Registration

Dear SAP Community Member,
In order to fully benefit from what the SAP Community has to offer, please register at:
http://scn.sap.com
Thank you,
The SAP Community team.
Skip to end of metadata
Go to start of metadata

SAP Screen Personas 2.0


 

 

SAP Screen Personas 2.0 Configuration Guide - Addendum


Knowledge Base Article Updated on May 23, 2016 22:03     (blue star)    

After the SAP Screen Personas add-on is installed, the following steps need to be competed in order to perform the administration tasks. Ensure that all the pre-requisites are met including the SAP Kernel requirements mentioned in this article.

Screen Personas 2.0 can be configured as a single system or multiple system setup. Refer to the Master Guide available at http://help.sap.com/personas200 for more details on this topic and choose a setup before proceeding with the configuration. The system where Screen Personas add-on is installed will be referred to as the Screen Personas system and the ERP system which is connected to will be referred to as the target SAP system. In a single system setup, both target SAP and Screen Personas systems refer to the same system.

It is recommended to have a single system setup for productive use and for a smoother migration to Screen Personas 3.0

Target SAP System

Configure Silverlight Cross Domain Policy Files

Procedure

  • On the target SAP system using the SAP GUI application, create an xml file with name clientaccesspolicy.xml on the server and make a note of the path. Sample content is shown below:

    clientaccesspolicy.xml
    <?xml version="1.0"?>
    <access-policy>
      <cross-domain-access>
        <policy>
          <allow-from http-methods="*" http-request-headers="*">
            <domain uri="http://*"/>
            <domain uri="https://*"/>
          </allow-from>
          <grant-to>
            <resource path="/" include-subpaths="true"/>
          </grant-to>
        </policy>
      </cross-domain-access>
    </access-policy>

    More information on the cross domain policy file is available on this MSDN link.

  • Go to transaction RZ10.
  • Locate key icm/HTTP/file_access_<n> in the profile.
  • Add following into profile: 

    icm/HTTP/file_access_0
    PREFIX=/sap/public/icmandir/,DOCROOT=$(DIR_ICMAN_ROOT),ARCHIVE=$(DIR_EXECUTABLE)/ITS.SAR,CACHECTRL=+28800
    icm/HTTP/file_access_1
     PREFIX=/clientaccesspolicy.xml,DOCROOT=<absolute path to>\clientaccesspolicy.xml,CACHECTRL=0
    icm/HTTP/file_access_2
    PREFIX=/crossdomain.xml, DOCROOT=<absolute path to>\crossdomain.xml,CACHECTRL=0

    Ensure that the <absolute path to> is replaced with the actual path to the xml files.

 

Result

clientaccesspolicy.xml

 

Configure restgui Service

Procedure

  • On the target SAP system using the SAP GUI application, go to transaction SICF. 
  • Locate the restgui service in the path /default_host/sap and activate it.


If the service is not available, create the restgui service by following these steps:

  • Create a new service.

    Start SICF transaction.

    This needs System Administrator rights.

  1. Execute F8 and navigate to  default_host sap bc gui sap its webgui  service.

  2. Right-click the WebGUI service.

  3. Choose Copy.

  4. Navigate to  default_host sap  and choose Paste.

  5. Specify new package or choose the Local Object button.

  6. Rename the newly created service to restgui.

Depending on the patch level you are using, there is a limitation in SICF transaction UI. An already created service is not activated yet, but after copying Activate Service, the action is disabled in popup menu. As a work around, deactivate service first, than activate it again.

  1. Configure RestGUI service.
  2. Double-click the RestGUI service

The service data dialog is displayed. Once you have the restgui service in place do the following:

  1. Change Compression to Yes.

2. Click Change.

3. Click the GUI Configuration button.

Modify parameters.

  1. Add or set parameter ~XSRFCHECK with value 0. (This is optional but makes potential debugging easy).

  2. Add or set parameter ~WEBGUI with value 1.

  3. Remove all other parameters.

     

  4. Choose Copy Parameter Set

  5. Choose the Error Pages tab.

  6. Change the radio control from System Logon to Explicit Response Time.

  7. Go to the handler list tab and change the handler from CL_HTTP_EXT_ITS to CL_HTTP_EXT_ITS_BASIC.

     

    If CL_HTTP_EXT_ITS_BASIC handler is not present, apply SAP Note 1667055 .

    If the SAP Note 1667055 does not apply to your system, use CL_HTTP_EXT_ITS at handler class; ensure to point this out if issues are found later.

    Click Store to save changes.

    Right-click RestGUIservice and select Test Service command.

    A popup dialog is displayed and you will see the actual URL for RestGUI service.

