GRC
HR
SCM
CRM
BI


Article

 

Enabling Platform Interoperability - Leverage Your Existing Infrastructure with SAP NetWeaver

by Elise Sivilay | SAPinsider

October 1, 2005

by Elise Sivilay, SAP AG, and Susanne Rothaug, SAP AG SAPinsider - 2005 (Volume 6), October (Issue 4)
 




Elise Sivilay,
SAP AG




Susanne Rothaug,
SAP AG

With the variety of technologies and applications in place across your system landscape, it is a constant challenge to ensure that all your solutions work in a cohesive fashion. It is not good enough that systems can simply send data back and forth; the goal is to be able to use this information and communicate it seamlessly to your users. At the same time, you want to minimize administrative effort, consolidate your system landscape, and leverage your existing resources.

Meeting this challenge is the driving force behind SAP NetWeaver. SAP NetWeaver is not only the platform for SAP enterprise applications, but is also an infrastructure platform that includes a portal, a messaging infrastructure, a system management solution, and enterprise services.

But what if you already have an infrastructure platform — or perhaps even multiple portal, messaging, and system management solutions — in place? Integrating these legacy platforms is the next step, and IT scenarios supported by SAP NetWeaver are designed to help you take this step to arrive at a seamless, transparent infrastructure.

In a previous column, we discussed the new IT scenarios and practices fully supported by SAP NetWeaver as of the 2004s release. These scenarios are designed to help customers make use of the out-of-the-box content and capabilities that are built into SAP offerings through the SAP NetWeaver platform.1 And with SAP's Enabling Platform Interoperability scenario, you can enable seamless system communication while leveraging the functionality already in place in your existing IT landscape.

Achieving Real Interoperability in Today's Heterogeneous System Landscapes

What exactly do we mean by the term interoperability? Simply the ability of two or more systems or components to exchange information and to effectively use the information that has been exchanged. Given today's common IT landscape of heterogeneous and disparate solutions, platform interoperability is key to enabling your systems to communicate effectively, all with an eye on reducing administrative effort, technology expenses, and consolidation costs.

In fact, the Collaboration Technology Support Centers (CTSCs) have been working on platform interoperability solutions since early 2003 (see sidebar below), and now SAP is delivering the Enabling Platform Interoperability scenario to address this very system integration and optimization concern. In this article, we will look at this scenario in detail, examining the interoperability issues between SAP NetWeaver and other common infrastructure platforms. We'll also walk through an example of how this scenario can be applied within your enterprise.

Collaboration Technology Support Centers

To support customers with questions associated with interoperability issues, SAP jointly established two Collaboration Technology Support Centers (CTSCs) — one with IBM and one with Microsoft. The CTSCs are specifically focused on interoperability topics and collaborative projects. Each center is equally staffed by SAP and IBM or Microsoft, respectively. Most importantly, each company has direct communications and links into each other's development, sales, and consulting teams in order to promote joint and cohesive solutions and provide leadership on software interoperability topics. Customers can work directly with the CTSC to help determine the best fit or mix of software solutions for their environment.

For more information, please contact your SAP account representative, or visit the SAP Developer Network. You can find the IBM CTSC "SAP NetWeaver — IBM Software Interoperability" Discussion Forum online at https://www.sdn.sap.com/sdn/developerareas/ibm.sdn?node=linkDnode1-3, and for the Microsoft CTSC "SAP NetWeaver — .NET Interoperability" Discussion Forum, please visit https://www.sdn.sap.com/sdn/developerareas/dotnet.sdn?node=linkDnode1-2.

The Interoperability Goal

SAP NetWeaver is fully designed to interoperate with other market-leading infrastructure and integration vendors, such as IBM and Microsoft. Because SAP NetWeaver is built on industry and open standards — and is the backbone of Enterprise Services Architecture — it supports interoperability at the people, information, process, and application levels. By designing the SAP NetWeaver platform to be open, flexible, and agile, we ensure our products can interoperate across organizational and product boundaries.

Consider an example where two organizations have merged and employee personnel and HR records need to be consolidated into one comprehensive system, all accessible through a unified view. One organization uses mySAP ERP Human Capital Management (mySAP ERP HCM), while the other uses homegrown applications and legacy third-party solutions. Also, each organization uses a different frontend application or portal to access and update data. To make an update or change to an employee record (for example, an address change or a salary information update) and have it properly reflected in both systems, you have to use a secure messaging framework to route and transform the data in the format that each application understands and can process.

