BSP Logon control

Hi All
Iu2019m building a BSP application, whereby BSP1 will be accessed via an Anonymous Logon and will then redirect to BSP2. At this point, depending on business logic, the user may or may not be required to enter logon details.
In SICF, Iu2019ve configured BSP1 as an Anonymous Logon, but have not configured any logon data for BSP2. With this configuration, BSP2 is executed using the Anonymous Logon.
I need to change this and dynamically control whether the user is required to logon when redirecting to BSP2. Ideally, Iu2019d like to make use of SAPu2019s System Logon functionality.
Any assistance would be greatly appreciated.
Thanks

while redirecting to bsp2 (set the system log on radio button for this app in sicf) add a dummy user to the the bsp2 url
redirect url
/sap/bc/bsp/sap/bsp2/default.htm?sap-user=xxxx

Similar Messages

SAP GUI Logon Control wdtlog.ocx

Hi,
I'm trying to use the SAP Logon Control to use SNC / Single Sign-on (SSO Works with SAPGUI and SAP Logon),
I created a VB Script and it works if Silent = False "v_connection.Logon(0, False )" but if Silent = True the logon fails.
Is there another way to use the Logon control to make the connection with SNC so I dose'nt have to use the entry i SAPLOGON.INI ?
My sample script:
set v_control = CreateObject("SAP.Logoncontrol.1")
set v_connection = v_control.NewConnection()
v_connection.System = "LBT SSO"
v_connection.SystemNumber = 000
v_connection.autologon = 1
v_connection.User = "xyz"
v_connection.Client = 100
v_connection.ApplicationServer = "server1"
v_connection.Language = "K"
If v_connection.Logon(0, True ) = True Then
msgbox("SAP logon ok !!!")
Else
msgbox("SAP logon Error !!!")
End If
v_connection.Logoff()
msgbox("END")

Hello Peter
Please change the following in your code:
set v_control = CreateObject("SAP.Logoncontrol.1")
set v_connection = v_control.NewConnection()
v_connection.System = "LBT SSO"
v_connection.SystemNumber = 000
v_connection.autologon = 1
v_connection.User = "xyz"
v_connection.Client = 100
v_connection.ApplicationServer = "server1"
v_connection.Language = "EN"
v_connection.SNC = True
v_connection.SNCName = "<snc name>"
v_connection.SNCQuality = "<sncquality>"
If v_connection.Logon(0, True ) = True Then
msgbox("SAP logon ok !!!")
Else
msgbox("SAP logon Error !!!")
End If
v_connection.Logoff()
Regards,
Dinesh

BSP logon settings - help needed

Hi!
I'm newbie in BSP and faced with problem with it.
I've created a simple BSP app (named "z_bsp_test") with one page and one MIME-object (actually, it is imported MSOffice document, named "order.doc") . Also, my app is assigned to a service user in transaction SICF. HTML code of my page is something like that:
<html>
<head>
script for="button1" event="onclick" language="vbscript"
set wordApp = CreateObject("Word.Application")
wordApp.documents.open("http://test.prv/sap/bc/bsp/sap/z_bsp_test/order.doc")
wordApp.visible = true
/script
</head>
<body>
<input type="button" name="button1" value="Print" />
</body>
</html>
I can view my page in browser (IE 6.0) without any login prompt (because I've set logon options in SICF for my app), but when I click button "Print" on my page, MSWord prompts me for username and password. How can I remove this prompt? Maybe I didn't set some options in SICF? Any suggests?
Thanks

Thanks for reply, Cornelia.
1. Actually, instead of string "http://test.prv/sap/bc/bsp/sap/z_bsp_test/order.doc", I'm using runtime and request parameters in OnLayout event of my page:
"http://<%= request->get_header_field( 'host' ) %><%= runtime->application_url %>/order.doc"
2. We don't use https
3. Whether I input correct name/password, or not (clicking on "Cancel" button) - there is no difference, Word successfully opens document(?!). I just can't understand why this annoying prompt appears and how to remove it.

