SAP BASIS JAVA SAP NetWeaver 7.

Sr.no Topic Pg.no

1 SAP NetWeaver Application Server Architecture

2 Memory Management in AS ABAP

3 SAP START / STOP

4 SAP Profiles
5 Trouble shooting SAP System

6 Operation Modes
7 SAP ABAP User Administration
8 Authorization Concept

9 System Logon and Logon Groups

10 RFC Connection

1|Page
 SAP BASIS JAVA SAP NetWeaver 7.1

1) SAP NetWeaver Application Server Architecture

a) SAP ABAP + JAVA:

i) AS ABAP: The AS ABAP provides the complete technology and
infrastructure to run ABAP applications.
ii) AS Java: The Application Server Java provides a Java 2 Enterprise
Edition (Java EE) 1.6 compliant environment for developing and
running Java EE programs.
iii) Web Server or Web Client:
(1) SAP NetWeaver AS can act both as a Web server and as a Web
client.
(2) In its Web server role SAP NetWeaver AS can act both as a Web
server and as a Web client.
(3) In its Web server role, it can accept HTTP requests from any Web
client (for example, a browser), process the requests, and send a
response back to the client.
(4) If you use SAP NetWeaver Application Server as a client, you can
create HTTP requests in an application program, and send these
requests to a Web server.

2|Page
 SAP BASIS JAVA SAP NetWeaver 7.1

(5) The client then receives the responses and proceeds on the basis of
the responses.
(6) In both cases statefull (state retained in the user context) and stateless
requests can be processed.

3|Page
 SAP BASIS JAVA SAP NetWeaver 7.1

b) Architecture :

c) Technical Components :
i) An SAP system consists of several application server instances, as
well as one or more databases.
ii) In addition to multiple dialog instances users choose to execute, there
is a central instance that contains the message server and the
enqueue server. The SCS (System Central Services) for the AS JAVA, the
ASCS (ABAP System Central Services). It cannot process any dialog requests.
iii) Message Server: Only one message server can run in each SAP
system. It performs the following tasks in the SAP system:
(1) Central communication channel between the individual application
servers (instances) of the system
(2) Load distribution of logons using SAP GUI and RFC with logon
groups
(3) Information point for the Web Dispatcher and the application servers
(each application server of the system firsts logs on to the message
server)

4|Page
 SAP BASIS JAVA SAP NetWeaver 7.1

(4) When an instance is started, the dispatcher process contacts the

message server so that it can announce the services it provides (DIA,
BTC, SPO, UPD, and so on).
(5) If the connection setup to the message server fails, an entry is made
in the system log (syslog).
(6) To monitor the message server, you can use the message server
monitor (transaction SMMS)
iv) Enqueue Server: used for lock administration.
(1) The applications can lock objects and release locks again. The
Enqueue Service processes these requests and manages the lock table
with the existing locks. Server. (Read types of lock)
v) A dialog instance with AS ABAP and AS Java consists of the
following components:
(1) The Internet Communication Manager (ICM) sets up the
connection to the Internet. It can process both server and client Web
requests. It supports HTTP, HTTPS and SMTP protocols for the AS
ABAP.
(2) In AS Java the ICM supports the HTTP(S), P4, IIOP and Telnet
protocols.
vi) AS ABAP components :
(1) The dispatcher distributes the requests to the work processes. If all the processes
are occupied, the requests are stored in the dispatcher queue.
(2) The work processes execute ABAP or Java programs.
(3) The SAP Gateway provides the RFC interface between the SAP instances (within
an SAP system and beyond system boundaries).
vii) AS Java components:
(1) The Server Processes execute Java requests.
(2) The instance controller controls and monitors the life cycle of the AS Java
instance.
viii) Minimum AS Java Cluster: A minimum AS Java cluster installation
consists of a central services instance, one Java instance with one
server process, and a database.
*****************************************************************************************************

