Blog Archive

check these settings under the properties section of the iView...

ApplicationParameter:
Enter the name of the parameter in this field as shown in the ABAP program and then enter the value or enter * for all values. For example if you need sales document as the parameter and you want to execute a program for all sales documents in VBAK table use * as the value.

Parameters Forwarded to Transaction:
Enter a * if you want all the parameter values to be executed in the program variant or enter the specific value of the variant to execute. In the below example I used a specific value that I plan to execute in the ABAP program.
Leave OK CODE empty.




















Here is the program which executes process chains in BI based on a program with the parameter P_CHAIN. Most folks who are familiar with ABAP should be able to figure out what I am talking about and I will try not to get into the fine details here…..i am using this parameter and passing them in the iView in the application parameter section.












The end result is shown below:

Portal is SLOW !

1. Check if the server is down or not by using the system information link. ( you can achieve that by going to http://:PORT.
2. Goto System administration=>Monitoring
In the left side find the following items to check:
1.Request Summary
2.Request Overview
3.Component overview
4,Thread Overview
5.Object Locking
6.Activity Reports
3. Login into NWA goto System Management ==>Monitoring ==> Java System Reports

The following reports are available to check the situation:
1.Capacity planning
2.Resource Consumption
3.Error statistics
4.Application activities
5.Slowest Requests in details
6.Slowest requests
7.Slowest Componets
8.User activites
9.Current activities
10.mointor browser
4. Use these metrics to determine the state of the portal under system admin:
EP Workload in Requests <1000(Healthy) 1000-2000(Monitor/Caution) 2000(Critical) 1 hour(Duration)
iView Response Time Average <200 ms 200-500 ms >500ms
EP Request (Manager) Avg. Response Time <100 ms 100-200 ms >200 ms
HTTP Sessions <2500 2500-5000 >5000 1 hour
PCD Lookup Avg. Response Time <25 ms 25-50 ms >50 ms
LDAP Response Time <25ms 25-50ms >50ms
Enqueue Lock Operations <500 500-2000 >2000
Enqueue Average Response Time <10 ms 10 - 25 ms >25 ms
Application Threads 30-Oct 30-50 >50
System Threads 25-Oct 25-40 >40
Total Garbage Collection time (%) <2% 2% - 4% > 5% Day
Full Garbage Collection Count <5 5-10 >10 24 hours
Full Garbage Collection Avg. Duration <3-5 seconds 5-10 seconds >10 seconds
Minor Garbage Collection Avg. Duration 0-200ms 200-500ms >500ms
JDBC SQL Query/Update Response Time <100ms 200-500ms >500ms

5. In most cases it is the GARBAGE COLLECTION …..so here is my recommendation:
Read SAP notes 634689 and 723909..also refer these links:
https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/9771c65d-0501-0010-2c90-ad2a2f2487c7
https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/c1c8a123-0e01-0010-f8bf-a2d8ea8ec5b7

Scenario 1:




the result field in the datasource will not have any decimal and the reason being the decimal in the field structure is 0.

Solution: change the format to External and mention DECIMAL versus CHAR and enter the decimal value.

Scenario 2:

Check if the user defaults have the right settings
The user defaults can be obtained from system > user profile > own data
Check if the decimal notation is mentioned correctly










Scenario 3:

Check the Query designer for decimal values:











Tips:
• Try changing the Field Separator in the DS Extraction tab Data Separator as ,(Comma) and Escape sign as "
• If the flat file value is 100.2222 but decimal place given as 2 then PSA gets the value as 100.22

If you have more decimal values in the flat file value try to increase decimal places itself in the flat file if you need it in PSA.
• The original file is always stored in the text format and you can access it by opening the file in NOTEPAD.
• If the number in the field is defined as NUMC and the number starts with 0 DO NOT save as CSV when opening the csv file. Always open it as notepad.
• If the flat file data when opened in notepad show in this format ( 23.123) for a negative number which is -23.123 make sure the format in the data source is EXTERNAL, DEC and a certain decimal value and change the ( ) in the flat file to a negative number like -23.123. This will solve the problem.
• Sometime # symbol can be a problem; use character set 1100 instead of default entry.
• if you need more than the standard number of decimals, change the domain for the key figure in table RSDKYF and supply your own domain. See note 460652 in this regard.
• If the data type is NUMC negatives will not be read in the PSA, hence use DEC and format = External to make sure the negatives are shown.

Steps to identify and resolve the issue:
• Check the Keystore administrator in Visual Admin to determine the valid date and from date and these dates should be in the future and not expired.



• The dates for SSO will be the same in the application (system administration > system config >key store admin) as shown above; in the OS (Visual Admin) and in ECC (tcode: STRUSTSSO2). The OS generates a self signed certificate and this is stored in the application in the keystore area. This is exported and imported to ECC in tcode: STRUSTSSO2.






