Note |
---|
This guide describes the minimum configuration required to establish a connection between SAP backend and FSM using a message broker. |
You must download the Message Broker first. It comes as a ZIP package and there are two compilations: one for Windows and one for Linux. The Linux version of a message broker can also be deployed to BTP. Message Broker downloads are available in the SAP Download Centre but for the sake of easiness, you find all relevant links here as well.
After you have downloaded the right package it must be extracted to a destination directory of your own choice. For more details on executables' installation check here if using Windows and go here in case of Linux. Deployment in BTP is covered here.
Further configuration steps include
Configuration of the message broker - Message Broker YAML file.
Configuration of the web services in SAP SOAMANAGER (to be exact one web service and one proxy)
Definition of the ‘Client ID’ and ‘Client secret’ in FSM
Message Broker config file can be either maintained in the text editor (notepad++ is our recommendation) or using transaction /PACG/ECM_MBCF_GEN
...
The best would be to start with something easy - login to FSM admin section and create a new client definition, you will need Client ID and Client Secret to establish a connection between message broker and FSM. More on how to do that you will find here.
In the message broker configuration file in the ‘CloudAccounts’ section fill following information:
Id - as ID of account, in the message broker configuration but also in the Connector configuration the name of it is used (and not this numerical value you can see in FSM as ID)
ClientId and ClientSecret - this is self-explanatory, here you must enter the client ID and secret you got for your newly created client (step 1)
If you don’t want to keep sensitive information like ClientSecret as a an open text in the configuration file you can have it encrypted. How to perform the encryption you can learn here.
...
Start with message broker configuration file. Here you must enter few extremely important information:
Find section ‘
WebServiceDeinitionWebServiceDefinition’. This section is responsible for web service run by message broker. This is a service that a SAP system will be connecting to.
Key in:UserName - this is a user name with which SAP will be connecting to message broker. This is entirely made up user name, and has nothing in common with Windows users, Linux users nor SAP users - does not require any reference in any of these systems. It exists exclusively within message broker space
Password - a password for the user entered line above. This username and pass will be then needed during configuration of logical port in SAP SOA Manager. Password can be encrypted (same thing like in case of Client Secret, more on passwords' encryption you will find here) and then use PasswordSecure instead of Password.
Port - TCP port number used by message broker. Any valid value from 0 to 65353 will do however port numbers from 0 to 1023 are reserved for common TCP/IP applications and are called well-known ports so it is recommended to use higher values. Another
importimportant thing is that services can’t share TCP ports (one service - one port number), so for instance if you wanted to run several message broker instances in single server each of them must use unique TCP port. Most likely, for the first message broker you can leave default value of 9696. More on the topic of ports in networking you can learn here.
UrlPath - URL path is part of the web service address which consists of IP address or domain address of a server where it runs, protocol, port number and this path. Unlike port numbers path does not need to be unique and might as well you can leave its default value. Later on it will be needed to define logical port in SAP SOA Manager
Https - is a subsection of ‘WebServiceDeinitionWebServiceDefinition’. As mentioned in https://proaxia-prod-doc.atlassian.net/wiki/spaces/PFCC/pages/6293863/Basic+communication+setup#Key-information%3A connection from SAP to message broker can be encrypted and for that HTTPS must be enabled. This subsection includes properties which must be set to make it work. The detailed step by step description of it you can find here: Setting up secure (HTTPS) connection from SAP system to FSM Message Broker. However it is ok to use unsecured connection for testing purposes, just to make message broker work and then get to it later (if needed). In such case leave property Enabled set to false (its default value)
Now - time to configure logical port in SOA Manager. Component responsible for connecting from SAP to Message Broker (technically it is all about connecting to remote web service, no matter what it is) is called service consumer or consumer proxy and the one that comes with Connector is named ISendOutboundMessageService (corresponding internal/ABAP name is /PACG/CO_ECMISEND_OUTBOUND_MES)
Start with running SOA Manager in your SAP system (t-code: soamanager)
And then jump to Outgoing Service (SAP to FSM). Here you will find full and comprehensive guide through the configuration of the web service consumer.
Connecting Message Broker to SAP
Like above - start with message broker configuration file.
Now it is essential to define SAP system which your message broker will be connecting to.
Find section ‘SapDefinitions’ - this is where you define relevant SAP systems. Each definition (each system) is described by five properties (yes, there are six of them in the file but like it was mentioned before, you either you Password or PasswrodSecure that they are treated as one:
Id - This is identifier of your system. It must be unique but it does not have to correspond to actual SID of your system nor any other existing system name however it is recommended to use something meaningful.
UserName - this is a user name with which a message broker will be connecting to SAP system. In this case this must be an existing user defined in the SAP system
Password - a password for the user entered line above. Password can be encrypted (same thing like in case of Client Secret, more on passwords' encryption you will find here) and then use PasswordSecure instead of Password.
Url - this is a full address of web service running in SAP system. It 'tells' the message broker how to connect to the relevant SAP system and where to get it (this URL) from will be explained further below.
HttpsCertificateFingerprint - it is used to validate a certificate presented by SAP system in case of HTTPS connections. If you are going to use HTTP connection (whether temporarily or permanently) you can leave whatever value is entered. More on the subject you can read here Setting up secure (HTTPS) connection from FSM Message Broker to SAP system.
Next step - configuration of SAP web service which is an essential part of the communication channel from message broker to SAP. Dedicated service is named /PACG/ECM_WS for which corresponding binding must be created together with message broker configuration. And like in the previous step
Start with running SOA Manager in your SAP system (t-code: soamanager)
And then jump to Incoming Service (FSM to SAP) . Here you will find full and comprehensive guide through the configuration of the web service.
Match things together
The last thing that must be defined in the message broker configuration are FSM companies. First you need to define at least one company in the FSM and you can learn here how to do it. And now with the company created it’s time to combine all together in the message broker config file. Basically, the point is to ‘explain’ to message broker to which SAP system it should send data coming from particular FSM company and the other way around - to which FSM company it must send data coming from particular SAP system
Find section ‘Companies’
Each FSM company is described by three properties:
Id - unique identifier of a company and like in case of Account Id you must enter here the name of a company and not its FSM numerical identifier
CloudAccount - here you enter the cloud account Id in which the company was created, it is the same Id which is entered in CloudAccounts section
SapDefinition - here you enter the Id of SAP system with which the company created in FSM should be synchronised - this must be the same Id that was used in ‘SapDefinitions’ section
Proxy
This is not obligatory part but it is possible that you use proxy to connect to the Internet. If this is the case you must enter required information also in the message broker configuration otherwise it will not be able to connect to FSM. So if you need to use proxy uncomment the ‘Proxy’ line to enable entire section and then provide required parameters - host and port at least.
Final Step
The very final step - start message broker and check its logs for any errors. The most common problems that can occur:
Syntax errors - YAML is very sensitive when it comes to syntax, so all unexpected spaces, lines indented in wrong place, missing colons and so on…
Connectivity - message broker can’t connect either to FSM or to SAP web service or both. Next, to obvious reasons like incorrect addresses or ports' number, is not configured firewall or not enabled proxy, so check with your networking team
Panel | ||||||||
---|---|---|---|---|---|---|---|---|
| ||||||||
To check if connection from SAP to message broker is established use /PACG/ECM_PING_MB - Ping Message Broker. Until you configure your company in the Connector, in SAP the /PACG/ECM_COCKPIT - FSM Connector Cockpit will show connection error. |