Info | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Contents:
Related pages:
|
Introduction
In order to Kiuwan execute any analysis, first you must indicate where the source code is located.
This first step seems trivial when you are working with a file system or with any source code repository, but it’s not so when you are working with SAP.
Info |
---|
Abap code is located within SAP Server, so you should first to extract ABAP code and let Kiuwan know where the source code is located. This way, Kiuwan will scan the code and deliver to you the analysis results. After extracting the ABAP code, Kiuwan analysis is ready to be executed (manually or automatically). |
Welcome to SAP Extractor for Kiuwan (SAPEX)
Info |
---|
To analyze ABAP code in Kiuwan, source code and information from SAP system need to be exported previously to be analyzed by Kiuwan. Kiuwan SAP Extractor (SAPEX) performs these tasks.
NOTE: SAPEX is expected to run in any SAP NetWeaver 7.2+ platform. Contact Kiuwan Technical Support Kiuwan Support for previous platform versions. |
How it works
When SAPEX components (programs, function modules, support classes, OS commands) are installed on the target SAP system, the user may perform the following operations:
- Extract source code
- Either by running a program within SAP server (
ZKW_SAPEX_CODE
) , or remotely (using thesapexCode.xml
script), extracted code can be analyzed with Kiuwan Local Analyzer. - The code elements to extract could be based on transport requests / tasks, packages, and the type and name of the element (programs, function modules, classes, web dynpro components, etc.)
- Either by running a program within SAP server (
- Extract system information ("metadata")
- Metadata are used by Kiuwan rules to search for defects and vulnerabilities
- For example, to ensure that authorization is performed properly, information about authorization objects and authorization groups (extracted from TOBJ and TDDAT tables) is used by many security checks in Kiuwan.
- Metadata extraction could be performed either by running a program within SAP Server (
ZKW_SAPEX_METADATA
) , or remotely (using thesapexMetadata.xml
script).
Perform analysis on extracted source code
Within a SAP system with Kiuwan Local Analyzer deployed, by running the
ZKW_ANALYSIS
program. It offers the possibility for extracting source code before analysis.
Add automated audits before releasing changes
SAP's Change and Transport System (CTS) may register an implementation for the CTS_REQUEST_CHECK 'classic' BAdI.
Source code extraction, analysis and evaluation of audit checkpoints may be performed before accepting (or rejecting) the release of a change request / task, according to organizational quality and security standards.
Introduction
In order to execute any Kiuwan analysis, you must first indicate where the source code is located.
This first step seems trivial when you are working with a file system or with any source code repository, but it’s not so when you are working with SAP.
Info |
---|
ABAPcode is located within SAP Server, so you should first extract ABAP code and let Kiuwan know the location of the extracted info. After extracting the ABAP code, Kiuwan analysis is ready to be executed (manually or automatically). This way, Kiuwan will scan the code and deliver to you the analysis results. |
Kiuwan always works with Kiuwan always works with the concept of application.
In Kiuwan terms, an application is the analysis unit, i.e. a set of source code files that has some functional meaning for you and, consequently, needs to be analyzed as a whole.
Once you define a Kiuwan application, you will let know Kiuwan where’s the source root directory where the source code files of that application are located. Kiuwan will analyze those source code files as a unit, providing comprehensive results.
...
. a set of source code files that has some functional meaning for you and, consequently, needs to be analyzed as a whole.
Once you define a Kiuwan application, you indicates Kiuwan the source root directory, i.e. the directory that contains the source code files of that application.
Kiuwan will analyze those source code files as a unit, providing comprehensive results.
Info |
---|
Depending on your development life cyle you can have different needs. Sometimes you will need to analyze a complete package, while other times you will only need to analyze a transport order. Kiuwan allows you to fully integrate the analyses within your custom development life cycle by providing different types of analyses:
Please visit Kiuwan Life Cycle Doc for complete information |
...
. |
Besides, you can always govern you applications by organizing them by portfolios that define the real dimensions that are important for you and your organization.
Info |
---|
Follows the approach to integrate SAP and Kiuwan
|
Modeling ABAP code into Kiuwan
...