• Check tcode STRUSTSSO2 in the system which has to be single signed on and determine under the certificate area the valid from and valid to dates and make sure they are in the future as shown above.
• If the certificate dates are old follow instructions in the below link to create a new certificate:

http://wiki.sdn.sap.com/wiki/display/EP/SSO+Certificate+Expiry

Also check to make sure the connection tests for the system object is successful and refresh the system object after the new certificate has been created


References:
http://help.sap.com/saphelp_nwes70/helpdata/EN/2c/f4e76d7f9e4ffbbc0bfbc0c16fe49d/content.htm

the first thing to do is to define a named anonymous user,by creating a user id in user admin and including this user id in the
anonymous user group which belongs to the everyone user group along with the authenticated users..

the first user id that is added in the anonymous user group will be associated with the /portal/anonymous
and the second user onwards the URL to follow will be /portal/anonymous?guest_user=user2,3,4,5,6,7.....

these user id's need seperate roles and seperate desktops as well....
to check on the roles for these 2 users follow the below steps:

do the following for the anonymous user specified in the URL
Go to System Administration
-> Support
-> User Management
-> Test component for UME objects
-> Get UME User

Specify the name of the role the anonmous user has assigned, and
determine how the role is assigned to the anonymous user.

for desktops use the filter id concept by inserting a filter id in the desktop and the role.

use the below scenario

IF User = intranet
THEN Portal desktop = xxx

IF User = intranet2
THEN Portal desktop = yyy

then, for each desktop, define a filter id and use the mechanisn for
filtering entry points described in:

Filtering Entry Points
http://help.sap.com/saphelp_nw70/helpdata/EN/5e/e855a35455458aa4df21a4339722c7/frameset.htm


if you have trouble with this depending on your SPS level i suggest create an OSS in the below format:


Attach the UME configuration to the message
Navigate to
-> System Administration
-> Support
-> User Management
-> Status of UME properties
-> Configuration Download
-> Download files

Run the web diagtool as outlined in note 1045019 example 1, and then
log on anonymously with a named anonymous user.
Then attach the web diagtool log to the message
Specify the URL used to access the portal anonymously
Provide screenshots of the issue being reproduced.

Deploying the SAP Java Cryptographic Toolkit
Prerequisites
You have obtained the SAP Java Cryptographic Toolkit package that corresponds to your SAP J2EE Engine release.
2. This package is available on the SAP Service Marketplace at service.sap.com/download under Download  SAP Cryptographic Software.
3. The SAP Java Cryptographic Toolkit package contains the corresponding Software Delivery Archives (SDAs) for both J2SE 1.3.x and J2SE 1.4.x. The SDAs contain the file iaik_jce.jar, which replaces the export version of the toolkit iaik_jce_export.jar.
 If you use J2SE 1.4 or higher, then you also have to install and use the unlimited strength jurisdiction policy files from your J2SE vendor to be able to use the strong cryptography functions used by the Secure Storage and SSL Provider services. (Per default, only limited policy files are delivered with the J2SE 1.4 packages.)
The use of these policy files can underlie import regulations. Make sure you are allowed to use these files before you download and install them.
The policy files you use need to be provided by the same vendor as your J2SE package.
The policy files to use with the Sun Java Development Kit are available from Sun Microsystems, Inc. at java.sun.com.
For other vendors, see their corresponding documentation.
• The SAP J2EE Engine and the Software Deployment Manager (SDM) are running.


Goto the link : service.sap.com/download






Procedure
1. Unpack the SAP Cryptographic Toolkit package into a local directory.
2. Using the SDM Remote GUI, connect to the SAP J2EE Engine and deploy the SAP Java Cryptographic Toolkit SDA that applies to your J2SE version (1.3.x or 1.4.x).
For more information about using the SDM see the Software Deployment Manager in the Development Manual.
http://help.sap.com/saphelp_nw04/helpdata/en/f1/2de3be0382df45a398d3f9fb86a36a/frameset.htm








You can now change the startup mode for the SSL Provider so that it automatically starts when the server is started. Use the Configuration Adapter in the Visual Administrator and set the startup mode to Always instead of Manual. For more information, see Changing the Startup Mode for the SSL Provider.
3. Restart the J2EE dispatcher and server. Also restart any tools such as the Visual Administrator or the Config Tool that are running.
You can verify that the correct library has been loaded under Dispatcher  Libraries  core_lib in the Visual Administrator. The iaik_jce.jar should be included in the list of loaded jars and not iaik_jce_export.jar.

Result
The SAP Java Cryptographic Toolkit replaces the export version of the toolkit on the J2EE dispatcher and server.
You should periodically check for an updated version of this library on the SAP Service Marketplace, for example, when you install support packages.

Go to the Visual Administrator and generate the corresponding SSL keystore certificates.
Generate a certificate signing request. Select your entry, choose Generate CSR Request and save it to a file.











4. If the corresponding certificate has not yet been signed by a CA, then:
a. Generate a certificate signing request. Select your entry, choose Generate CSR Request and save it to a file.
b. Send the certificate signing request to a CA to be signed.
The exact procedure to use depends on the CA that you use. For the SAP CA, follow the instructions provided by the SAP Trust Center Service at service.sap.com/tcs.
c. Save the certificate request response to a file in the file system. Use the extension .crt (DER-encoded or Base-64 encoded) or .cert (Base-64 encoded).
d. Import the corresponding certificate request response. Choose Import CSR Response and load the response from the file system.
For more information about managing keys and certificates in the Key Storage service,

Go to the following link
service.sap.com/tcs.
Send the certificate signing request to a CA to be signed.
The exact procedure to use depends on the CA that you use. For the SAP CA, follow the instructions provided by the SAP Trust Center Service at service.sap.com/tcs












































Since the file is “save as type – text document and u need to save it as . cert use the double quotes.











The SSLCERT is shown above.






































Check the link to determine if the SSL is working or not:
Use the URL https instead of the http










Hence the SSL is set up for the J2ee server.

Google Voice


Older Posts