Question:
Alright Gurus I need your help on this one.
We are in the process of designing security for SAP's new application, Mobile Engine (maybe some of you have worked with it and/or know about it). The Mobile application utilizes Net Weaver (Web AS) as the middleware and standard r/3 4.7 on the backend. The end result is to use RF handhelds in the field which communicate with the middleware and back to R/3. Pretty straight forward stuff, conceptually.
The situation is this. The user is merely trying to update and work order (iw32). On the backend he has the authority to update the order -no problem. Once he gets to the web interface he encounters an authorization failure. The mobile web interface does not support any type of conventional authorization analysis -su53, st01, audit logs. It only says you are not authorized. I've exhausted every option that I could think of with no success. Can anyone provide any fresh ideas??
Answer:
It's been a very long time since I have done this but I did have problems with RFC auths for a bit.
Otherwise you could start with a load of BASIS objects & whittle it down - takes a long time but can be quicker than trawling through different lots of code etc
Answer:
You can RFC trace it. There is a param for setting the level but I can't remember the name.
External debugging also works, depending on another param and temporary authority assigned which I also can't remember.
Sorry.
Tarr