EP Authentication through WebService

Hi all,
I need to implement a login module in a .NET standalone application that gets the user profile in EP 6.0 SP2. Next the app will send some SOAP messages to SAP XI.
I want to validate the user and password from a .NET login screen and validate the user & password in the Portal.
I have read something about UMWebService but it doesn't include any login method.
Another question is how to authenticate in the UMWebService if it's set HIGH_LEVEL security zone. I am able to execute it with Everyone access permitted, but if I avoid Everyone access to the security zone how can I pass the user & password to the WebService from .NET app. If this is possible with something like "Credentials" object, I can execute some dummy method in the standard WebService and if I get response I assume that the user is authenticate because it has been able to execute the webservice. If not, and exception "Authentification error while executin UMWebService".
Any solution for this problem?
Any other solution?
Thanks

Hi Luis,
why <u>explicitely</u> verifying user and password? What about doing it <u>implicitely</u> by having some "ping" like portal web service which requires authentication and using that web service then? If you add valid credentials to the web service request, authentication to the portal should succeed and you should receive a response that contains some expected "ping" data.
No need to alter security zones then
Regards
Heiko

Similar Messages

  • PL SQL Web Service Authentication through LDAP

    I have created one PL SQL Web Service and I would like to provide token security through LDAP.
    I have configured LDAP for deployed webservice in oracle IAS 10.1.3 Service.
    Problem Description: <?xml version="1.0" encoding="UTF-8"?>
    <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ns0="http://dbconnection1/MobileWebService.wsdl/types/"><env:Body><env:Fault><faultcode>env:MustUnderstand</faultcode><faultstring>SOAP must understand error: {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security</faultstring></env:Fault></env:Body></env:Envelope>
    I have provided LDAP authentication through oracle iAS Setup.
    Please help

    Hi I am looking out for a good friend of mine, Rajeev Dave from Vijaywada, if your the one, please email me [email protected]
    thanks,

  • How to capture userinfo after a partner application is authenticated through SSOSDK?

    I have successfully installed and deployed the Partner application for Portal using SSOSDK. My question is, once the user is authenticated through SSOPartnerServlet.java and gets thrown back to the partner app(PAPP), how do we get the user info(i.e. username) from the PAPP?
    Is there an API?
    I have already asked this question from oracle tech and they told me to post it
    Thanks,
    Hamid

    Pass the name of a subrotine to handle your user commands to the fm parameter.
    I_CALLBACK_USER_COMMAND = 'USER_COMMAND'.
    Then code for the user command function,
    form user_command using r_ucomm type sy-ucomm.
    case r_ucomm.
    when '<FCODE of your button>'.
    Code your logic....
    endcase.
    endform.
    To add your button using your own pf-status, you should copy a standard gui status and modify it.
    To trigger this pf-status you should pass routine name to I_CALLBACK_PF_STATUS_SET.(I_CALLBACK_PF_STATUS_SET = 'SET_PF_STATUS..)
    form set_pf_status.
    set pf-status 'ZSTAT'.  "THis ZSTAT must be created by copying a STANDARD pf-status of say some std program like SAPLKKBL. and then modifying it.
    endform.

  • Cannot use SASL Authentication Through GSSAPI on DS 6.3

    I try to kerberized DS 6.3. I do step by step instruction from "Sun Java System Directory Server Enterprise Edition 6.3" and it doesn't work.
    When I try to configure the Directory Server to Enable GSSAPI I get an error:
    modifying entry cn=SASL,cn=security,cn=config
    ldap_modify: DSA is unwilling to perform
    ldap_modify: additional info: Modification not allowed on attribute dsSaslPluginsPath
    After all when I try to authenticate to the Directory Server i get response:
    ldap_sasl_interactive_bind_s: Authentication method not supported
    ldap_sasl_interactive_bind_s: additional info: sasl mechanism not supported
    Logs file:
    +[22/Sep/2008:10:28:11 +0200] conn=2 op=-1 msgId=-1 - fd=22 slot=22 LDAP connection from 10.3.233.4:33054 to 10.3.233.4+
    +[22/Sep/2008:10:28:11 +0200] conn=2 op=0 msgId=1 - BIND dn="" method=sasl version=3 mech=GSSAPI+
    +[22/Sep/2008:10:28:11 +0200] conn=2 op=0 msgId=1 - RESULT err=7 tag=97 nentries=0 etime=0, sasl mechanism not supported+
    +[22/Sep/2008:10:28:11 +0200] conn=2 op=1 msgId=2 - UNBIND+
    +[22/Sep/2008:10:28:11 +0200] conn=2 op=1 msgId=-1 - closing from 10.3.233.4:33054 - U1 - Connection closed by unbind client -+
    +[22/Sep/2008:10:28:12 +0200] conn=2 op=-1 msgId=-1 - closed.+
    system specyfication:
    Solaris 10 x86 64-bit
    DS 6.3 B2008.0311.0212 NAT