5|Page
 SAP BASIS JAVA SAP NetWeaver 7.1

1) SAP NETWEAVER Administration

a) Operation Management :
i) Identity Management
(1) Administration of Users, Groups, and Roles
(2) Managing Users, Groups, and Roles
(3) Assigning Principals to Roles or Groups
(4) Locking or Unlocking Users
(5) Password Management
(6) Approving or Rejecting Users
(7) Moving a User to Another Company
Concepts :
(i) Default Groups
1. The following default groups are determined dynamically at
runtime. They are not defined in the user data source.
2. Everyone: This group is the sum of the groups Anonymous
Users and Authenticated Users.
3. Anonymous Users: This group contains all named
anonymous users that are listed in the user management
engine (UME) property ume.login.guest_user.uniqueids.
4. Authenticated Users: This group contains all non-
anonymous users, that is, users who must authenticate
themselves to access an application.
(ii) User Profile: The user profile is the set of user data that
administrators (and sometimes business users) can display and
modify. It includes attributes such as name, e-mail address, and
language.
(iii) Self-Registration: Self-registration means that new users
can register themselves at logon
(iv) Users types:

User Type Description

Default Used for regular generic users. Users of this type have the following
Users characteristics:

6|Page
 SAP BASIS JAVA SAP NetWeaver 7.1

Can log on to the AS Java by providing authentication credentials

interactively or with SSO.
Normal password rules apply, for example the users password can
expire or the password must be changed after initial logon.
Created by administrators, during self-registration, or read
from external UME data sources. The administrator and guest users
are created automatically during installation.
UME maps (A) Dialog users from the AS ABAP data source to this
type.
Well known users of this type include: administrator, guest.
Technical Used for system to system communication. Users of this type have the
Users following chara cteristics:
Can be used to log on to the AS Java.
Password does not expire.
Some created automatically, some by user admin.
UME maps (B) System users from the AS ABAP data source to this
type.
Well known users of this type include: SAPJSF.

Although SAPJSF is a technical user, you cannot log on to the AS Java

with it for security reasons. For more information, see SAP NetWeaver
AS ABAP User Management as Data Source.
Internal Used to perform internal operations.
Service Cannot be used to log on.
Users Usually do not have passwords.
Normally created automatically.
Users exist only in the Java database, does not map to other
data sources.
Type cannot be changed.
Well known standard users of this type include: config_fwk_service,
ume_service
Unknown This type cannot be created from the UME and exists only as mapped
Users from an AS ABAP data source.
UME maps to this type AS ABAP users of type (C) Communication,
(S) Service, and (L) Reference.
Unknown users of this type have the same characteristics as Default
users.
Can be used to log on.

7|Page
 SAP BASIS JAVA SAP NetWeaver 7.1

Normal password rules apply.

(8) AS Java Standard Users:

Type of User User Description

Administrator Administrator
user This user has unlimited administrative permissions over the AS Java.

We recommend that you use strong password and auditing policies for
this user.
Guest user Guest
This user is also used for anonymous access to the AS Java. By
default, this user is locked.
Technical user DB user is specified during installation. Example:
SAP<SID>DB
The AS Java also uses this user for DB connectivity when you
configure the UME with the DB.
In addition to the above standard users, a default AS Java installation can also
contain the following technical user:

User Description
ADSuser Used for communication between the AS Java and the Adobe Document
Services (ADS). This user is created in the AS Java or in the AS ABAP
depending on the user store installation settings. For more information, see the
Adobe Config Guide in the ADS Documentation and SAP Interactive Forms
by Adobe Security Guide in the SAP NetWeaver Security Guide.

(9) Standard User Groups

Name Description

You can Contains all the users that have unrestricted

determine the administrative privileges on the AS Java.
name during
8|Page
 SAP BASIS JAVA SAP NetWeaver 7.1

installation. The Users in this group have permissions to

default name manage all other users (including other
offered users with administrative privileges) as
is: Administrators well as other security settings. No other
users can perform user maintenance and
security administration tasks.

You can Contains authenticated users with limited

determine the authorizations. Such users have limited
name during system access or have registered
installation. The asCompany users in UME and are pending
default name approval.
offered is: Guests Initially contains only the standard guest
user (Default name: Guest).

Authenticated Contains all non-anonymous users, that is,

Users users that have to authenticate themselves
on the AS Java. This group is a built-in
group, whose members are determined at
runtime.

Anonymous Contains the guest user that are listed in

Users theume.login.guest_user.uniqueids property
in the UME properties. This group is a
built-in group, whose members are
determined at runtime.

Everyone (or all) Contains all the users and groups on the
server. This group is a built-in group,
whose members are determined at runtime.

(10) Important Task :

Creating a Technical User :
Procedure
(i) Start identity management.
(ii) In the Search view, choose User
9|Page
 SAP BASIS JAVA SAP NetWeaver 7.1

(iii) Choose Create User.