So how do you guarantee that the change takes effect in the appropriate systems quickly, accurately, and securely? What steps do you have to take to ensure that the portals are in fact "talking" to each other, and how do you erase the potential for leaks of sensitive information? What's more, how do you avoid having to log in with your user name and password every time you switch between the portals so that you can get a full view of the employee profile? To alleviate this tedious and time-consuming effort, SAP has developed the Enabling Platform Interoperability scenario.

Introducing the "Enabling Platform Interoperability" Scenario

The Enabling Platform Interoperability scenario helps SAP customers quickly implement interoperability solutions, particularly around IBM and Microsoft middleware products. Scenario deliverables include:

  • Dedicated IT processes

  • Reference models

  • Configuration content

  • Documentation

While developing this scenario, we realized the endless array of topics that Enabling Platform Interoperability could cover. However, based on common customer requirements, we currently address some variations of this scenario in five key focus areas. These scenario variants, which customers can use individually or in combination to address interoperability issues in their system landscapes, are:

1. Enabling Co-Existence of Several Portals: Each of the various platforms that run in a heterogeneous system landscape has different strengths. If an enterprise combines SAP and non-SAP portal technologies, they ideally want to maximize the value delivered by both portals. Co-existence allows an organization to deliver specific functionality to a target group of users by leveraging the strengths and out-of-the-box functionality unique to each portal. Interoperability will allow a user to log in to one portal and be automatically authenticated into the second portal, seamlessly and transparently, while also addressing security and usability issues (see single sign-on example later in this article).

2. Ensuring Application-to-Application and Business-to-Business Integration: To ensure interoperability at the messaging and process integration level, standards like Java Message Service (JMS), SOAP, and Web Services Security help SAP NetWeaver Exchange Infrastructure (SAP XI) to collaborate with other solutions in the market, such as IBM WebSphere Business Integration and Microsoft BizTalk.

3. Providing Web Services Interoperability: To service-enable applications and facilitate cross-organizational communications, users can enable third-party solutions to leverage SAP's Enterprise Services Architecture.

4. Managing Heterogeneous System Landscapes: To manage heterogeneous system landscapes, users can complement SAP NetWeaver's capabilities with leading system management tools in the areas of storage and archive, identity and access management, security, and provisioning.2

5. Developing Applications That Are Compatible with SAP NetWeaver: To reduce the learning curve for application developers, the interoperability scenario offers development support for alternate development platforms, such as Microsoft .NET or other J2EE development products, so that developers can leverage their current environment to extend applications, content, and solutions for SAP NetWeaver.

See Figure 1 for a quick rundown of these variants and some examples of how companies can use them in practice.

Scenario Variant and Description Example Uses
Enabling Co-Existence of Several Portals
Enterprises that combine both SAP and non-SAP portal technologies can deliver relevant and valuable functionality to specific target groups of users; users log in to one portal and are automatically authenticated into the second portal — seamlessly and securely
Enables customers to take advantage of the different strengths of the various portal platforms in their system landscape
Ensuring Application-to-Application and Business-to-Business Integration SAP XI can integrate, route, and transform data among mySAP applications, as well as third-party and legacy applications that are connected through IBM WebSphere or Microsoft BizTalk
Ensures interoperability on the messaging and process integration level, using standards like JMS, SOAP, and Web Services Security
Providing Web Services Interoperability In an SAP financial composite application, a credit limit check Web service can be built in WebSphere and invoked or consumed by the SAP application
Leverages SAP's Enterprise Services Architecture in third-party solutions to service-enable applications and facilitate cross-organizational communication
Managing Heterogeneous System Landscapes SAP NetWeaver Portal can use Microsoft Active Directory, IBM Tivoli Directory Server, or IBM Domino as an LDAP; other Tivoli products are certified to assist in end-to-end system management
Complements SAP NetWeaver's capabilities with leading system management tools in order to manage heterogeneous system landscapes
Developing Applications That Are Compatible with SAP NetWeaver Microsoft Visual Studio users can build iViews for SAP NetWeaver Portal
Provides development support for alternate development platforms, such as Microsoft .NET, so that developers can leverage their current environment to extend applications, content, and solutions for SAP NetWeaver
Figure 1
Scenario Variants Covered by the Enabling Platform Interoperability Scenario

Note!
Look for an additional scenario variant, Knowledge Management and Collaboration, to be included in the future. This variant offers interoperability support between SAP NetWeaver-based solutions and common partner productivity suites and collaboration products, such as Windows SharePoint Services and Microsoft Exchange Server.

