use central user maintenance)
SAP AG 2001, Title of Presentation, Speaker Name 40
Security Consulting Services – Info
SAPNethttp://service.sap.com/securityhttp://service.sap.com/SecurityConsulting
SAP AG 2001, Title of Presentation, Speaker Name 41
Agenda
Introduction11
Architecture22
SAP GUI for HTML33
Scalability44
Security & Single Sign On55
ITS Platforms66
More Information77
SAP AG 2001, Title of Presentation, Speaker Name 42
ITS 4.6D Server Platforms
WGate
Microsoft NT 4.0 Server Microsoft Web Server (ISAPI) Netscape Web Server (NSAPI) Apache HTTP Server (Apache
Module) any CGI Web Server (CGI)
Microsoft Windows 2000 Server Microsoft Web Server (ISAPI)
Linux / Intel Apache HTTP Server (Apache
Module)
AGate
Microsoft NT 4.0 Server
Microsoft Windows 2000 Server
SAP@Web Studio
Microsoft NT 4.0 Workstation
Microsoft Windows 2000 Workstation
WGate AGate
SAP AG 2001, Title of Presentation, Speaker Name 43
ITS 4.6D Client Platforms
In general, IE 4.01 or higher is required
Some applications based on ITS might have a different client platform support:
SAP GUI for HTML requires IE 4.01as a minimum Some applications require a higher version of IE
mySAP Workplace Others do support Netscape
support of pre-4.6C applications (IACs, such as ESS, Online Store) is application-dependent
All applications will run on MS Internet Explorer 5.0x or higher on Windows platforms
There are known issues with IE 5.5 which are solved with IE 5.5 SR1.
Recommendation: Use IE 5.5 SR1 or above
SAP AG 2001, Title of Presentation, Speaker Name 44
ITS 6.10 Server Platforms
WGate
Microsoft NT 4.0 Server Microsoft Web Server (ISAPI) Netscape Web Server (NSAPI) Apache HTTP Server (Apache
Module) any CGI Web Server (CGI)
Microsoft Windows 2000 Server Microsoft Web Server (ISAPI)
Linux / Intel Apache HTTP Server (Apache
Module)
AGate
Microsoft NT 4.0 Server
Microsoft Windows 2000 Server
SAP@Web Studio
Microsoft NT 4.0 Workstation
Microsoft Windows 2000 Workstation
WGate AGate
XP (32 and 64 bit) currently under evaluation
SAP AG 2001, Title of Presentation, Speaker Name 45
ITS 6.10 Client Platforms
In general, IE 4.01 or higher is required
Some applications based on ITS might have a different client platform support:
SAP GUI for HTML requires IE 4.01as a minimum Some applications require a higher version of IE
mySAP Workplace Others do support Netscape
support of pre-4.6C applications (IACs, such as ESS, Online Store) is application-dependent
All applications will run on MS Internet Explorer 5.0x or higher on Windows platforms
There are known issues with IE 5.5 which are solved with IE 5.5 SR1.
IE 6.0 (with Windows XP) under evaluation Netscape 6.x (on Windows and Linux platforms) under evaluation
SAP AG 2001, Title of Presentation, Speaker Name 46
Agenda
Introduction11
Architecture22
ITS Programming Models33
Scalability44
Security & Single Sign On55
More Information77
ITS Platforms66
SAP AG 2001, Title of Presentation, Speaker Name 47
Recent Efforts for 4.6D (Compilation 4)
Solution: Frontend Printing
Focus: QA / Provide software which is Stable, highly available (performance, stability) Highly scalable (ITS cluster, Watchdog)
Focus: Enrich administration and monitoring features Administer ITS clusters Add new trace files, make existing trace files better readable
Focus: Improve patch production and application
SAP AG 2001, Title of Presentation, Speaker Name 48
Classroom training: ITS Curriculum
ITS050 (3 Days) SAP Internet Transaction Server: Basics
ITS070 (2 Days) ITS Administration
ITS100 (2 Days) Developing EasyWebTransactions
ITS110 (2 Days) Developing Web Scenarios and Mini-Apps
using ITS Flow Logic
ITS150 (2 Days) Corporate Identity Design
ITS050 ITS110
ITS100BC400
SAP50
ITS150ITS070
and
top related