Password Management for Extranet Applications

  • by Thomas G. Schuessler, Founder, ARAsoft
  • July 15, 2001
An extranet application allows users outside your firewall limited, controlled access to certain functionality within the firewall. If this functionality involves SAP, and you want to assign users a generic password, how do you control access to extranet applications so that only selected business partners can use them? This article examines the password management capabilities offered by SAP, including the online SAPGUI transaction for maintaining extranet userids, the password BAPIs available for object types like Customer, Vendor, etc., and a component written in Java that encapsulates access to the password BAPIs.

Thomas G. Schuessler

Thomas G. Schuessler is the founder of ARAsoft (, a company offering products, consulting, custom development, and training to a worldwide base of customers. The company specializes in integration between SAP and non-SAP components and applications. ARAsoft offers various products for BAPI-enabled programs on the Windows and Java platforms. These products facilitate the development of desktop and Internet applications that communicate with R/3. Thomas is the author of SAP’s BIT525 “Developing BAPI-enabled Web Applications with Visual Basic” and BIT526 “Developing BAPI-enabled Web Applications with Java” classes, which he teaches in Germany and in English-speaking countries. Thomas is a regularly featured speaker at SAP TechEd and SAPPHIRE conferences. Prior to founding ARAsoft in 1993, he worked with SAP AG and SAP America for seven years.

See more by this author


No comments have been submitted on this article. 

Please log in to post a comment.

To learn more about subscription access to premium content, click here.