Authenticating from an HTML5 application

Hi,
I need to authenticate to my BSP applications from a form developed using HTML5. The form is rendered locally and contains a input fields for username and password. The username and password entered in this form need to be used for logging into the BSP. We do not have any portal, or any other middleware. We will just be passing the URL and password to the BSP.
One option is to append the user id and password to the request URL as sap-user and sap-password parameters.
However, I have learnt from several other forum questions that this is not a recommended approach. Also, I would not like the user to be prompted for authentication again as long as the session is valid.
Any help regarding this query would be greatly appreciated.
Thanks,
Vibhu

Just read the doco mate. [http://help.sap.com/saphelp_nw73/helpdata/en/48/3a0638902131c3e10000000a42189d/frameset.htm]
Cheers
Graham Robbo

Similar Messages

Windows authentication from an enterprise application

Hi All,
Does anyone has any idea how to go about implementing windows active directory authentication from an enterprise application.The requirement is that the users across a particular domain should be able to use the application by using their windows login/password.
Thanks

I think you should look at Sun or Oracle Identity Management Solutions
These product offers what you are looking for and they also have SDKs, so you can really extend their strength.
Regards,
Michael

How to make use of Windows authentication from my Java application

I have a Java application, Instead I design one more login page for my application, I want to make use of Windows Authentication.
How should I use that windows authentication in my java application
can any help me in suggesting a solution

How will they be able to access your application if they aren't users of the system?

Azure mobile HTML5 application - facebook authentication on iPhone in app mode

I have an HTML5 application that uses Azure mobile authentication to login (straight from the example code...provided below). It works fine in all desktop browsers and iPhone in Safari. But from app / full screen mode, it does nothing (doesn't
ask for permission to show a popup window like it does in safari and no popup windows shows up) and I can wait forever and nothing happens. If I invoke it a second time, it gives an error saying "Error: Unexpected failure"...perhaps because
the 1st attempt is still running? Can anyone provide some assistance? Thanks.
client.login("facebook").done(function (results) {
         alert("You are now logged in as: " + results.userId);
    }, function (err) {
         alert("Error: " + err);

I did some more research and found a site that uses an approach that overcomes this problem and also solves two other side effects with the current Azure mobile approach to authentication. I think the Azure mobile team *might* be looking to do something
similar because there are some hints of other authentication options in the code (although difficult to read and be sure because the minimized code is obsfucated). It might be just a matter of activating these in the code...
The solution:
Go to http://m.bcwars.com/ and click on the Facebook login. You'll see it works perfectly in iPhone Safari in "app mode" becuase instead of doing a popup, it simply stays in the current browser window.
This approach solves two other problems with the current Azure mobile approach. First, the popup gets interpreted by most browsers as a potential ad and is either blocked automatically (desktop Chrome) ... and the user doesn't know why it's not working...or
gives a warning which the user has to approve (iPhone Safari in "browser mode") which is a hassle. And if the user has a popup blocker, it gets more difficult and even more potential for the user not getting it to work properly. The bcwars.com
method doesn't have this problem.
Second, in iPhone Safari, when the popup window auto closes, the original page doesn't get focus if there are other browser windows open in Safari. Instead, it's in the smaller/slide mode so they can choose which one to show. If this happens,
the user has to go through one more sttep...click on the browser window to activate it and give it focus..again more of a pain and more potential for them to mess up and not do it correctly and need help. The m.bcwars.com doesn't have this problem.
Azure options:
Looking at the Azure mobile code it looks like may already have the solution. I can't read it easliy becuase it's minified/obsfucated, but it seems to have 4 options (including iFrame, etc.) for invoking the authentication, and only 1 (the "less
ideal one" of a popup) is being used. An easy solution would be to set a property to allow one of the alternate authentications to work. But I can't read it well enough to figure it out. Another would be to hack the code (temporarily until
a fix is put up by Microsoft).
Could I get some help there perhaps?