    Switch to persos_app ServiceName

  1. Turn Compression to Yes for persos_app

Activate Services in SICF

Procedure: Activate

As the initial page to launch SAP Screen Personas in a BSP, the following services need to be activated in the SICF transaction:

Transaction: SICF

    • /sap/persos_app
    • /sap/bc/bsp/persos/mainapp

    • /sap/bc/bsp/sap/system

    • /sap/bc/bsp/sap/public/bc

    • /sap/public/bsp/sap/public/bc

    • /sap/public/bsp/sap/system

    • /sap/public/bsp/sap/htmlb

    • /sap/public/bc

    • /sap/public/bc/ur

    • /sap/restgui

    • /sap/bc/gui/sap/its/webgui (this should be already active, make sure it is

    • /sap/bc/bsp/persos/mainapp (this should be already active, make sure it is)

      Please follow the steps given below to activate each service:

    • Launch transaction SICF.
    • Navigate to the specified node.

    • Right-click the node and select Activate Service from the context menu.

    • In the popup that appears, select the first button Activate.

Procedure:Test

Test RestGUI Services

It is recommended to test the RestGUI services before you proceed with further configurations.

      • Point your browser to the (actual URL for restgui service) followed by /newsession?sap-client=<client id>.
      • Copy the session ID returned by the system.
      • Point your browser to the following address: (actual URL for restgui service) followed by /state/text. Add the session ID obtained above in the URL to the /sap/ part of the url.

The URL should look similar to the one given below:

https://<hostname>:<port>/sap(cz1TSUQlM2FBTk9OJTNhcGFlcjhkYl9FUjhfNTMlM2FteUFKZWVvWElOS3pjX09GcUtVeUxEN2tRUnBIc1drajZ2UHJ0MWxsLUFUVA=)/restgui/state/text

 

Result

You should be able to see a control tree in text notation.

Screen Personas System

You can access SAP Screen Personas SPRO Transaction under Cross Applications Component:


The following are all the configuration steps that need to be completed in the SPRO Transaction.

Maintain Controls for Control Specific Settings

Transaction: SPRO

This can be accessed at SPRO > SAP Customizing Implementation Guide > Cross-Application Components> SAP Screen Personas > Maintain Controls for Control Specific Settings.

Here users can add new controls and new properties for the controls, apart from the SAP delivered controls, for which the control specific profile-wide settings will be applied. Profile-wide settings allow users to make changes available for all screens in a system instead of a screen by screen basis.

This configuration is a two-step process:

1.       Maintain Control Details - Provide the Control Name and Control ID.

2.       Maintain Property Details - Select a control created in previous the step and double click the property details node on the left side.

Here you can add new properties for the selected control. Once you have entered the details, Save the configuration.

More details on Profile Wide settings can be found under the same header in Administration & Troubleshooting guide.

Maintain Screen ID Overwrite Logic

This can be accessed at SPRO > SAP Customizing Implementation Guide > Cross-Application Components> SAP Screen Personas > Maintain Screen Id Overwrite Logic.

This customizing is to maintain Transaction, Program, Original Screen Number, and New Screen Number. If for some reasons two or more screens visually appear like one same screen, this customizing activity will enable Personas to handle these screens as one. The entries for this configuration are part of the delivered customizing in Personas.

Note: Personas has two types of ID Overwrite Logic: Screen ID and Control ID. 

Screen ID is under the SPRO transaction, the Control ID is part of the /persos/ADMIN_UI transaction. 

See Appendix for how to tell the difference between Screen ID and Control ID.

All the delivered configurations during installation process are copied to client 000. A client copies needed to bring in these values to the client where Personas is used.

 

Maintain Personas Global Settings

This can be accessed at SPRO > SAP Customizing Implementation Guide > Cross-Application Components> SAP Screen Personas > Maintain Personas Global settings.

SAP Screen Personas provides a capability to group flavors. Groups can be created and maintained via Admin transaction. Flavors can be assigned to Groups which in turn get distributed to the users assigned to this Group. In case the Admin wants to distribute flavors to all users in a system at once, a Global Group helps. Admin can define a Group as Global in this configuration. By doing so, all users can access the flavors assigned to this Group by default.

In addition you can provide package name for Translation objects that will be used for providing translations for the user customization in multiple languages.

If you are accessing SAP Screen Personas using a load balancer, then you can provide the Load balancer URL which will be used for the generation of Shortlinks.

 

Maintain Whitelist URLs

This can be accessed at SPRO-> SAP Customizing Implementation Guide > Cross-Application Components> SAP Screen Personas > Maintain Whitelist URLs.

This is a place where the allowed websites inside the HTML control should be maintained. A URL can be used at runtime only if this whitelist is maintained.

Maintain Roles

SAP Screen Personas uses two kinds of Authorization management – one used for accessing the administration transaction and the other which is used for user permission management in the Silverlight UI.

Backend Authorization Management is implemented using SAP Standard Roles and Authorization framework.

