SAP Fundamentals reference (also) for SAP Security Certification

KR
5 min readSep 5, 2021

--

WIP

S/4HANA

SAP’s ERP solution optimized for its in-memory database SAP HANA and runs on (SAP NetWeaver) Application Server ABAP.

HANA

SAP’s in-memory, column-oriented RDBMS which includes OLTP & OLAP.

NetWeaver

SAP’s technology platform for building & running applications.

SAP Application Server or SAP Instance

Administrative unit that combines SAP system components to provide services.

Those components are configured using parameters. Common instance profile is used to set parameter values.

Application server (AS)is identified by 3-character system ID (SID) an 2-digit instance number.

AS architecture is depicted as below.

SAP Application Server Architecture Overview

Application Server ABAP — AS ABAP

Complete infrastructure — platform and runtime environment — for ABAP based applications including S/4HANA.

Made up of following components

ICM-Internet Communication Manager : Processes HTTP, HTTPS, and SMTP protocol requests.

ABAP dispatcher : Queues and distributes the requests to the work processes.

Work processes (dialog, update, spool, background, etc.) : Executes programs

RFC Gateway : Carries out RFC based communication, to & between SAP systems based on TCP/IP.

Enqueue server : Part of CS. Requests from WP (work process) are enqueued in this server and then passed on to free WT (worker thread). Handles the lock table for this.

Message server : Part of CS. Handles communication between distributed dispatchers within AS ABAP. Performs logon load balancing to different application servers.

If there are no CS, PAS performs the enqueue and message server service.

Start Service : To start and stop services and to monitor them. Present in CS and AS instances.

And can be enhanced with following optional components

SAP Web Dispatcher : Entry point for HTTP(s) based requests. Used to secure the system by handling requests and does load balancing.

SAProuter : Proxy in a network connection between SAP systems, or between SAP systems and external networks. Acts as an extra firewall to the existing firewall installed directly on the firewall host.
SAProuter port serves as a gateway through which connections to firewall-protected system can be opened.
SAP protocol (an enhanced version of TCP/IP) is the one that is used, which is at the NI layer (Network Interface — between 4&5 in OSI model)

ABAP

Advanced Business Application Programming — SAP’s high-level programming language

Application Server Java— AS Java

Complete infrastructure — platform and runtime environment — for Java EE based applications

Web Dynpro

Technology for building web-based applications for SAP systems

SAPUI5

User interface development toolkit to create web applications based on HTML5

SAP Gateway

NetWeaver component / framework which helps SAP systems to connect with other SAP & non-SAP applications using OData.

OData

Open Data Protocol is an open protocol that allows the creation and consumption of queryable and interoperable REST APIs

SAP Fiori

Is the combination of framework, tools and guidelines used to create apps that user interacts with SAP systems.

Three dimensions in which SAP Fiori is defined are concept, design and technology.

Proviidng role based user experience with central entry point (Fiori Launchpad) is the core of SAP Fiori.

All Fiori apps utilize SAPUI5 and SAP Gateway.

Types of Fiori apps

— Transactional apps : provides task based access

— Analytical apps : provides insights

— Fact Sheet apps : provides search capabilities on data

SAP GUI

Client (graphical user interface) used to interact with ABAP based SAP systems. Uses DIAG protocol to interact with application layer.

Types of SAP GUI:

-SAP GUI for Windows environment

-SAP GUI for Java environment

-SAP GUI for HTML

DIAG protocol

Dynamic Information and Action Gateway protocol.

SAP GUI for Windows environment

SAP GUI for Microsoft Windows platform. Interacts with ABAP Dispatcher in application server using DIAG.

SAP Logon is used to start the SAP GUI, which takes the list of systems from SAPUILandscape.xml in the file system.

SAP GUI for Java environment

Platform independent implementation of SAP GUI. Interacts with ABAP Dispatcher in application server using DIAG.

SAP GUI for HTML

Browser based implementation of SAP GUI. Interacts with ICM (Internet Communication Manager, which is managed by ABAP Dispatcher) in application server which in turn uses ITS (Internet Transaction Server), an ICF (Internet Communication Framework) service.

Internet Communication Manager (ICM)

Component of NetWeaver application server which handles & processes Internet standard protocols (HTTP, HTTPS and SMTP) based requests to application server.

Internet Communication Framework (ICF)

ICM uses ICF to handle its requests. ICF provides the infrastructure for handling HTTP requests. An HTTP request calls a service in the ICF server. This service contains one or more HTTP request handlers.

Internet Transaction Server (ITS)

ITS is an ICF service which helps to deliver business applications to internet based requests.

Clients and their request handling overview

SAP Business Client

UI that presents a single entry point with role based navigation to different SAP business applications and technologies. E.g. supporting the set up of Fiori Launchpad, SAP logon etc.

Available as

- SAP Business Client for HTML

- SAP Business Client for Windows

In addition to standard roles, special navigation roles are assigned to users.

RFC — Remote Function Call

SAP interface protocol, based on CPI-C and TCP/IP, for communication with SAP systems. RFC destinations are required in those systems that participate in RFC based communication.

BAPI — Business Application Programming Interface

Provides external & internal access to business data and processes.

Defined as methods of business objects(BO) in BO repository.

Functions called using BAPIs are RFC enabled function modules.

ALE — Application Link Enabling

Middleware tool that enables data exchange between applications (as logical systems) through asynchronous & synchronous (read-only) communication without a central database using IDoc / XML.

Based on RFC.

IDoc

Standard exchange format used for communication data with SAP systems.

IDoc interface has defined data structure and processing logic.

EDI — Electronic Document Interchange

SAP Client

Not much different if compared to tenant in cloud world. Self contained technical & commercial unit in an SAP AS ABAP based system. System can also have cross client data, when speaking about data model in SAP.

Perspective: SAP data model in AS ABAP system

Data model in an SAP AS ABAP based system maps customer data to client-specific tables and central data to cross-client tables.

Perspective: Application data(tables)

Business data such as master data or transaction data.

Perspective: Customizing data(tables)

Data created by customers when they customize their systems.

--

--