    See http://forums.sun.com/thread.jspa?forumID=761&threadID=5202246 for a description of the problem and a workaround.
    If you have a Sun support contract, you can request an escalation of CR 6637404.
    Also, note that it looks like part of the documentation went missing. In DS5.2 the docs included an additional step
    Chapter 11 Implementing Security
    Configuring Client Authentication
    SASL Authentication Through GSSAPI (Solaris Only)
    http://docs.sun.com/source/816-6698-10/ssl.html#18500
    ldapmodify -D 'cn=directory manager'
    dn: cn=SASL,cn=security,cn=config
    changetype: modify
    add: dsSaslPluginsEnable
    dsSaslPluginsEnable: GSSAPI
    replace: dsSaslPluginsPath
    dsSaslPluginsPath: /usr/lib/mps/sasl2/libsasl.so
    modifying entry cn=SASL,cn=security,cn=config
    ldap_modify: DSA is unwilling to perform
    ldap_modify: additional info: Adding attributes is not allowed
    -------------------------------------------------------------

  • Queue Name is Initial while calling XI through webservice

    Hi All,
    While i am sending data to XIServer through webservice with Quality of service as EOIO i am getting the response
    <b>XIServerINTERNAL.ATTRIBUTE_INITIALQUEUE_NAMEAttribute QUEUE_NAME is initial</b>
    Due to this i cannot see any messages in SXMB_mONI..
    Can anybody give solution or suggestions...
    And also CCMS status is in red in component monitoring of Adapter engine for XISERVER...
    Thanks and regards,
    Sridhar

    Hi Michael,
    Thanks for u r reply,
    I am not using Soap Adapter, I am using XI adapter, and followed the Doc how to send XML data to BW using the doc
    http://service.sap.com/~sapidb/011000358700011142902001E/HOWTOSENDXMLDATATOBW.DOC
    My scenarion is XI-BW integration.
    Here I am trying to send XML data as mentioned in the doc.. i can see the messeges if i give the QOS as EO but if i give EOIO then the said response i am getting...
    Request u to give solution or suggestion...
    Regards,
    sridhar

  • How to do .1x port based network access authentication through ACS

    How to do .1x port based network access authentication through ACS.

    Hi,
    802.1x can authenticate hosts either through the username/password or either via the MAC address of the clients (PC's, Printers etc.). This process is called Agentless Network Access which can be done through Mac Auth Bypass.
    In this process the 802.1x switchport would send the MAC address of the connected PC to the radius server for authentication. If the radius server has the MAC address in it's database, the authentication would be successful and the PC would be granted network access.
    To check the configuration on the ACS 4.x, you can go to http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.1/configuration/guide/noagent.html
    To check the configuration on an ACS 5.x, you can go to http://www.cisco.com/c/en/us/td/docs/net_mgmt/cisco_secure_access_control_system/5-2/user/guide/acsuserguide/common_scenarios.html#wp1053005
    Regards,
    Kush

  • Passing data through webservices.

    Hi All,
    I have two doubts.
    1. Can we call a webservice without calling creating an ABAP Proxy?
    2. If yes how can i pass my internal table through webservice.
    any code snippet or wiki link regarding this will be very helpful.
    TIA
    Vikash Singh

    Hi Vikash,
    Go through the below link, it has a simple example which will help you,
    just search for "Calling a web service in ABAP that validates an email id" and click on the link of saptechnicaldotcom
    or try this
    http://help.sap.com/saphelp_nw70ehp2/helpdata/EN/1f/93163f9959a808e10000000a114084/content.htm
    Also, for transforming your internal table into XML, you can use the below piece of code
    CALL TRANSFORMATION ID  
       SOURCE root = ITAB
       RESULT XML xml_string.
    And you can pass the XML_STRING as input to the "CREATE_BY_URL_METHOD".
    But the XML_STRING will need to be in the format that the service can understand, you might have to modify it accordingly.
    Regards,
    Chen
    Edited by: Chen K V on Apr 26, 2011 1:04 PM
    Edited by: Chen K V on Apr 26, 2011 1:07 PM

  • OSB: HTTP digest authentication for WebServices

    Hi,
    How do I configure HTTP digest authentication for WebServices offered by the OSB (Proxy Services with WS as transport)?
    Best regards
    Dimo

    Did you figure out how to do it.?

