Hi Martin,
basically your suggestion is to use logon tickets (issued by external authority) authentication. User authenticated and having valid ticket would not be checked in SAP again. Simply SAP would allow running BAPI with the user having the ticket. There needs to be SNC connection established between JAVA app and SAP to make this work; I believe. Do I get it correctly?
I was thinking whether there is more "out of the box" support of impersonation by JCo. Something like if there would be a more parameters within JCo connection like ImpersonUserId along with UserId...
However turns out that this is not the case in JCo...
Seem this kind "out of the box" impersonation is supported by NW RFC SDK 7.1 which has parameter e.g. USREXTID...
Thanks!
cheers
m./