Administration
Security and Encryption
eBusiness Web Services must be used with SSL encryption to be secure. The URL for eBusiness Web Services will start with https:// if SSL is being used. Sage 100 eBusiness Web Services should never be used without SSL encryption.
Access to the Sage 100 system from eBusiness Web Services is controlled at three levels:
eBusiness Web Services works with Sage 100 role-based security. eBusiness Web Services calls are treated as maintenance actions (Create, Modify, Remove, or View) in the context of role-based security.
To determine which tasks must be enabled for a particular web services method, see APIs.
For example, to allow creation of a new customer, in Library Master Role Maintenance, click the Tasks tab and select Accounts Receivable > Main > Customer Maintenance > Create.
System Configuration Setup
eBusiness Web Services must be enabled for the system by selecting the Enable Web Services check box in Library Master Setup menu > System Configuration.
Company Maintenance Setup
eBusiness Web Services must be enabled for each company where access is required by selecting the Enable Web Services check box in Library Master Main menu > Company Maintenance.
User Maintenance Setup
eBusiness Web Services must be enabled for each user that is allowed access to the Sage 100 system through eBusiness Web Services by selecting the Enable Web Services check box in User Maintenance.
If you purchased Sage 100 through a subscription service, User Maintenance is on the Security menu; otherwise, it's on the Main menu.
Error Logging
eBusiness Web Services logs all errors to the Windows Event Log in the eBusiness Web Services log.
The details of unexpected exceptions are hidden from the web services client for security reasons. When these errors occur, the client will receive the message: "An exception occurred." in the SOAP fault. The full details of the error will be available in the Windows Event Log.
Object Cache
eBusiness Web Services uses an object cache to handle requests efficiently. When a request is made, eBusiness Web Services checks the cache to see if existing objects are available to fulfill the request. If objects are available then they are used. If objects are not available, then new objects are created and are added to the cache after the request is completed.
Objects that are added to the cache are available only to the same user name that created the objects. For this reason, the cache is more efficient if a common user name and password is used by the client application. For example, most ecommerce sites have no need to log onto eBusiness Web Services with multiple user names as the ecommerce users purchasing items over the Internet will not have a Sage 100 account. Therefore, an ecommerce site would use a dedicated account to access eBusiness Web Services.
Certain maintenance operations in the Sage 100 products, such as adding a UDF, require exclusive use of the Sage 100 data files. Due to the use of caching, eBusiness Web Services can have data files open even if there is no activity. The eBusiness Web Services application pool should be stopped through Internet Information Services Manager before running operations that require exclusive use of the Sage 100 data files. Stopping the application pool will clear the cache and reject incoming web services requests that could interfere with the maintenance operations.
Permissions
eBusiness Web Services runs in the context of the eBusinessWebServices user account. The eBusinessWebServices user account requires permissions to the Sage 100 application and the files that the Sage 100 application accesses. The eBusiness Web Services installer will attempt to set these permissions; however, permissions may need to be set manually under certain circumstances such as when a new alternate directory is created.
The eBusinessWebServices user account must have the following permissions set:
- Full Control of the MAS90 base directory
- Full Control of all alternate directories that will be accessed from eBusiness Web Services
- Read & Execute permissions for the Program Files\Common Files\Sage\Common Components folder
- Read & Execute permissions of the eBusiness Web Services installation folder
- List Folder, Read Data, and Delete permissions for the Windows\Temp folder