sap ag 2001, title of presentation, speaker name 1 thomas ryan product manager sap markets sap...

SAP AG 2001, Title of Presentation, Speaker Name 1

Thomas Ryan Product Manager

SAP Markets

SAP Internet Transaction Server


Agenda

Introduction11

Architecture22

ITS Programming Models33

Scalability44

Security and Single Sign-On55

ITS Platforms66

More Information77


What is an Internet Application?

SAP Application Internet Application

Powerful, but complex (built to handle all possible

situations)

Powerful, but complex (built to handle all possible

situations)Simple!Simple!

Designed for the professional user

Designed for the professional user

Designed to be used by everyone

(large number of users)

Designed to be used by everyone

(large number of users)

Requires a trained userRequires a trained user No user training requiredNo user training required

Take advantage of Internet technology and multimediaTake advantage of Internet technology and multimedia


SAP R/3 and the Web: The Task

Intranet

Browser

Browser

GUI

PC

PC

InternetWeb Server

Browser

Browser

Browser

ITS

Firewall

SAP System


SAP R/3 and the Web: The Solution

Intranet

Browser

Browser

GUI

PC

PC

InternetWeb Server

Browser

Browser

Browser

ITS

Firewall

SAP System


SAP Internet Transaction Server

Extends the reach of SAP systems into the Web by mapping SAP screens to HTML, WML, or similar Web formats

Drives transactions within the SAP system or calls function modules from SAP

Application server sees a SAP GUI

Separation of business logic and visual appearance

Supported through release upgrades


SAP System

How to Offer a Service on the Web?

Web Server

AGateWGate

Service Files•Service description•HTML Templates•Language Resource Files•Flow Files

ITS

MIME Files•Images•Videos•Sound•...

Application•ABAP•Dynpro Screens•Customization

Browser

Inside SAP R/3Business Logic

Outside SAP R/3HTML Visualization

SAP@WebStudio or

ABAP Workbench

SAP@WebStudio or

ABAP Workbench

ABAP Workbench


Agenda

Introduction11

Architecture22


Scalability44


ITS Platforms66

More Information77


Components and Interfaces

WG

ate

AG

ate

TCP/IP

NSAPIISAPI

DIAG

ITSITS

RFC

CGI

ApacheModule


WGate and AGate

WGate

Encapsulates the various supported HTTP server interfaces such as

CGI (Common Gateway Interface)

NSAPI (Netscape Server Application Programming Interface)

ISAPI (Internet Server Application Programming Interface)

In a transparent manner Passes the requested data to the

AGate component Receives the HTML pages from

AGate in a secure way

AGate

Is the main component of ITS Is responsible for session

management including Mapping of SAP R/3 screens

or function modules to HTML Web session timeout

handling SAP R/3 connection

management Generation of HTML

documents


SAP R/3 InternetApplication Component

SAP R/3 InternetApplication Component

BAPIBAPI

SAP R/3 DataSAP R/3 Data

SAP System

AGate

Architecture – ITS

Browser

WGate

Web Server

User RequestUser RequestSend Prepared

RequestSend Prepared

Request

R/3 InputR/3 Input

R/3 OutputR/3 Output

HTML PageHTML Page

Call WGateCall WGate

Load Service File

Load Service File

Load HTML Template or Style

Load HTML Template or Style

HTMLTemplates

Styles

HTML PageHTML Page


Installation Methods

Single Host Installation WGate and AGate are

installed on the same physical server

Scope Intranet

Dual Host Installation WGate and AGate are

installed on different physical servers

Scope Security (firewalls) High availability/

Load balancing

AGateWGateWebserver

WGateWebserverAGate


Virtual HTTP Servers enable several complete ITS instances to be installed on one physical server

Virtual ITS

VirtualWeb Servers

ITSCON

ITSPRD

Central ITS Server

ITSDEV

ITS


Web Server

Virtual ITS Instances

ITSQAS

ITSPRD

Central ITS Server

ITSDEV

SAP R/3 DevelopmentDEV

SAP R/3 ConsolidationQAS

SAP R/3 ProductionPRD

TransportIAC

CustomizingTemplates

TransportIAC

CustomizingTemplates

ITS


Agenda

Introduction11

Architecture22


Scalability44


ITS Platforms66

More Information77


Web Server

R/3 based dialog flow Non-SAP R/3- based dialog flow

IACs*

HTML Templates

HTML Functions

FlowLogic

Flow Files

HTML Functions

HTML Templates

SAP GUI for HTML

(implicit) HTML Functions

Different Programming Models

Growing learning effort, more features

Browser

ITS

SAP System

*IAC: Internet Application Component


Business logic and dialog flow reside in SAP R/3 (system)

Presentation layer is strictly separated and resides on ITS

Communication between ITS and application is carried out via data fields on SAP screens

ITS places the data field content into the HTML template and creates a complete HTML page

HTML page is sent to the Web browser (via Web server)