Unable to consume secured Web service from a Dynpro application

Hello,
I have followed <a href="http://help.sap.com/saphelp_nw04/helpdata/en/c3/bac36a469e4c75aba646077e71516d/frameset.htm">this tutorial</a>
in order to protect and consume a secured Web service from a Dynpro application using SAP logon ticket.
The problem is that after implementing everything needed I receive 401 Unauthorized when I am trying to consume it from the web dynpro side.
If I manually transfer the request the credentials, before the execute i.e:
modObj._setUser
modObj._setPassword
modObj.execute();
I am able to call it, meaning the dynpro application doesn't transfer these credentials to the Webservice even though it's authentication property is set to true.
Any idea how to solve it?
Roy
Message was edited by:
Roy Cohen

Try below steps
Add jars
o security.class
o tc/sec/destinations/interface
Setting WebDynpro project property
o Project>Properties>Web Dynpro References-->Interface references
 Name=tcsecdestinations~interface
o Project>Properties>Web Dynpro References-->Service reference
 Name=webservices
 Name=tcsecdestinations~service
Dynamically Set httpdestination and Call web service
final InitialContext ctx = new InitialContext();
final DestinationService dstService = (DestinationService)ctx.lookup(DestinationService.JNDI_KEY);
if (dstService== null)
throw new NamingException ("Destination service not available");
final Destination destination = dstService.getDestination("HTTP"," DestinationName");
// getting user name
Properties destprop = destination.getDestinationProperties();
String username = destprop.getProperty("USERNAME");
String password = destprop.getProperty("PASSWORD");
final HTTPDestination httpDestination = (HTTPDestination) destination;
HttpURLConnection httpConnection = httpDestination.getURLConnection();
String httpURL = String.valueOf(httpConnection.getURL());
Request_AdvLocationVer1ViDocument_getLocation obj=wdContext.currentRequest_AdvLocationVer1ViDocument_getLocationElement().modelObject();
obj._setUser( user );
obj._setPassword(pass);
obj._setEndPoint(httpURL);
obj.execute();
Rahul

Kerberos based authentication from AS 10.1.2 to Active Directory 2008

Hello,
just a short question: Has anyone achieved to authenticate via kerberos to a Windows 2008 domain?
Info: We like to continue to use the SSO and Windows Native Authentication feature. It worked with our Windows 2003 domain. But our domainserver was updated and we cannot make a connection from our Oracle application server (10.1.2.0.2) to the new domain via kerberos. The ktpass shows errors (according pType) while creating the sso.keytab. The keytab file is created. The kinit-tool (for testing the keytab file) shows errors again. Also the OPMN log shows during startup an error.
Any hint would be appreciated,
regards
Joerg

unzip in a new folder and start jdev, it'll ask if you want to copy the configurations from an earlier version. after that you only need to install custom extensions:
copy all files from old_version_jdev\jdev\lib\ext to new_version_jdev\jdev\lib\ext which are in old_version_jdev\jdev\lib\ext but not in new_version_jdev\jdev\lib\ext
better to first shut down jdev!
if everything works in the new version you can delete the old one.
if you are using an OC4J standalone or ias remember to update the adf version there too!

Cannot print with authentication from acrobat pro on osx

My company has a printer that requires authentication in the form of a 5 digit "account code", which is entered into the print driver installed on my laptop (OSX 10.9). My printer service company has saved the account code in my print driver so that whenever I submit a print job it is sent to the printer with the account code and the job prints properly. If a print job is submitted without an account code then the job is rejected and never prints.
Adobe Acrobat Pro NEVER uses the default printer settings that I have set up on my computer. Which means that most of the time when I print from adobe acrobat the print job is rejected. If I click on the "printer..." button to access the print driver then my default settings show up and my account code is included with my print job but that NEVER happens automatically, which means that EVERY TIME I print something I have to remember to bring up my print driver and verify the settings. This is very inconvenient and is unnecessary with any other piece of software I use.
I have updated to the most recent print driver for my device.
I have updated to the most recent version of my operating system.
I have updated to the most recent version of adobe acrobat pro.
I am able to print from every other application on my computer without any additional steps.
I am able to open a pdf in preview and print without any additional steps but when I open the same pdf in adobe acrobat my print job is rejected.
Please provide a way to use default system printer settings without additional steps with printing from adobe acrobat pro.