Custom BSP Logon Page, Via PopUp

Hello everybody,
i want to use a logon-page for a BSP application (NW2004-System). Following the various threads/blogs around, i have edited the settings for my BSP application via transaction SICF. Now when i call the URL in my browser i do get the logon-page displayed, but the fields user and password are disabled/readonly and are showing the text "Via Popup". When i click on the button "Log in" i am getting the browser login-popup again.
Any idea how to get rid of that?
regards,
Markus

I hope you wanted to have logon page instead of pop-up as shown in your url. Revert back all your changes.
Do the below settings..
1. Goto SICF & your application node
2. In Error Page Tab & In Logon Errors Tab, select the Re-direct URL & place the below URL.
/sap/public/bsp/sap/system/login.htm?sap-url=<%=PATHTRANS%>&BspHandlerClass=CL_BSP_LOGIN_HANDLER_HTMLB
3. save & test your BSP.
Also seems like SSO (Single sign on ) is not active in your system,you can activate as follows:
Enabling sso via the following profile parameters should help:
login/accept_sso2_ticket = 1
login/create_sso2_ticket = 2
Check your SSO cookies..
To test SSO, execute the BSP Application SYSTEM & Page sso2test.htm. Follow the steps which is mentioned in output..
Let me know if you have any issues.
*Reward each useful answer
Raja T

Bsp logon in other language translation for OTR not displaying.

Hi All
have few queries if you can help me to resolve those i will out of criss to hunt more.
1) i have application designed in English, now i have created OTR for that now i have login to Spanis Language
when i choose the option GOTO-> translate it is asking with a Pop Up EN To ES so clicked yes.
now its also ask me Maintain In Logon Language or Original Language (Please guide me what excatly i have to Choose),
for testing purpose i choose maintain in Original Language but when i logon in Sapanish logon its shows me in the degugger
SY-LANGU AS EN , BUT it should be ES , i am wondering why this happen , then again i have done it in the other way round but not working , but according to your Old Blog if i change the Qery
string for example i explain:
Example Qery string is : http://mypageSeceret.com:1080/sap(bD1lbiZjPTA1MA==)/bc/bsp/sap/zzritesh_test/default.htm
if i add ?sap-language= ES
http://mypageSeceret.com:1080/sap(bD1lbiZjPTA1MA==)/bc/bsp/sap/zzritesh_test/default.htm?sap-language=es
then the page display as spanish text.
but Client will not be knowing to do this neither he will take the pain like this.
please provide me a generic code so that i can handle it some method ,
I think , may be i am wroung some abap code like( set as locale language)
i am using Page with flow logic for development of my BSP application.
Please guide me to solve this problem for me .
Regards
Ritesh Aggarwal

Thanks Raja,
No i am not using portal , well i will try what you guided me , and willl soon get back to you , thanks you soo much , will hook you soon on this issue once client give the translations .
But stilll one question do i need to login in ES language to maintain translations, then only it will ask me for maintain in original language OR Logon Language , i will select Maintain in logon language as suggested by you thanks , still write me for more retification thanks Raja.
Regards
Ritesh Aggarwal
Edited by: Ritesh Aggarwal on Nov 24, 2009 6:40 PM

Anonymous BSP-Login

Hi,
I've got a strange problem for me. I want to have an anonymous login to a BSP-Page which
consists of two BSP-applications, a general header and the applications itselfs.
My first fault was, in the transaction SICF, to put the login data only into the
applications and not also into the header.
So I fixed that and thought everything would work by now, but If I want to navigate in my
BSP-Pages via a htmlb:button in a tableview iterator with javascript on clientclick
the user gets a login popup.
But if I use the same button in a xhtmlb:toolbar the navigation works without the popup.
I'm using a javascript like this:
function gotoUrl(url)
 var destination=eval(window.parent);
 destination.location=url;
in a button like this one:
<htmlb:button id = "b_show"
 text = "show"
 onClientClick = "gotoUrl('norm.do?mode=s&normid=7&action=s');"
 design = "EMPHASIZED" />
If you have an idea please help.
Regards,
Stefan Huemer

Hi,
Did you check <a href="https://wiki.sdn.sap.com/wiki/display/BSP/Logon">this WIKI Entry ?</a>
This will give you a complete picture of all the steps..
Hope this helps.
Do reward each useful answer..!
Thanks,
Tatvagna.

Where can I find the DCOM Connector Logon Component?

Hello,
I successfully installed the DCOM Connector (from CD SAP GUI for windows 6.20).
But where can I find the Logon Component?
As far as I understand the online documentation, this component is based on, but not included in the DCOM Connector.
(I have used the Logon Control ocx, but need some features of the newer Logon Component.)
Yes, I know, it is outdated and no longer supported by SAP, but I really need it.
Where on CD or online can I find it?
Thanks for any hint!
Regards
Steffi

Dear Steffi,
Kindly let us know, for what exactly U required the connector compo.
Regards,
Shaibaz

