This is particularly critical when web services follow the urban legend that they should be equipped with authorizations for a technical user of type SERVICE. The GUI can be attached to them in the debugger and display access is enough to set an external breakpoint, switch to the system debugger and single-step the call into the RFC debugger.
You will then battle a bit with commands to open a new session, but you should not give up too easily if the debugging of the service user leg of the call is authorized for the debugger as well.
But the ABAP debugger is truely a wonderful tool for developers in development systems - that is undeniable.
Cheers,
Julius