I have the same issue as you Dan. I have 2 Macs, one running Acrobat 9 which has no issue so it seems to be the most recent version causing this issue. It is annoying for the person printing it, especially when it's only in the one application

Calling web service with basic authentication from EP "unauthorized"

Hello,
I need to call a .NET web service with basic authentication on the IIS from my portal application (no http proxy between portal and IIS). But always I get the following exception:
com.sap.engine. services.webservices.jaxm.soap.accessor. NestedSOAPException:
Problem in server response: [Unauthorized].
I'm using the following code for calling the .NET web service:
...Licence_GetList lParameter = new Licence_GetList();
lParameter.setStatus(CEnvironment.TransformStatus_WebService(search));
ILicenceManager lLicMan = (ILicenceManager) PortalRuntime.getRuntimeResources().getService("LicenceManager");
ILicenceManager lLicManSecure = lLicMan.getSecurisedServiceConnection(request.getUser());
Licence_GetListResponse lGetListResponse = lLicManSecure.Licence_GetList(lParameter);...
I've also configured a http system in the portal system landscape using the following parameters:
Authentication Method : Basic Authentication
Authentication Type : Server
User Mapping Type : admin,user
The user mapping is also personalized for this system!
What's wrong? Please help! This is really urgent!
Kind Regards
Joerg Loechner

Hello Renjith,
here is a small cutout of my "portapp.xml";
<services>
<service alias="LicenceManager" name="LicenceManager">
 <service-config>
 <property name="className" value="de.camelotidpro.
 pct.xi.scm.webservice.LicenceManager"/>
 <property name="startup" value="false"/>
 <property name="WebEnable" value="false"/>
 <property name="WebProxy" value="true"/>
 <property name="SecurityZone" value="de.camelotidpro.
 pct.xi.scm.webservice.LicenceManager/
 DefaultSecurity"/>
 </service-config>
 <service-profile>
 <property name="SystemAlias" value="LicMan_NET"/
 </service-profile>
</service>
</services>
I'm using a http system created in the system landscape (alias LicMan_NET). But it seems that this system is not used by the web service call (No error, even if I delete this system!). The code used to call this web service can be found at the top of this threat...
Regards
Joerg Loechner

Integrate Multiple Captivate HTML5 Application Simulations inside a single course package

Hi,
We are using Captivate-8. We wants to integrate Multiple Captivate HTML5 Application Simulations inside a single course package. There is an option to create ‘Aggregator Project’ to do so if you have Flash (swf) output. As we are generating HTML5 output is there any way to so?
We also want a menu where we can see list of all such imported files. Along with that we also wants to use simple content screens in between the simulations.
Please share if you know how to achieve this.
Thanks

Hi Lilybiri,
Our requiremetn is - We wants to develope a single package with at least few show-me simulations, try-me simulations and content screens. There should be some GUI which has menu to list all these pages and the pages should get loaded inside the GUI. There should be some navigation like Next/Back buttons to navigate from one page to other page.
Like this we will have multiple packages. So we can not split each package into multiple SCO.
Please help if there is alternate way to acheive this.
Thanks.

How to get, from a remote application, list of groups & users?

I need to get list of groups, and users in a group,
and profile of a user of weblogic
from a remote application.
Do I need to use classes from com.bea.p13n.security.management.authentication? How?

2 ways.. u might be able to set up trust between the domains or something and then call the UserManager and GroupManager EJBs.
Or if u are using RDBMS authentication, you can just go against the database and write u'r own queries.
Kunal

Send authenticated(from java) user information to IIS

We are using webSphere 4.0/Servlet to authenticate users and store userid/password information in session. We have a link, on the same domain, which accesses IIS server. How do we pass the user's id/password to IIS so that the user does not get to dialog box from IIS to login again?
Thanks in advance
Sam

I would highly recommend not putting the user's id/password in the URL for authentication. If the user happens to have a proxy server between their browser and your application, that proxy will have logged their userid/password which would be seen by someone looking at those proxy logs.
It sounds like you are using basic authentication mechanisms built into the webservers and not creating your own. Basic authentication requires the username and password to be sent over the wire as part of the request. For that reason, the user must be prompted for it in order for it to be sent.
So, with that in mind, I think you have a few choices:
a) use the integrated authentication that IIS has. If the user is logged into their workstation as an authorized user and they are using IE, the authentication between the client and server will be transparent. However, that does not give you a nice cross-platform solution.
b) use something like client certificates for authentication on both your application and the other servers
c) have your websphere application also act as a gateway between the user and the other webserver. The websphere application would make the request to the IIS server on the user's behalf and then return the resulting page for the user. This is basically a proxy.
d) user a single sign-on mechanism such as Netegrity's Siteminder or build your own using cookies that both your websphere application and the IIS application will understand and can use. Don't put the person's username and password in the cookie, however. If you want to build your own, you should take a look at the "dos and dont's" paper at http://cookies.lcs.mit.edu/pubs.html.