This can be done in this link SPRO > SAP Customizing Implementation Guide > Cross-Application

Components > SAP Screen Personas > Maintain Personas Roles

By default the following 5 roles are delivered by SAP Screen Personas:

 

Rendering only (0)

      • IT pre-defines the flavor to be loaded for a user/group
      • no flavor switching possible

Rendering and flavor switching (1)

      • User can switch between flavors and get new ones from the Flavor Gallery
      • no private flavors, therefore, no editing possible

Rendering, visual editing and sharing of flavors (Bits 0-5, and 8-13)(16191)

      • User is able to create private flavors and edit them

Restricted editing (All bits but bit 22) (29360127)

      • Most editing features except the advanced scripting

Full editing rights (-1).

 

In addition, Admin can come up with new roles. The steps for this are mentioned in the IMG configuration help. The following table lists down the different User Permissions per bit position.

Permission Bit Name

Permission Bit Number

Permission Bit Mask

Description

Requires

AccessToProfileFlavors

0

0x1

Allows switching between flavors

that are part of the profile

 

AccessToSharedFlavors

1

0x2

Allows searching for flavors and

adding them to the profile, as well

as setting a default

 

AllowEdit

2

0x4

Allows user to enter edit mode and

copy flavors

AccessToSharedFlavors

AllowGroup

3

0x8

Allows user to group controls and

change Z-Index

Requires AllowMove &

AllowResize for group/ungroup.

Requires AllowEditLabels or

AllowEditComboBoxes if they

participate in Group/Ungroup

AllowMove

4

0x10

Allows user to move controls

 

AllowResize

5

0x20

Allows user to resize controls

 

AllowHide

6

0x40

Allows user to hide and show

controls

 

AllowMandatory

7

0x80

Allows user to change inputs to

optional/mandatory

 

AllowBackgroundImages

8

0x100

Allows user to upload and set

background images

 

AllowRecolor

9

0x200

Allows user to set color of

controls

 

AllowCreatePostItNote

10

0x400

Allows creating PostIt notes

Requires AllowMove &

AllowResize

AllowCreateImage

11

0x800

Allows creating image controls

Requires AllowMove &

AllowResize

AllowCreateGroupBox

12

0x1000

Allows creating group box controls

Requires AllowMove &

AllowResize

AllowCreateLabel

13

0x2000

Allows creating label controls

Requires AllowMove &

AllowResize &

AllowEditLabels

AllowCreateLauchButton

14

0x4000

Allows creating launch button

controls

Requires AllowMove &

AllowResize

AllowCreateScriptButton

15

0x8000

Allows creating script button

controls and recording of scripts

Requires AllowMove &

AllowResize

AllowCreateHtmlControl

16

0x10000

Allows creating HTML controls

Requires AllowMove &

AllowResize

AllowCreateTextBox

17

0x20000

Allows creating text box controls

Requires AllowMove &

AllowResize

AllowConvertInput

18

0x40000

Allows converting inputs

 

AllowConditionalFormatting

19

0x80000

Allows setting conditional

formatting

 

AllowEditComboBoxes

20

0x100000

Allows editing combo boxes

 

AllowEditLabels

21

0x200000

Allows editing label controls

 

AllowAdvancedScripting

22

0x400000

Allows using WebRFC and

JavaScript actions as part of the Script Button

Requires

AllowCreateScriptButton

AllowCreateCheckBox

23

 0x800000

Allows creating Check Boxes

 

AllowEditButtons

24

 0x1000000

Allows changing labels and icons of buttons

 

ShowBasicView

25

0x2000000

Show basic view for user.

 

 

 Maintain Systems

Transaction: SPRO

This can be done in this link SPRO > SAP Customizing Implementation Guide > Cross-Application

Components > SAP Screen Personas > Maintain Systems

 

SAP Screen Personas can be installed in a central system (termed as Main system) and be connected to be used with other systems (Target systems). Both the Main and theTarget Systems need SAP Kernel 7.21 or higher and the System settings mentioned in Section 2.

In the SPRO Node, maintain the system Details like System ID, Client, Description, Connector to SAPSystem. The Value for Connector to SAP System is always ITS. Once the user enters all values and clickon enter, a GUID is generated in the System Config ID which will be used as the unique ID for any SystemClient configuration.

  • Maintain Target System(s)

a. System Details

SPRO> SAP Customizing Implementation Guide > Cross-Application Components > SAP Screen Personas > Maintain Systems

 

System Detail

Value (Example)

System (ID)

CNS

Client

800

Name

Test System

Description

Personas Test System

RFC for Configuration Check

FOO_HTTP_RFC

<For connecting to Main system, this value can be left blank>

 

Once the System Details are maintained, select the row and double click on the System Settings on the left side navigation.

This takes you to the Parameter Maintenance screen for each system.