HTML templates reside outside SAP but are included in SAP Source Control

SAP@Web Studio supports development of HTMLtemplates

SAP R/3-Based Dialog Applications


or

SAP Screens Correspond to HTML Pages

with HTMLtemplate

without HTMLtemplate

ITS provides the mapping


SAP GUI for HTML maps SAP screens to HTML files

Simple, SAP R/3 screen-based layoutLimited graphical layout mechanisms can be used via HTML styles technique (for example, font, font size, or background color)

1:1 mapping from SAP screen fields (for example, text or input fields) to SAP GUI for HTML fields

No special techniques applicableFor example, dynamic help texts that open on mouse-click or mouse-over

No development effort

HTML templates allow a different look and feel for a Web

application

Flexible layoutTemplate and MIME usage allow arbitrary layout techniques

Flexible field mapping Fields with default values can be hidden from the Web page

Special functionality can be implementedPull-down help texts, for example

Additional development effort HTML templates need to be designed and published, additional functions need to be implemented

SAP Screens vs. HTML Template Usage


Screen 3000Screen 1000

ITSHTML Template 1000

HTML Template 3000

Web page 3000

Web page 1000

Mapping R/3 screens to Web pages


ITS Flow Logic

Separation of: Business logic, Presentation logic Dialog flow logic

Modeling the dialog flow as a network of states

Population of HTML templates with data

Handling of user interface events Events can trigger state transitions States can trigger data-providing module

Bottom LineAllows you more flexibility with look and feel of your

Internet applications without ever changing the business logic


Agenda

Introduction11

Architecture22


Scalability44


ITS Platforms66

More Information77


ITS Benefits From SAP R/3 Scalability

Efficient transaction management Multiple work processes Load balancing

Database buffering Database tables (material master and sales text, for examples) can be

buffered on application server to achieve fast access to data

SAP R/3 can handle thousands of dialog users


ITS Performance and Scalability

Lightweight multithreaded implementation

Compilation and caching of HTML templates

Separation of WGate and AGate

Achievements: Large number of concurrent users Efficient interface to SAP

Four-tier architecture of Internet-enabled SAPoffers maximum flexibility in terms of scalability

ITS as a dedicated SAP solution, provides highly optimized access to SAP application servers


Pool of Workthreads Session Pool

Dispatcher

R/3In Port

AGate

Workthread/Session Model

SAP System


Web Server/ITS Scalability

AGate

One WGate passes requests on to one AGate One AGate can be connected to several Web servers/WGates

WGate

Web ServerBrowser

WGate

Web ServerBrowser

SAP System


ITS Scalability

AGate

Several ITSs can be connected to the same SAP R/3 system

WGate

Web ServerBrowser

WGate

Web ServerBrowser

AGate

SAP System


ITS – SAP R/3 Scalability

AGate

One ITS can use several application servers of one SAP R/3 system via:

Load balancingSeparate selection of a specific application server

SAP System

WGate

Web ServerBrowser

MessageServer

Appl.Server


AGate

AGate

AGate

WGate/AGate Loadbalancing (4.6D)

WGate just passes requests on to AGate AGate does the actual work

Session management HTML page generation Control caching

CPU utilization of AGate is much higher than WGate Fault tolerance for AGate

SAP System

WGate

Web ServerBrowser


HTTP Router

AGate

AGate

AGate

HTTP Routing (SAP R/3 4.6D)/High Availability

WGate

Web Server

Browser

WGate

Web Server


ITS Watchdog Service

NT or Win2000 service, installed on WGate, has following tasks:

Monitors all ITS instances performingtests periodically

Recognizes ITS instances and their administration URLs and Web servers and registers them within an LDAP directory(optional)

Activates or deactivates all corresponding port rulesdepending on test results (optional)

Initially implemented for Microsoft Network Load Balancing(NLB/ WLBS)

Will also work with other load balancing products

First customer shipment with ITS 4.6DC4


How Does ITS Watchdog Work?

ITS Watchdog Service on WGate host periodically calls ITS service ITS_PING through URL http://localhost/scripts/wgate/ITS_PING/!

ITS_PING service flow file calls RFC function RFC_PING

AGate returns HTML page

Watchdog scans this HTML page for specific pattern(“SAP R/3 Status – OK”)

WGate

Web ServerITS Watchdog

AGate

SAP System

RFC

Reply page


Agenda

Introduction11

Architecture22


Scalability44

Security and Single Sign/On55

ITS Platforms66

More Information77


Internet Security

Access control Network and file access authorization

Privacy Data encryption

Authentication Clear identification of communication parties

Integrity Secure data transfer without falsification


WGateIIS / Netscapeserver

Web Server

AGateBrowser

SAP System

ITS Infrastructure – Security Measures

Firewall

Web access via HTTPS

and SSL

Web access via HTTPS

and SSL

Firewall

Secure network access viaSAP Protocol SNC

(Secure Network Communication)

Secure network access viaSAP Protocol SNC

(Secure Network Communication)

Firewall(optional)