IMAP/SSL: problem connecting from a web application

Hi,
I try to connect to a IMAP/SSL server (with a self-signed certificate) from a web application. I followed http://www.javaworld.com/javatips/jw-javatip115.html.
When I try to connect from a java application it works fine. But when I try it from a servlet, it fails:
javax.mail.MessagingException: gaeron.gcrm.test.mail.DummySSLSocketFactory;
nested exception is:
 java.net.SocketException: gaeron.gcrm.test.mail.DummySSLSocketFactory
 at com.sun.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:461)
 at javax.mail.Service.connect(Service.java:236)I use Tomcat 5.5, jdk1.5.0_06 and javamail-1_3_3_01. Here is my code:
 Security.setProperty( "ssl.SocketFactory.provider", "gaeron.gcrm.test.mail.DummySSLSocketFactory");
Properties props = new Properties();
Session session = Session.getDefaultInstance(props);
Store store = session.getStore("imaps");
store.connect(server, 993, username, password);
store.close();Can anybody help me?
Thanks,
Előd.

I am not sure there is a class called MBoxSSLFactory. Is that a typo? We are in the same boat. We have a web application running on Tomcat that needs to connect to the IMAP store on the MS Exchange 2003 Server. It was working fine until we enabled Basic Authentication - SSL/TLS required setting on it.
In order to eliminate any complications due to Tomcat and all we are trying to get a simple standalone program that talks to IMAP server (using the DummySSLSocketFactory, DummyTrustManager etc) working.
I am stuck on the same error: (shown below is the stack trace and the code we are running). I have tried all the suggestions that have been posted on this "Unconnected Sockets not implemented" issue. I have tried it with both Jdk 1.4.2_08 and JDK 1.5.0.
The JavaMail version is 1.4. If I use JavaMail version 1.3.1 it complains that there is no store type "imaps". If I use "imap" and not "imaps" as the store type I end up getting "Authentication Failed" exception.
Instead of a DummyTrustManager I even tried importing a certificate. We have deployed a Verisign trial certificate on the EXchange server side. So when we run the InstallCert program (http://blogs.sun.com/andreas/entry/no_more_unable_to_find) it allows us to add the valid certificates to our keystore. Once that is done we have tried to create TrustManager based on that keystore. But NOPE..No success. same problem.
We have been stuck on this one for the last 4 days and we have a very critical client deployment that is hampered by this one. I know it is turkey time now..but would really appreciate it if some one can help us out.
javax.mail.MessagingException: Unconnected sockets not implemented;
nested exception is:
 java.net.SocketException: Unconnected sockets not implemented
 at com.sun.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:479)
 at javax.mail.Service.connect(Service.java:297)
 at javax.mail.Service.connect(Service.java:156)
 at javax.mail.Service.connect(Service.java:105)
 at GetSSLMail.getmail.main(getmail.java:37)
Caused by: java.net.SocketException: Unconnected sockets not implemented
 at javax.net.SocketFactory.createSocket(SocketFactory.java:97)
 at com.sun.mail.util.SocketFetcher.createSocket(SocketFetcher.java:224)
 at com.sun.mail.util.SocketFetcher.getSocket(SocketFetcher.java:189)
 at com.sun.mail.iap.Protocol.<init>(Protocol.java:84)
 at com.sun.mail.imap.protocol.IMAPProtocol.<init>(IMAPProtocol.java:87)
 at com.sun.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:446)
 ... 4 more
package GetSSLMail;
/* getmail.java */
import java.util.Properties;
import javax.mail.*;
//import javax.mail.internet.*;
import java.io.*;
public class getmail {
 //myauth auth;
 public static void main(String args[]) throws Exception {
 String host, name, passwd;
 BufferedReader br = new BufferedReader(new InputStreamReader(System.in));
 System.out.println("Enter IMAP Host Name: ");
 host = br.readLine();
 System.out.println("Enter User name: ");
 name = br.readLine();
 System.out.println("Enter Password: ");
 passwd = br.readLine();
 java.security.Security.setProperty("ssl.SocketFactory.provider","DummySSLSocketFactory");