Maintain the following parameters under System settings:

 

      • Service.Uri – Please maintain the service name for accessing SAP Screen Personas here. The default service is /restgui.
      • Server.Url – Please maintain the server link for the system here. For example: https://ldfss600.pal.ess.corp:50015
      • Rendering.DeltaRendering - Set this to true if you want Personas to enable data transfer optimization between the client and server. This is intended to minimize the payload that is transferred over HTTP, thereby improving performance.
      • Rendering.State - Set this to slimstate if you want Personas to enable an optimized state format for controls and the properties than the normal full state. This is intended to condense the generated XML, thereby improving performance.

 


b. System Setting for the Target System

You have maintained system parameters for all the target system.

Select any target system and enter the parameters and values.

Property Name

Property Value

Service.Uri

/restgui

Server.Url

http(s)://target_system_host:Port

Sap.Language (optional)

EN

Rendering.DeltaRendering true
Rendering.State slimstate

 

Note: Ensure you are using Server.Url and Service.Uri (pay attention to server vs. service and Url vs. Uri).

RFC Destination

Transaction: SM59

Maintain the RFC Destination in the HTTP Connection to ABAP System


Setup the connection

    • Target Host: Maintain the Server URL of the Target System
    • Service No.; Maintain the Target System Port

  • Make sure the Logon with User is: SAP RFC Logon or SAP Standard

  • Language:  Preferred Language

  • Client: Should be the same as the one mentioned in SPRO> Maintain Systems

  • User: UserID of the target system to authenticate the connection

  • PW Status: Password of the target system to authenticate the connection

SPRO >Cross-Applications >SAP Screen Personas > Maintain System

Assign Admin Authorizations

Transaction: SU01 

An Admin authorization is required for Admins to access the Admin Transaction. A backend role

/PERSOS/ADMIN_ROLE can be used to give sufficient authorizations to the Administrator.

This enables him/her to access transaction /PERSOS/ADMIN_UI where admin can do various activities like User

If you don’t have the role you can use transaction PFCG to create it. See Section 3.6.1

Here is an example of how the /PERSOS/ADMIN_UI  transaction is assigned to a higher role:

And the YIDES_IDA role is assigned to a user SU01

Get URL to Access SAP Screen Personas from the Installed System

SAP Screen Personas can be accessed from the user’s PC using a shortcut URL. This URL can be generated by following the below steps:

1. Goto transaction SICF.

2. Select the following filters and press execute.

a. Hierarchy Type - SERVICE

b. Service Path - /sap/bc/bsp/persos/mainapp/

3.Select"mainapp" service, right click and click on test service.

4. A GUI Security dialog pops up. Select "Allow this one time" and click ok.

5.You would be taken to the personas application in the default browser window.

This URL can be used as a shortcut to access Personas.

Appendix

Important Programs, Tables and Key Transactions

Services

      • restgui         : Service for communicating with ITS

      • /persos_app : Service for communicating with ABAP Storage

Classes

      • /PERSOS/CL_HTTP_HANDLER : Handler class for the service /persos_app

BSP Applications

      • /PERSOS/MAIN_APP :  The main BSP application that hosts the Silver Light island

Programs

      • /PERSOS/ADMIN_UI  :  Personas Administration program

Transactions       

      • /PERSOS/ADMIN_UI: Personas Administrations

Tables (Transaction SE16)