Implementing Single Sign-On with "Enabling Co-Existence of Several Portals"

Single sign-on (SSO) is especially important for the interoperability IT scenario because it is relevant across several scenario variants, including the Enabling Co-Existence of Several Portals variant. SSO provides users with seamless and transparent access to multiple portals, as well as the connected backend applications. Here, we will walk through an overview of the process steps and approaches for implementing SSO across an SAP and an IBM system.

Many organizations are currently challenged to enable single sign-on across two different vendors' applications or frameworks. As part of our interoperability efforts with IBM, SAP has worked to address this implementation at both the application server level and the presentation level. Single sign-on can be established between IBM components — such as IBM WebSphere Application Server (IBM WAS) or WebSphere Portal Server (IBM WPS) — and SAP components — such as SAP Web Application Server (SAP Web AS) 6.40, SAP NetWeaver Portal,3 SAP Business Information Warehouse (SAP BW) based on SAP Web AS 6.40, and any other applications based on SAP Web AS 6.40.

Implementation approaches to single sign-on depend on the first access point into the solution. The components used to configure user authentication in a portal interoperability scenario differ depending on which portal is the "leading" portal — the portal page or framework in which end users first log in to the portal application using their unique user ID and password. For example, the user would point the browser to a typical SAP NetWeaver Portal URL or WebSphere Portal URL and get the standard login screen. Depending on which portal is the leading one, different cookies need to be configured.

SAP NetWeaver Portal as the "Leading" Portal

If SAP NetWeaver Portal is the leading portal (see Figure 2), the Trust Association Interceptor module within WebSphere Application Server (the foundation for WebSphere Portal Server) needs to be configured. The Trust Association Interceptor (TAI) implements an API that allows the IBM WebSphere Application Server to validate users (for authentication purposes only). The TAI module enables SSO by establishing trust between IBM WAS and an authentication proxy. Whenever a request attempts to access a secured resource, IBM WAS invokes the right TAI, which is asked to validate that the request is legitimate (received through a legitimate third-party authentication proxy) and to return that user's authenticated identity.

Figure 2
SAP NetWeaver Portal as the Leading Portal (Displaying WebSphere Portal Server Content), with Single Sign-On

A detailed depiction of the process that occurs between the SAP and IBM portals is shown in Figure 3. For detailed steps on the exact parameters to configure, you can visit the SAP Developer Network and download the article "How to Set Up SSO Between SAP NetWeaver Portal and IBM WebSphere Portal Using Trust Association Interceptor" by Felix Huber at https://www.sdn.sap.com/sdn/developerareas/ibm.sdn?node=linkDnode1-3.

Figure 3
Enabling SSO Interoperability Between SAP and IBM Portals When SAP NetWeaver Portal Is the Leading Portal

IBM WebSphere Portal Server as the "Leading" Portal

If IBM WebSphere Portal Server (IBM WPS) is the leading portal (see Figure 4), a login module must be configured to determine if the current user is authenticated and has access to the SAP NetWeaver Portal contents. This is the Java Authentication and Authorization Service (JAAS) module within the SAP Web Application Server engine. This new login module gets the user ID from IBM WPS and logs in to SAP NetWeaver Portal with the same user.

Figure 4
SAP NetWeaver Portal Manager Self-Service Running Inside WebSphere Portal, with Single Sign-On

Assuming that both portal servers reside in the same domain, a request to SAP NetWeaver Portal transfers the logon cookie for IBM WPS. The new login module uses this cookie to send an HTTP request to a dedicated WebSphere portlet that returns the user ID currently logged on to IBM WPS. The login module uses this user to log on to SAP NetWeaver Portal.

A detailed depiction of the process that occurs between the IBM and SAP portals is shown in Figure 5. For detailed steps on how to develop, deploy, and configure this process, please refer to the article, "How to Set Up Single Sign-On Between an IBM WebSphere Portal and the SAP NetWeaver Portal Using JAAS" on SAP Developer Network at https://www.sdn.sap.com/sdn/developerareas/ibm.sdn?node=linkDnode1-3.