  • OBIEE 11.1.1.6.2 BP1 authentication through Shared Services EPM 11.1.2 .2

    Hi,
    Any idea how to get the authentication in OBIEE through Shared Services to work?
    We use Native Directory and MSAD in SS, hence we need to get the authentication through Shared Services.
    We were able to run this on EPM 11.1.1.3 through LDAP server of Shared services port 28089, surely not working now.
    I've tried both of the following but still no luck:
    http://gerdpee.wordpress.com/2011/06/17/oracle-weblogic-and-hyperion-shared-services-11-1-1-3/
    http://gerdpee.wordpress.com/2011/06/17/integration-sort-of-of-obiee-11-1-1-5-and-hyperion-shared-services-11-1-1-3/
    Please help. Many thanks!!!
    Cheers,
    Steve

    Hi Steve,
    I have not been through this, but hope this helps you though. While we run the System configurator Wizard (EPM 11.1.1.2), we are now having an option to integrate EPM with OBIEE. Have you given it a shot?
    I am just thinking, if we could had it configure for us, we could directly access the Subject Areas from OBIEE, just like what Mark had mentioned here : http://www.rittmanmead.com/2009/01/epm-workspace-111-and-obiee-10134-updated/
    You could further look into the "SSO using CSS Token" field in the connection pool, too.
    Hope this helps and I will let you know, if I have any other information.
    Thank you,
    Dhar

  • Send the adobe form through webservices

    Hello all,
    i have a requirement in adobe form. When i click on submit button the total pdf form have to be sent through webservices and update as a string in a SAP ztable. so that i can retrieve the string and convert it into pdf again and reuse it.
    can anyone suggest, is it possible to do. Please suggest if anyone already worked on this scenario before or like.
    Thanks in advance,
    Prakash reddy .S

    Hello Sreelatha,
    I think we cannot hide a page.  as in, page is the main container.  In a container, we can hide any field using some scripting.  Even though if we hide the field, it is present on page but not visible. 
    but if some logic is there, please let me know.
    Thanks,
    Rakesh.
    Edited by: rakhi966 on Sep 8, 2011 8:54 PM

  • ACS user authenticating through Windows Database

    Hello,
    Please, i need a document/ guideline on how to configure ACS 4.2 user authenticating through Windows Database and the ACS server is running on an appliance.
    Please, help.
    Regards,
    Ethelbert

    Hi,
    If you delete the user in AD, then it would not authenticate the user even if the dynamic mapped user exists in the ACS database, as the password would not be verified from the AD for the user.
    The dynamically mapped user entry would still exist in ACS and would not get deleted if the user is deleted from AD.
    tnx
    somishra

  • EDQ authentication through Novell

    We are currently using AD as our authentication platform for EDQ. We need to set up additional configurations for authentication through Novell. Has anybody done this? What is different from the AD configuration?
    Thanks
    Craig

    Hi Craig,
    Apologies for the late response on this. I believe an SR has been logged, and a response will be available on the SR very shortly.
    Some basic notes are as follows. The examples files are missing below (but will be on the SR):
    EDQ does not have out of the box support for Novel eDirectory. However it can be configured easily. To do this, you need to define a ‘realm’ with connection details for the eDirectory server and an associated ‘profile’ defining the LDAP search filters and attributes to use with the eDirectory.
    All this information can be added to the login.properties file but it is sometimes simpler to define the information in separate files. Realm information can be define in files in the realms subdirectory of the security directory and profile information can be stored in the profiles subdirectory.
    These are the steps:
    1. In the login.properties file, add a realm ‘edir’ to the realms list:
    realms = internal,...,edir
    2. Create a directory realms in the security directory and store the attached edir.properties there. Amend the file with:
    •     The LDAP server address. The example file has 10.8.1.182.
    •     The correct LDAP domain information. The example file users the domain o=rde
    •     The DN and password of the user used to connect to LDAP. The example has cn=rde,ou=users,o=rde
    •     The LDAP group used to contain EDQ users. The example has testgroup
    •     If the server has a certificate installed, uncomment the ‘ldap.security’ line to enable SSL connections
    3. Create a directory profiles in the security directory and save the attached novell.properties there. This file is suitable for a standard eDirectory setup and should not need any changes. It assumes:
    •     An objectClass of inetOrgPerson for users
    •     An objectClass of groupOfNames for groups
    •     The unique ID of user and group entries is the GUID attribute
    The profile can be tweaked if these assumptions are not correct.
    Regards,
    Mike