                 /PERSOS/CONTCHNG : Control Changes data

                 /PERSOS/CONTLOTR: Alias data related to Control changes

                 /PERSOS/CONTPROP: Control Property Changes

                 /PERSOS/DRTX: Delta Rendering Data

                 /PRESOS/FLAVGRP: Table to store Flavor Shared to a Group

                 /PERSOS/FLAVOR: Flavor table

                 /PERSOS/FLAVSYS: Flavors and Systems

                 /PERSOS/FLAVUSR: Table storing Flavors shared with a user

                 /PERSOS/FRANKENS: Franken Screen Data

                 /PERSOS/GROUP: Table for storing Group IProfile data

                 /PERSOS/GROUPS: Table for storing Group Ids

                 /PERSOS/GRPPFLAV: Table to store Group profile Id and flavor

                 /PERSOS/MCONT: Table for Media data Contents

                 /PERSOS/MEDIA: MediaFiles data

                 /PERSOS/OVRCTL: Control ID Overwrite Logic

                 /PERSOS/OVRSCR: Screen ID Overwrite Logic

                 /PERSOS/PERSOSET: Personas Settings

                 /PERSOS/PROFSET: Profile Wide Setting Controls data

                 /PERSOS/PROPCONF:  List of properties for a control

                 /PERSOS/REDIRECT: Table for storing Redirect URL

                 /PERSOS/ROLES : Roles for personas

                 /PERSOS/SAFELINK: Table for storing Whitelist/Safelinks

                 /PERSOS/SCRNCHNG: Screen Changes data

                 /PERSOS/SHRTLINK: Table for storing Shortlinks

                 /PERSOS/SYSCON: Table System Configuration

                 /PERSOS/SYSYPROF: System Profile Controls

                 /PERSOS/SYSSET: System Settings data

                 /PERSOS/UPROFLAV: UserProfiles And Flavors Ids

                 /PERSOS/USRGRP: Users and Groups

                 /PERSOS/USRPRO: User profile date

                /PERSOS/PFCG_SYN : To synchronize the PCG role and Personas Group

                 /PERSOS/V-GRPFSY: View for Group and System Data

                 /PERSOS/V-GRPU: View for Group and System Data

                 /PERSOS/V_MGUSR: User Selection by Group

                 /PERSOS/V_MUSR: User Selection by System, Role

                 /PERSOS/V_OVRCTL: Maintain Rules for Overwrite  Control ID

                 /PERSOS/V_OVRSCR: Maintain Rules from Overwrite Screen ID

                 /PERSOS/V_PROPCO: View for Property Config Table

                 /PERSOS/V_PROSET: View for Profile Settings Table

                 /PERSOS/V_SGRP: View Group and System data

                 /PERSOS/V-SYSC1: Maintain System details

                 /PERSOS/V-SYSFLA: Flavor and System data

Screen ID vs. Control ID

In SAP Screen Personas, essentially we track the changes as per transaction Code+Program Name + Screen number.

But there are certain transactions, where the Program Name and Screen Number changes.

Why do we need Screen/Program Id OverWrite?

Let’s take an example of transaction IW23.

Keep on changing the tabs and notice the ProgramName/ScreenNumber Combination.

On “Location data” tab, you will see that the Screen Number is 7200

Now, on “Tasks” tab, you will notice that the Screen Number is 7204.

In Situations like this, we just overwrite the Screen Number

 

In this example you would use Screen ID Overwrite in the SPRO transaction.

Why do we need Control Id Overwrite Rules?

For certain transactions, the Control Ids gets changed dynamically when you do something in that Screen.

E.g. For ME21N, check the dropdown. Go into Edit mode, and copy its control ID from the Properties window.

Go into Edit mode, and copy its control ID from the Properties window.

Expand/Collapse the Header Panel and then go back into edit mode and check the control id

You will notice that there is difference between the Control IDs BEFORE and AFTER

ses[0]/wnd[0]/usrUSRAREA/subcntSUB0SAPLMEGUI0016/subcntSUB3SAPLMEVIEWS1100/subcntSUB2SAPLMEVIEWS1200/subcntSUB1SAPLMEGUI1301/subcntSUB1SAPLMEGUI6000/cmbDYN_6000LIST
ses[0]/wnd[0]/usrUSRAREA/subcntSUB0SAPLMEGUI0013/subcntSUB3SAPLMEVIEWS1100/subcntSUB2SAPLMEVIEWS1200/subcntSUB1SAPLMEGUI1301/subcntSUB1SAPLMEGUI6000/cmbDYN_6000LIST

 

First line is before and 2nd line is after. You will see that the control Ids have changed.

So for Personas to have a consistent Control ID, we overwrite in this scenario which you would use the /persos/ADMIN_UI transaction

Admin Transaction

Admin Transaction - /PERSOS/ADMIN_UI

General  Actions

Flavor Maintenance

 

Allows you to change and maintain:

Description, Flavor Owner (a flavor can only have one owner at a time),

Groups who have access to the Flavor. 

You can also copy Flavor, Delete ( only the Owner and Admin can delete a Flavor)

Media File Maintenance

 

Allows you to maintain your media files.

You can edit the name, delete, and create a media file. 

You can also make the media file global, so user can view it in their Image Gallery.

Short Link Maintenance

 

Allows you to maintain and create short links to your Flavors.

Transport Objects

 

Transports objects: Flavors, Groups, and Media Files between environments. 

Please make sure that Personas is on the same patch level,

client, and kernel level between the environments.

Control ID Overwrite Rules Maintenance

Allows you to specify the Overwrite Rule and Replacement patterns for the

Control ID's used for customizing the transactions.

User Management

User Maintenance

Mass User Maintenance

Allows you to manage users and assign flavors, systems and groups.

Profile Wide Settings

Control Specific Profile Settings

Type Specific Profile Settings

Global Text Replacement

Allows you to manage profile wide settings - specify control and type specific settings.

Group Management

Group Maintenance

Mass Group Maintenance

Allows you to create and manage groups.

Translation

Prepare for Translation

Cleanup Redundant Translation

Allows you to manage translation for texts used in the system.

Tools

Export Flavors

Import Flavors

Configuration Check

Compress Flavors

Allows you to manage flavors across systems by exporting, importing flavors,

validating system configuration and compress flavors for improving performance.