 // Get a Properties object
 Properties props = System.getProperties();
 props.put("mail.imaps.host", host);
 props.put("mail.imaps.port", "993");
 Authenticator auth = new myauth(name, passwd);
 Session session = Session.getDefaultInstance(props, auth);
 Store store = session.getStore("imaps");
 try {
 store.connect(); // exception here
 System.out.println("store connected");
 } catch (Exception e) {
 //System.out.println("Error :" + e.toString());
 e.printStackTrace();
 Folder folder = null;
 try {
 folder = store.getFolder("INBOX"); // because of earlier exception,
 // also
 // exception here
 } catch (Exception e) {
 System.out.println("Error :" + e.toString());
 folder.open(Folder.READ_ONLY);
 BufferedReader reader = new BufferedReader(new InputStreamReader(
 System.in));
 Message message[] = folder.getMessages();
 for (int i = 0, n = message.length; i < n; i++) {
 System.out.println(i + ": " + message.getFrom() + "\t"
 + message[i].getSubject());
 System.out
 .println("Do you want to read message? [yes to read/quit to end]");
 String line = reader.readLine();
 if ("yes".equals(line)) {
 System.out.println(message[i].getContent());
 } else if ("QUIT".equals(line)) {
 break;
 class myauth extends Authenticator {
 String username, password;
 public myauth(String name, String passwd) {
 username = name;
 password = passwd;
 public PasswordAuthentication getPasswordAuthentication() {
 return new PasswordAuthentication(username, password);
package GetSSLMail;
import java.io.BufferedInputStream;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.InetAddress;
import java.net.Socket;
import java.security.KeyStore;
import javax.net.SocketFactory;
import javax.net.ssl.*;
* DummySSLSocketFactory
public class DummySSLSocketFactory extends SSLSocketFactory {
private SSLSocketFactory factory;
SSLContext sslcontext;
 TrustManagerFactory tmf;
 KeyStore ks;
public DummySSLSocketFactory() {
 try {
// try
 ks = KeyStore.getInstance("jks");
 InputStream in = new FileInputStream("C:\\Documents and Settings\\kk12\\jssecacerts");
 in = new BufferedInputStream(in);
 ks.load(in,null);
 tmf = TrustManagerFactory.getInstance("PKIX");
 tmf.init(ks);
 sslcontext = SSLContext.getInstance("SSL");
 sslcontext.init(null, tmf.getTrustManagers(), null);
 HttpsURLConnection.setDefaultSSLSocketFactory(sslcontext.getSocketFactory());
 //SSLContext sslcontext = SSLContext.getInstance("TLS");
 //sslcontext.init(null,new TrustManager[] { new DummyTrustManager()},null);
 factory = (SSLSocketFactory)sslcontext.getSocketFactory();
 } catch(Exception ex) {
 // ignore
public static SocketFactory getDefault() {
 return new DummySSLSocketFactory();
public Socket createSocket(Socket socket, String s, int i, boolean flag)
 throws IOException {
 return factory.createSocket(socket, s, i, flag);
public Socket createSocket() throws IOException {
 System.out.println( "createSocket 0");
 return factory.createSocket();
public Socket createSocket(InetAddress inaddr, int i,
 InetAddress inaddr1, int j) throws IOException {
 return factory.createSocket(inaddr, i, inaddr1, j);
public Socket createSocket(InetAddress inaddr, int i)
 throws IOException {
 return factory.createSocket(inaddr, i);
public Socket createSocket(String s, int i, InetAddress inaddr, int j)
 throws IOException {
 return factory.createSocket(s, i, inaddr, j);
public Socket createSocket(String s, int i) throws IOException {
 return factory.createSocket(s, i);
public String[] getDefaultCipherSuites() {
 return factory.getDefaultCipherSuites();
public String[] getSupportedCipherSuites() {
 return factory.getSupportedCipherSuites();
package GetSSLMail;
//import com.sun.net.ssl.X509TrustManager;
import java.security.cert.X509Certificate;
import javax.net.ssl.TrustManager;
public class DummyTrustManager implements TrustManager {
 public boolean isClientTrusted( X509Certificate[] cert) {
 return true;
 public boolean isServerTrusted( X509Certificate[] cert) {
 return true;
 public X509Certificate[] getAcceptedIssuers() {
 return new X509Certificate[ 0];

Copy application from within an application?