  • Centralized authentication through insecure net, ASA

    Hi all,
    I'm looking for some ideas, products e.g. that can help me to achieve the following scenario:
    - We have several customers with Cisco ASA
    - We want to provide our IT-Engineer staff a remote vpn access to each customer site
    - We need a centraliced AAA for the enginer vpn-authentication (TACAC+, RADIUS e.g.)
    - The centralized authentication server should be on our site. So each ASA (customer site) has to do the authentication
       through the insecure internet to our AAA server
    - Site-to-site is not an option (several customer sites have the same IP-range)
    Any ideas?
    Thanks a lot,
    Norbert

    Norbert
    I would look at using certificates for this. So each customer ASA uses your centralised certificate server for authentication.
    You can use something like Microsoft CA server to act as the certificate server.
    There are plenty of docs on Cisco site for using certificates both with the VPN client and the ASA.
    Jon

  • Facing Time out after 270 sec through webservice.

    Hello all,
    I am invoking PDF generator for Postscript through webservice along with a cofiguration xml which has timeout set to 10000. But the service doesnot recognise this value & always gets timed out at 270 sec which is its default value.
    I tried converting a PS file to PDF using the GUI by setting the timeout parameter to a higher value than 270 but it still got time out at the default value.
    Please help me solve this prob...
    Thanks in advance.
    -Vineesh.

    Which version of Java?
    Which web app server/db and version?
    Does it work for small (<10Meg files)?
    I've never needed a timeout over 4 minutes even for 500Meg+ PS files, although I'm interacting through the EJB interface, not the webservice.
    I believe there may be some way to increase the timeout further, although I think it involves editing configuration files within the ear/war/jar structure of the deployed libraries; the 270 second value does appear in native2pdfconfig.xml in the pdfg-all.ear on the professional version of PDFG, although I don't have time to test whether this value actually has an effect on the maximum timeout. It may appear elsewhere too. And I'm not sure if it will be in the same location in the postscript only version.

  • "Join" Objects through Webservices

    I'm trying to find a fast way to join objects through webservices.
    What do I need?
    -An extract of the recipients from a campaign joined with contacts
    What do I have?
    -I have an extract of the recipients of the campaign...
    What's left?
    -No I have the ID's of the contacts and I could get the information of the contacts 1 by 1. This means if I have 100 recipients, that I have 101 webservice calls.
    My question?
    Is there a way to get all the contacts with 1 webservice call, containg the needed info from recipients?

    Probably not, Campign - Contact is Many-to-Many relationship. You can query contacts where 'SourceCampaignName' field equals some camagin, but it not the same that you want.

Maybe you are looking for

  • How can I make Recover_Mode Is Real Time Apply in Data Duard

    Hi Experts I have Primary and Standby Databases I need to know how can I change the recover mode to Real Time Apply? I run the following queury in Primary Site: SELECT RECOVERY_MODE FROM V$ARCHIVE_DEST_STATUS WHERE DEST_ID=2; RECOVERY_MODE MANAGED I

  • Waas inline in L2 environment

    Hi, A new WAAS installation is planed. The customer has 3 sites with one WAAS on each. On each site, there is no core layer. The L3 device is the ISP router. So, the WAAS will be plugged via inline interfaces between the ISP router and a switch. The

  • Playback Control Tab missing! Help!

    Hello I'm using Final Cut Studio 2 (6.0.5) to edit a project that was filmed on the Red Cam. When I import the full res quicktimes into the project and onto the timeline, the playback control tab doesn't have any options for me to change the playback

  • How do I get to print when my printer says "off line" ?

    My HP Deskjet D4360 is plugged in and has 2 bars of colored ink and 1 bar of black ink showing on the printer; yet when I first turn on the printer, the golden ink drop flashes for 2-3 times and disappears. Does this mean that I still have to replace

  • HT1349 My iphone 4s sound is not working

    My iphone 4s sound is not working