 

Troubleshooting

I do not see any Personas Roles OR Screen Id Overwrite entries OR Controld ID Overwrite entries?

SAP Screen Personas is shipped with some pre-configured values which can be found in client 000 of your system. Follow the Implementation and Configuration Guide or note 1869640 to get these values from client 000 to client XXX of your system.

Which kernel patch level shall I be on?

If your kernel patch is very old (120 or below), then you should upgrade your kernel patch first before reporting any issue for unusual Personas behavior.

When do I need Screen id OR Control ID overwrite logic?

A typical symptom is when to try to change the colors in tab or even when you try to enable the tab cache and it does not happens, then you would need either of the overwrite logics.

For e.g. from any transaction, select to see the Program Name and Screen Number as shown below (ProgramName/ScreenNumber).

At this point, start clicking the all the tabs. For any tab, if the Screen Number changes, then we need screen id overwrite entry for that particular transaction. For any transaction, if you are not able to figure out the overwrite entries, please create an OSS message.

Where do I find the latest notes which are being released?

Usual support channel is the preferred way.

Silverlight is stuck on Cross Domain Setup,  where do  we put files clientaccesspolicy.xml and crossdomian.xml Silverlight application for SAP web services?

The files have to be accessible at the root of the domain http(s)://host:port/clientaccesspolicy.xml

What if the files are not accessible at the root of the domain?

  1. Locate the parameter “icm/HTTP/file_access_0” in your system profile. If not found, create one with the below mentioned value.

OS

Parameter Value

Windows

PREFIX=/sap/public/icmandir/,DOCROOT=$(DIR_ICMAN_ROOT),ARCHIVE=$(DIR_EXECUTABLE)\ITS.SAR,CACHECTRL=+28800

 

Linux,AIX etc.

 

PREFIX=/sap/public/icmandir/,DOCROOT=$(DIR_ICMAN_ROOT),ARCHIVE=$(DIR_EXECUTABLE)/ITS.SAR,CACHECTRL=+288

 

2. Locate the parameter “icm/HTTP/file_access_1” in your system profile. If not found, create one and change the parameter value as mentioned below.

OS

Parameter Value

Windows

PREFIX=/clientaccesspolicy.xml,DOCROOT=$(DIR_ICMAN_ROOT)\clientaccesspolicy.xml,CACHECTRL=0

Linux,AIX etc.

PREFIX=/clientaccesspolicy.xml,DOCROOT=$(DIR_ICMAN_ROOT)/clientaccesspolicy.xml,CACHECTRL=0

 

3. Locate the parameter “icm/HTTP/file_access_2” in your system profile. If not found, create one and change the parameter value as mentioned below.

OS

Parameter Value

Windows

 

PREFIX=/crossdomain.xml,DOCROOT=$(DIR_ICMAN_ROOT)\crossdomain.xml,CACHECTRL=0

 

Linux,AIX etc.

 

PREFIX=/crossdomain.xml,DOCROOT=$(DIR_ICMAN_ROOT)/crossdomain.xml,CACHECTRL=0

 

 

And, restart your server instance

I can see the SAP Screen Personas System but when I click on it, it does not open SAP Screen Personas

In IE9 Open the debug window

Select the network tab

Start Capturing

Click on the system again

You should have at least 3 calls:

service makes sure that restgui is configured correctly if it has 200 then it was configured correctly

2nd call makes sure that the url is on the whitelist and is configured correctly if it has 200 then it was configured correctly – this is only done once

3rd call is the rest gui call also seemed successful (200) this call returns and renders the screen definition

If you don’t see the screen definition you want to explore more the 3rd call

      • Double click on that call
      • Select Response Body
      • What is expected is XML

If you see HTML, You need to go to your Rest Gui that you have configured on the SAP System

      • Go to SAP GUI
      • Transaction SICF
      • Check the restgui service
      • Check GUI Configuration

Parameter

Value

~RESTGUI

1

~XSRFCHECK

0

~WEBGUI

1

 

Check Handler List tab make sure the Handler is correct

  • CL_HTTP_EXT_ITS_BASIC

    If the handler does not exist there is  a  Note: 1667055

While checking the restgui service , and trying to “Setup URL Handler” facing a pop up below

Make sure when you are creating the restgui (See Section 2.2: Setup URL Hander) that you are either Specify a new package or choosing the Local Object button.

The service path name in the SPRO transaction needs to equal the service name in the SICF transaction.

 

You setup the restgui service wrong and can’t delete it

Restgui service is saved into /persos/mainapp package with SAP as owner. So it is not letting you delete it. It should have been saved into own package or as local object as

specified in Section 2.2

/persos/mainapp package will be restricted package because it will contain Personas code. You can try the following options:

Option 1 (make package modifiable)

      • Go to SE06 -> System change options ->  in the System Components list, scroll down to Personas and set it to Modifiable

      • Come back to SICF, delete restgui service and rename restgui1 to restgui

      • Reset package back to unmodifiable to avoid misuse of package in future.