Ok, this may be a bit of a stretch, but is it possible to create a new application as a copy of an existing one from within an application?
To explain: I'm envisioning an APEX framework where I have a "core" application which has all of my standard functionality built in; whenever I want to build a new application, I copy that, rather than building a new one from scratch. Information about the applications (active status, authentication method, created by, last modified by, description, etc.) would be stored in a central (custom) table (this much has been covered by Scott Spendolini in this presentation).
So, I'd like to build an application which would show me the data from this central table, and also have a wizard that would a) copy the core application to a new ID, potentially setting some features in the process, and b) create the appropriate record in the central table.
Thanks,
-David

David,
I am having the same thoughts and will watch this thread. I believe what you are referring to is "subscribing to a master application" of which I have no experience in.
Just saw another thread similar to this one:
See {thread:id=1774693}
Jeff
Edited by: jwellsnh on Nov 22, 2010 1:58 PM

How does OIF handles authentication at Sp side application?

Hi,
Please explain user authentication at SP domain application. and correct me if my understanding is worong about authentication flow.
User login in to the application running at IDP domain, and browse the resourse. User then clicks on link which presents resource of SP domain. what is that link ? please explain with sample link URL.
then IDP creates SMAL token based on user attribute and pass in to SP domain. OIF which configure as SP extracts the token, and sends user credential to the application.
how does it pass user information( userid /passwaod) to application running on SP domain?

Federated authentication is based on the principle that the SP will trust the IdP for authenticating users. When SAML is involved, the IdP asserts the user's identity to the SP via a SAML assertion which could contain data that transparently identifies a user or an opaque handle which both the IdP and SP know about. The SP's responsibility is to ensure that the assertion comes from the IdP and is not tampered with - both these are achieved using standard PKI facilities. The SP can then use the data in the assertion to create a session at its end for the subject of the assertion.
As for the link that the user clicks on at the SP, it will depend on your particular implementation of federation - you have the following options -
1) Link starting at IdP but containing SP destination and final URL information (IdP-initiated SSO starting from federation end point)
2) Link starting at SP but containing IdP information and final URL(SP-initiated SSO starting from federation end point)
3) Final URL directly with IdP information (SP-initiated SSO starting from app URL)
-Vinod

Capture an image using the web camera from a web application

Hi All,
Could anyone please share the steps what have to be followed for capture an image using the web camera from a web application.
I have a similar requirement like this,
1) Detect the Webcam on the users machine from the web application.(To be more clear when the user clicks on 'Add Photo' tool from the web application)
2) When the user confirms to save, save the Image in users machine at some temporary location with some unique file name.
3) Upload the Image to the server from the temporary location.
Please share the details like, what can be used and how it can be used etc...
Thanks,
Suman

1) Detect the Webcam on the users machine from the web application.(To be more clear when the user clicks on 'Add Photo' tool from the web application)There's not really any good way to do this with JMF. You'd have to somehow create a JMF web-start application that will install the native JMF binaries, and then kick off the capture device scanning code from the application, and then scan through the list of devices found to get the MediaLocator of the web cam.
2) When the user confirms to save, save the Image in users machine at some temporary location with some unique file name.You'd probably be displaying a "preview" window and then you'd just want to capture the image. There are a handful of ways you could capture the image, but it really depends on your situation.
3) Upload the Image to the server from the temporary location.You can find out how to do this on google.
All things told, this application is probably more suited to be a FMJ (Freedom for Media in Java) application than a JMF application. JMF relies on native code to capture from the web cams, whereas FMJ does not.
Alternately, you might want to look into Adobe Flex for this particular application.

Authenticating from an HTML5 application

Similar Messages

Maybe you are looking for