Figure 5
Enabling SSO Interoperability Between SAP and IBM Portals When IBM WebSphere Portal Is the Leading Portal

Note!
In the case where user IDs are different for each portal implementation, or separate LDAPs are used to store user data, implementing a third-party authentication product may make the most sense. This is especially useful in very heterogeneous environments. IBM has certified Tivoli Access Manager to be one of the possible authentication mechanisms between both portals.

Single sign-on is a key aspect of the Enabling Co-Existence of Several Portals scenario variant. Other important topics and process steps to consider include navigation, look and feel, and granular access to portal content and resources. For a deeper discussion, please refer to the technical article "How to Interoperate SAP NetWeaver Portal and IBM WebSphere Portal Server," which is available for download at https://www.sdn.sap.com/sdn/ developerareas/ibm.sdn?node= linkDnode1-3.

Conclusion

Interoperability is a real option for enterprises today to enable seamless communication between the solutions that are already up and running in their system landscape. With the Enabling Platform Interoperability IT scenario, SAP's main goal is to increase the opportunity for customers to reuse their existing investments in technology, products, and skills while maximizing the value delivered by SAP NetWeaver. The scenario leverages the openness of SAP NetWeaver to collaborate and co-exist with various solutions and infrastructures, utilizing SAP's interface to applications for consistent usability and content access, and supporting a cross-vendor portal landscape. As we discovered in our SSO example, the scenario also provides secure access to business- critical content, all without having to repeatedly log in — providing seamless, streamlined workflow for end users.

Rather than using up extra development and maintenance time to plan and build the connections across your infrastructure from scratch, you can use the Enabling Platform Interoperability IT scenario, supported by SAP NetWeaver, to shorten custom development time and lower maintenance costs. Without having to engross themselves entirely in interapplication development and maintenance tasks, developers are freed up to innovate and move the business forward.

For more information on the Enabling Platform Interoperability scenario, visit http://service.sap.com/it-scenarios and www.sap.com/solutions/businessmaps.

To connect with the CTSC and find platform interoperability white papers, technical guides, and discussion forums, please visit the SAP Developer Network (SDN) at www.sdn.sap.com.

Resources: SAP and IBM Platform Interoperability

The following articles are available on the SAP Developer Network at https://www.sdn.sap.com/sdn/developerareas/ibm.sdn?node=linkDnode1-3:

"IBM Lotus Integration with SAP NetWeaver Portal – An Overview," a January 2005 CTSC Collaboration Brief by Michael Sambeth

"How to Set Up SSO Between SAP NetWeaver Portal and IBM WebSphere Portal Using Trust Association Interceptor" by Felix Huber

"How to Set Up Single Sign-On Between an IBM WebSphere Portal and the SAP NetWeaver Portal Using JAAS" by Patrick Höfer, Felix Huber, and Thomas Csapo

"How to Interoperate SAP NetWeaver Portal and IBM WebSphere Portal Server" by Felix Huber and Daniel Wroblewski


1 - See Claudia Weller's SAP NetWeaver Unleashed column, "IT Scenarios Provide a Guided, Business-Oriented Approach to Maximizing SAP NetWeaver Use" in the July-September 2005 issue of SAP Insider (www.SAPinsider.com). Full support of IT scenarios, including deliverables such as configuration information in SAP Solution Manager and scenario-based documentation, is available with the release of SAP NetWeaver 2004s.

2 - By provisioning, we mean assigning underutilized resources to applications or users on an as-needed basis.

3 - SAP NetWeaver Portal was formerly called SAP Enterprise Portal. Figure 2, in fact, still displays the former name (SAP Enterprise Portal 6.0) at the top of the screen, given the recent nature of the name change.


Elise Sivilay is a global partner manager for IBM Software at SAP AG, and is based in Walldorf, Germany. She is a member of the Collaboration Technology Support Center (CTSC), a team within the IBM-SAP International Competence Center. Previously, she spent six years with IBM in WebSphere sales, technical sales, and partner enablement.

Susanne Rothaug is the project lead for the IT scenario Enabling Platform Interoperability, and is based in Walldorf, Germany. She joined the SAP NetWeaver Product Management Operations (PMO) team four years ago, and she currently holds the position of product manager for enterprise services.

An email has been sent to:






More from SAPinsider



COMMENTS

Please log in to post a comment.

No comments have been submitted on this article. Be the first to comment!


SAPinsider
FAQ