Option 2 (change restgui service in connections)

      • Go to SPRO -> Cross-Application Components -> SAP Screen Personas -> Maintain Systems
      •  Select the target system and double click on System Settings

Accessing SAP Screen Personas

If you get an access error to SAP Screen Personas URL <https://DOMAINNAME:PORT//sap/bc/bsp/persos/mainapp/index.html > you may test the response of following URLs:

Testing access to policy information:

Shows content of clientaccesspolicy.xml

If nothing is shown, check the Setup Silverlight Cross Domain section

Shows content of crossdomain.xml

If nothing is shown, check the Setup Silverlight Cross Domain section

 How to Debug and open a OSS Message

How to debug:

  1. Restart Personas with the url parameter log=debug i.e. .../index.html?sap-client=123&log=debu
  2. Depending on your browser of choice (install and) open the corresponding debugging view

IE9: Tools/F12 developer tools (or press F12)

FF: We recommend installing Firebug

Chrome: Menu/Tools/Developer Tools

3. Repeat the steps that lead to the wrong behavior

4. Check the communication i.e. is there any failing call e.g. 404 Not found or 500 Server error

    • If the clientaccesspolicy.xml file is not found, make sure that you configured it correctly and that the files are where they should be

    • If there is something wrong with calls to the restgui service

      404: the service is not there or reachable: check the service in SICF

      500: have a look at the response, it usually indicates what it could be e.g.

      Memory problem: check the amount of memory that is assigned to your ITS using the transaction SITSPMON

      Transaction dump: check the error report and identify the responsible action

        • If there is something wrong with the Personas service e.g. 500 Server error

Check the configuration guide for Personas and verify each step related to the services

Check the url parameter of the failing service, this usually indicates what part of the configuration is incorrect

5. Check the console output

6. Now, you should have an idea what is wrong

  1. If it is a configuration issue, correct it, and try again

  2. If you cannot find it, ask an expert e.g.

    1. Check on  SCN

    2. Create an OSS message for the component XX-PROJ-CDP-271 with the information outlined below.

       

What all information I need to provide when creating OSS message?

To decrease the turnaround time, it will be great if following information is provided when creating OSS message:

Make sure you are on the latest patches and notes:  See Parent Note: 1964257 and Kernel Patch Level

 Provide two types of connections to your environment

        • HTTP - according to SAP Note 592085
        • R/3 - according to SAP Note 812732

All the connections should be tested with proper credentials provided

    • Detail steps to re-create the issue
    • Please attach the related log of the issue.   

 

Configuration Checklist

The latest patch of personas allows you to view a Config Checklist

Transaction /n/persos/admin_ui

Check that you have Personas System setup correctly

 

 

 

Transaction /n/persos/admin_ui

Check your Target System setup correctly

 

 

Transaction RZ10

Check the files ‘crossdomain.xml’ and ‘cientaccesspolicy.xml’ are uploaded to the correct

directory on the application server

If you are using http protocol to access Personas:
http://serverHost:Port/clientaccesspolicy.xml

http://serverHost:Port/crossdomain.xml

If you are using https protocol to access Personas:
https://serverHost:Port/clientaccesspolicy.xml

https://serverHost:Port/crossdomain.xml

Transaction SICF

  Check the PERSOS_APP exist and the ‘Test Service’ provides you with a Personas Log in

  Double check  that the Compression is Enabled to ‘Yes’

Transaction SICF

 Test the MAINAPP service

Test the Service

Result: You should get a log on screen. URL: <https://DOMAINNAME:PORT/

/sap/bc/bsp/persos/mainapp/index.html>

Transaction

SE80

 Make sure the following files exist under the Main App

  • ScreenMode.js,
  • Silverlight.js,
  • SilverlightBrowserIntegration.js
  • Utilities.js  
  • HtmlViewer.js

Transaction SPRO

Sometimes, there is no system defined. Check that at least one system is maintained.

Transaction SPRO

For the selected system, check that the parameter ‘Service.Uri’ exists with correct spelling and case. 

The value for this parameter should be maintained as ‘/restgui’.

For the selected system, check that the parameter ‘Server.Url’ exists with correct spelling and case. 