ITS Infrastructure – Security Measures

Use different machines to separate AGate and WGate Protect your Web server and AGate Server (NT security) Protect the ITS configuration files (NT security) Use firewalls Use HTTPS


Single Sign-On in the mySAP.com Workplace

Client and server certificate ensures encrypted channel using “Secure Sockets Layer (SSL)” Protocol

Initial authentication against Web Server using X.509 user certificate Mapping from certificate to user is done by the workplace server

Further transactions fired from menu use same steps again

2

Table USREXTID maps

Certificate to SAP R/3 UserWork-

placeserver

WorkplaceMiddle-ware

3

1


Single Sign-On in the mySAP Workplace

Role-based menu

HTML GUI

Any otherWeb page

Windows GUI

WebRFC


Using an X.509 User Certificate

Mechanism protection: Secure key generation and

distribution (registration) Secure storage for private

key Uses the SSL protocol

Usage conditions: Enable HTTPS for all Web servers Provide certificates for all users Import User Certificate into

browser (or connect via Smartcard)

Provide mapping to SAP Userid (use central user maintenance)


Security Consulting Services – Info

SAPNethttp://service.sap.com/securityhttp://service.sap.com/SecurityConsulting


Agenda

Introduction11

Architecture22

SAP GUI for HTML33

Scalability44

Security & Single Sign On55

ITS Platforms66

More Information77


ITS 4.6D Server Platforms

WGate

Microsoft NT 4.0 Server Microsoft Web Server (ISAPI) Netscape Web Server (NSAPI) Apache HTTP Server (Apache

Module) any CGI Web Server (CGI)

Microsoft Windows 2000 Server Microsoft Web Server (ISAPI)

Linux / Intel Apache HTTP Server (Apache

Module)

AGate

Microsoft NT 4.0 Server

Microsoft Windows 2000 Server

SAP@Web Studio

Microsoft NT 4.0 Workstation

Microsoft Windows 2000 Workstation

WGate AGate


ITS 4.6D Client Platforms

In general, IE 4.01 or higher is required

Some applications based on ITS might have a different client platform support:

SAP GUI for HTML requires IE 4.01as a minimum Some applications require a higher version of IE

mySAP Workplace Others do support Netscape

support of pre-4.6C applications (IACs, such as ESS, Online Store) is application-dependent

All applications will run on MS Internet Explorer 5.0x or higher on Windows platforms

There are known issues with IE 5.5 which are solved with IE 5.5 SR1.

Recommendation: Use IE 5.5 SR1 or above


ITS 6.10 Server Platforms

WGate

Microsoft NT 4.0 Server Microsoft Web Server (ISAPI) Netscape Web Server (NSAPI) Apache HTTP Server (Apache

Module) any CGI Web Server (CGI)

Microsoft Windows 2000 Server Microsoft Web Server (ISAPI)

Linux / Intel Apache HTTP Server (Apache

Module)

AGate

Microsoft NT 4.0 Server

Microsoft Windows 2000 Server

SAP@Web Studio

Microsoft NT 4.0 Workstation

Microsoft Windows 2000 Workstation

WGate AGate

XP (32 and 64 bit) currently under evaluation


ITS 6.10 Client Platforms

In general, IE 4.01 or higher is required

Some applications based on ITS might have a different client platform support:

SAP GUI for HTML requires IE 4.01as a minimum Some applications require a higher version of IE

mySAP Workplace Others do support Netscape

support of pre-4.6C applications (IACs, such as ESS, Online Store) is application-dependent

All applications will run on MS Internet Explorer 5.0x or higher on Windows platforms

There are known issues with IE 5.5 which are solved with IE 5.5 SR1.

IE 6.0 (with Windows XP) under evaluation Netscape 6.x (on Windows and Linux platforms) under evaluation


Agenda

Introduction11

Architecture22


Scalability44

Security & Single Sign On55

More Information77

ITS Platforms66


Recent Efforts for 4.6D (Compilation 4)

Solution: Frontend Printing

Focus: QA / Provide software which is Stable, highly available (performance, stability) Highly scalable (ITS cluster, Watchdog)

Focus: Enrich administration and monitoring features Administer ITS clusters Add new trace files, make existing trace files better readable

Focus: Improve patch production and application


Classroom training: ITS Curriculum

ITS050 (3 Days) SAP Internet Transaction Server: Basics

ITS070 (2 Days) ITS Administration

ITS100 (2 Days) Developing EasyWebTransactions

ITS110 (2 Days) Developing Web Scenarios and Mini-Apps

using ITS Flow Logic

ITS150 (2 Days) Corporate Identity Design

ITS050 ITS110

ITS100BC400

SAP50

ITS150ITS070

and


More Information

World Wide Web http://www.sapmarkets.com/its http://service.sap.com/sap-its

SAP Online Help Basis

Frontend Services Internet Transaction Server (BC-FES-ITS)

SAP GUI for HTML (BC-FES-WGU)

sap ag 2001, title of presentation, speaker name 1 thomas ryan product manager sap markets sap...

Documents