Skip to end of metadata
Go to start of metadata

Each employee who is to use the ESS applications has a user in the SAP ECC system and a J2EE user. The user names must be the same. To create the users in the SAP ECC system, you can use the HRUSER transaction (Set Up and Maintain ESS Users). If you use the same client to manage J2EE users as the backend for the Employee Self-Service component, the system automatically creates the required J2EE users once you have created them in the SAP ECC system. If the client is not the same, you have to create the J2EE users manually.

 Procedure to setup create user in R/3

       1.      Log on to the SAP ECC system.

       2.      Go to the PFCG transaction (Role Maintenance).

       3.      Create copies of the composite role SAP_EMPLOYEE_ERP and all the single roles contained in it. Work with the copies only.

       4.      Choose the authorization profile S_SERVICE (check on start of external services) and enter the required services in the Program, Transaction, or Function Module Name field.

Note: The service names must follow the naming convention <vendor>/<dc>/<Application>. Example:

 Communication Between the J2EE Server and the SAP ECC System happens using the JCO connections

  •  An employee accesses a Human Resources ESS application (service) in the Web browser.
  •  The J2EE server’s User Management Engine (UME) checks whether the user is authorized to log on to the server. In the example in the diagram, the user administration is in the SAP ECC system. This is only one of several options available for user administration.
  •  The J2EE server starts a general service that determines the configuration of the ESS menu and the employee's name in the SAP ECC system. The system that is specified in the SAP_R3_SelfServiceGenerics JCo connection is used.
  •  The SAP ECC system that is specified in the SAP_R3_HumanResources JCo connection check whether the employee is authorized to use the service.

For setting up SAP Java Connector (JCo) Connections for ESS usage please refer 

Commonly received exceptions due to improper user management settings

  • This exception means that the mentioned R/3 user is not assigned to a pernr in R/3.

    [EXCEPTION] User AANNAMAL does not exist in this period

    Exception occured during processing of Web Dynpro application. The causing exception is nested. [EXCEPTION] at

  • Please check the configuration of JCo connection for the application data. The system uses the administration user for the J2EE server with which you are logged on to check the authorizations. If this user does not exist in the SAP ECC system, the system issues the following error message. Refer SAP Note No. 1544135

    [EXCEPTION]$Exception: (103) RFC_ERROR_LOGON_FAILURE: User account not in validity date

     Followed by:

Exception occured during processing of Web Dynpro application. The causing exception is nested. [EXCEPTION] ComponentUsage(FPMConfigurationUsage): Active component must exist when getting interface controller. (Hint: Have you forgotten to create it with createComponent()? Should the lifecycle control of the component usage be "createOnDemand"


  • Web Dynpro provides a single-threaded programming model. As soon as a request for a user session is processed, the user session is blocked for the duration of the request, i.e. there is always at most one thread that has acquired the lock of a user session. Concurrent requests which refer to the same user session(i.e. triggered from the same browser  rocess) are serialized and processed one after each other. If there is a request which blocks or hangs due to some waiting/blocking condition, then other concurrently incoming requests are  waiting for a certain period of time that the user session lock is released. If they can't acquire the user session lock after this time interval, the waiting thread terminates with a LockException error page. Refer SAP Note No. 1234847

     [EXCEPTION] Thread SAPEngine_Application_Thread[impl:3]_30 failed to acquire exclusive lock on client session ClientSession(id=(J2EE2338700)ID1877173950DB00013874557865223622End_1519103626). Existing locks: LockingManager(ThreadName:SAPEngine_Application_Thread[impl:3]_30, exclusive client session lock: ClientSessionLock(SAPEngine_Application_Thread[impl:3]_3), shared client session locks: ClientSessionSharedLockManager([]), app session locks: ApplicationSessionLockManager([]), current request: Take a thread dump of the server node to find the blocking thread that causes the problem.