The value for this parameter should be maintained in the following format.

http://<hostname>:<port> or https://<hostname>:<port>

(Some customers, face problems with https:// In such case, try using http://)

Menu >System >Status

Check Basis Version, Kernel Version and Kernel Patch 

  • Click looking glass under the Component Version

  • Click Next button at bottom to get:

    

Transaction SICF

Test RESTGUI based on the guide

Example:

When you test the service you will get the following URL

http:// nvpal774.pal.sap.corp:8074/sap/bc/gui/sap/its/restgui?sap-client=800

You need to add the following:

http://nvpal774.pal.sap.corp:8074/sap/bc/gui/sap/its/restgui/newsession?sap-client=800

Result: The webpage should return the session id:

If you get a different response, check whether your service is activated and whether you have the right authorizations.

Example:

Also restgui settings (the following example URL assumes you have configured ‘restgui’ service at /sap/restgui):

Put following URL into your browser:  https://DOMAINNAME:PORT/sap/restgui/state/text

Control Tree

  --> [_][E][R][_]  : CONTROL_TREE

    --> [_][E][R][A] ses[0] : SESSION

      --> [V][E][R][A] ses[0]/wnd[0] : SAP Easy Access :

PRIMARY_WINDOW

….

If you get different response, check whether your service is activated

 

Other things to consider:                                                                                                                                                

Transaction SPRO

Check System Setting match

 

 

Section 3.7

Transaction SICF

Check that the services are all activated

Section 2.3

Transaction SICF

Check that compression is  “ON’ for ‘restgui’

Section  2.2.1.1

Transaction SICF

Check ‘GUI Configuration’ button

~RESTGUI - 1

~XSRFCHECK – 0

~WEBGUI - 1

Section  2.2.1.1

Transaction SICF

Check that under “Handler List” tab, you have handler class as “CL_HTTP_EXT_ITS_BASIC

If mentioned handler class is not in your system, implement Note 1667055

Section  2.2.1.1

Transaction SICF

Test the WEBGUI service

Test the service

Result:   You should get a log on screen.

 

Transaction SICF

 Test the MAINAPP service

Test the Service

Result: You should get a log on screen.

 

Transaction SU01

Check in transaction /PERSOS/ADMIN_UI, if user profile for the user is created for

the system(s) with correct role assigned.

Section 3.5

/PERSOS/ADMIN_UI>

General Actions > Maintain Control ID Overwrite Logic

 Depending on the transactions you are using, some of them might need ‘Control ID Overwrite’

Make sure it is copied from client 000.  If not  copy configuration from client 000  

Section

4.1

/PERSOS/ADMIN_UI >User Management

You have assigned the target system to a user /group and appropriate Personas Role.

 

With the latest Service Pack for SAP Screen Personas 2.0, administrators can verify configuration for the Main and Target systems and also verify if they are on the very latest version for the client and JS files.


Notes

  • Personas  Cumulative Patch release for  Personas Release 1.0/Release 2.0

Note: 1964257

  • Control and Screen ID Overwrite Rules

Make sure you have all of these transactions in your control and screen ID Overwrite table

Note: 1999747

  • Kernel Notes

You have implemented the below mentioned important kernel notes

a. 1787341 - Personas:ABAP Interface Restgui

b. 1885506 - Personas:Turn off Control (amodal) based F4 help

c. 1913055 - ABAP interface does not work correctly inside RFC calls (Only applicable for kernel patch 200 onwards)

  • ITS sizing

You have considered sizing your ITS memory based on note 1888428 and number of expected users.

(For a start, it is recommended to put value of “em/global_area_MB” as 2048 MB)

To find the current value, go to transaction RZ11 and display the parameter “em/global_area_MB”. Contact your system admin if you don’t have authorizations to increase this parameter.

  • ITS Configuration Notes

892442     Integrated ITS configuration/performance

885580     Integrated ITS: Configuration Parameters

755726     Integrated ITS, CPU consumption in R/3 application

742048     Integrated ITS, memory requirement in application

Security Considerations

Personas is a BSP (ICF based) application and uses the ITS service to render screens. The security guidelines of ITS, ICF, Portal and NetWeaver in general are applicable.

Here’s are some links that should help:
SAP NetWeaver Security Guide – http://help.sap.com/saphelp_nw73ehp1/helpdata/en/f3/780118b9cd48c7a668c60c3f8c4030/frameset.htm
ITS Security – http://help.sap.com/saphelp_46c/helpdata/en/5d/ca5237943a1e64e10000009b38f8cf/content.htm
RFC/ICF Security Guide – http://help.sap.com/saphelp_nw73ehp1/helpdata/en/48/92486caa6b17cee10000000a421937/frameset.htm
Portal Security Guide – http://help.sap.com/saphelp_nw70ehp2/helpdata/en/5c/429f00a14aa54195b1c63ae1512d10/frameset.htm

Some more links:
Implementing an External-Facing Portal - http://help.sap.com/saphelp_nw70ehp2/helpdata/en/43/8c65001c345c6ce10000000a422035/content.htm
Security in SAP Internet Transaction Server (ITS) Landscapes - http://scn.sap.com/docs/DOC-4037