(iv) Set Security Policy to Technical User.
(v) Choose Save.

Activating the Emergency User:

(i) Activate the SAP* user:
(ii) Start the config tool for editing user management engine
(UME) properties as described in Editing UME Properties.
Property Value Comment
ume.superadmin.activated true This activates the SAP* user.
ume.superadmin.password <password> Enter any password of your choice. This defines the password for the
SAP* user.

(iii) Restart the AS Java.

(iv) The SAP* user is now activated. While it is activated, all
other users are deactivated. You can only log on with the SAP*
user.
(v) Fix your configuration as required, logging on with the user ID
SAP*and the password you specified.
(vi) When you have fixed your configuration, deactivate the
SAP* user again.
(vii) Start the config tool for editing UME properties.
(viii) Set the property ume.superadmin.activated to false.
(ix) Restart the AS Java.

ii) Java Archiving Cockpit

(1) You can call the Java Archiving Cockpit in the NWA in the following
manners:
Choose Operations Management Data and Databases then Java
Archiving Cockpit
/nwa/archcockpit
(2) Purpose: The Java Archiving Cockpit is the central user interface (UI)
for the administration of archiving sessions created by an application
running in an Application System Java (AS Java).

10 | P a g e
 SAP BASIS JAVA SAP NetWeaver 7.1

(3) The Java Archiving Cockpit offers functions for manually starting, or
scheduling, the write and delete phases, and for configuring the
properties of archiving sets.
(4) It also contains an archiving monitor for checking the progress and
state of archiving sessions.

iii) JAVA Scheduler

(1) To start SAP NetWeaver Scheduler for Java, in the SAP NetWeaver
Administrator, choose Operation Management Jobs Java
Scheduler.
(2) This UI provides the user interface to the SAP NetWeaver Scheduler
for Java.
(3) You can schedule and keep track of the automated execution of tasks
running in the background.
(4) You can access this function with the quick link: /nwa/scheduler
(5) Viewing Jobs
You can view a portion of 500 jobs carried out by the defined job
tasks.
For each job, you also see the following information:
(i)

11 | P a g e
 SAP BASIS JAVA SAP NetWeaver 7.1

The Info tab contains the following general information

The Parameters tab contains the following information

12 | P a g e
 SAP BASIS JAVA SAP NetWeaver 7.1

The Log tab contains the logs which the job produced during
execution. You can view the log message, its severity, and time
stamp.
b) Start & Stop
i) Allows you to start, stop, and restart the available Java instances, services
that are not core, and the deployed AS Java applications.
ii) You can access this function with the quick link: /nwa/start-stop.
(1) Starting and Stopping Java Instances
(2) Starting and Stopping AS Java Services
(3) Starting and Stopping Java Applications

c) XML DAS Administration

i) Functions for administering the XML Data Archiving Service (XML
DAS).
ii) You can define and test the archive stores, synchronize the home paths
between application systems and XML DAS, and assign home paths to
archive stores.
iii) You can access this function with the quick link: /nwa/xmldas

2) Configuration Management
a) Authentication
i) You can access this function with the quick link: /nwa/auth.
ii) Allows you to choose the required authentication mechanism for your
applications

13 | P a g e
 SAP BASIS JAVA SAP NetWeaver 7.1

b) Destinations
i) You can use the destination service to specify the remote services
address and the user authentication information for remote connections.
ii) You can access this function with the quick link: /nwa/destinations.
iii) Applications or services can establish connections to other services.
iv) When using such connections, you need to specify the remote services
address and the user authentication information to use for the connection
(1) RFC Connection Procedure
Configuration Management Security Management. Choose
Destinations
To create a new destination, choose Create
Enter the following information in the corresponding fields:
(i) Hosting system: <system where the destination is located>
(ii) Destination Name: <Name>
(iii) Destination Type: RFC
c) JCo RFC Destinations
i) The RFC is an SAP interface protocol
ii) The RFCs enable you to call and execute predefined functions in a
remote system, or in the same system.
iii) In the AS Java the RFC functions are implemented by the RFC Engine
service, which is presented in the SAP NetWeaver Administrator under
the name JCo RFC Destinations.
iv) This service is used for processing ABAP to Java requests.
v) This is done by registering the AS Java as an RFC destination.

14 | P a g e