User NOT able to login again to BSP application after logging off

Hi Experts,
What the user is doing?
Step 1: User logged into BSP Application. Result: Successful login
Step 2: User logged off from BSP Application. Result: Successful log off
Step 3. User again tries to log into BSP Application with correct login credentials. Result : LOGIN FAILURE
What is being displayed onto the screen after step 3?
1. Login screen does not changes.
2. It does not show any error/warning messages.
3. Next screen, after login screen is NOT being displayed.
What the user does next?
User is deleting all the cookies & cache, and again trying to log into BSP application. Result : Successful login
Question:
Everytime, the user logs off from the BSP application, and again tries to login, he/she is NOT able to login without clearing the cookies and cache.
First, the user has to clear cookies and cache, then ONLY he/she is able login.
Can you please advice on this?
Response will be highly appreciated.
Regards,
Mandar

Hi,
Refer http://help.sap.com/saphelp_nw04/helpdata/en/6b/9d91d062cc52419f23926ff1bf2ad3/content.htm
BSP Application Login/Logoff and http://wiki.sdn.sap.com/wiki/display/BSP/Logon
This may be helpful for your issue.
Thanks,
Chandra

Abt BSP

Hi Friends.
I am new to BSP.
What is the basic system settings, i have to do, to run BSP Application.
Thanks.............
Kumar.

Settings to be done in transaction SICF (from note 517484):
Summary
Symptom
The Internet Communication Framework Services are inactive when you install the SAP Web Application Server. The error text 'Forbidden' is displayed in the browser.
When you try to test a Web service using transaction WSADMIN, the system displays the following error:
"Could not determine WSDL address (ICF_ERROR), SRT_REG038"
Other terms
ICF, Service, You are not authorized to view this page, RAISE_EXCEPTION, forbidden, error HTTP 403, Host is not active, Service is not active
Reason and Prerequisites
After you install the Web Application Server, all Internet Communication Framework (ICF) services are delivered as inactive (this is for security reasons). Following the installation you must decide, on an application-related basis, which services need to be activated manually.
Since several services may be executed when you call a URL, all service nodes must be activated in the SICF tree. As a result, the URL path is represented in ICF subnodes (services). If, for example, you want to activate services for the /SAP/public/icman URL, you have to activate the "default_host" service tree in transaction SICF. After that, you must activate the individual "sap", "public", and "icman" services.
You can activate an ICF service as follows:
1. Select the ICF service in the ICF tree in transaction SICF.
2. You can then activate the service in one of the following ways:
a) Choose "Service/Virt. Host" -> "Activate" from the menu.
b) Right-click to open the context menu and choose "Activate service".
Other problems:
If the "default_host" node is inactive in transaction SICF, the HTTP request produces a "RAISE_EXCEPTION" ABAP runtime error
stating that the HOST_INACTIVE exception condition was triggered.
If a service is inactive in the SICF transaction, the error text "Forbidden" is displayed when you access this service.
Solution
Listed below are some services that must be activated in the system
depending on the operational scenario:
Support for the Internet protocol (HTTP, HTTPS and SMTP) in the SAP Web Application Server
/default_host/sap/public/icman
Comment: After you have installed SAP Web Application Server, you must ensure that this service is activated in transaction SICF. Through this the ICMan process can (for example) make decisions concerning the distribution of HTTP requests to the corresponding server.
Using load distribution
with the message server
/default_host/sap/public/icf_info
/default_host/sap/public/icf_info/logon_groups
/default_host/sap/public/icf_info/urlprefix
with the Web Dispatcher
/default_host/sap/public/icf_info
/default_host/sap/public/icf_info/icr_groups
/default_host/sap/public/icf_info/icr_urlprefix
Using Business Server Pages (BSP)
/default_host/sap/bc/bsp/sap
/default_host/sap/bc/bsp/sap/system
/default_host/sap/bc/bsp/sap/public/bc
/default_host/sap/public/bc (available for 620 with Support Package 34)
/default_host/sap/public/bc/ur (available for 620 with Support Package 34)
/default_host/sap/public/bsp/sap/public
/default_host/sap/public/bsp/sap/public/bc
/default_host/sap/public/bsp/sap/system
/default_host/sap/public/bsp/sap/htmlb (as of Release 620 Support Package SAPKB62026)
Comment: In addition to these general BSP services, you still have to activate the corresponding application services in the ICF tree. The service for the application is generally found under the ICF node /default_host/sap/bc/bsp/sap/<application>.
Using the BSP logon procedure
/default_host/sap/public/bsp/sap
/default_host/sap/bc/bsp/sap/system
/default_host/sap/public/bsp/sap/public
/default_host/sap/public/bsp/sap/system
BSP test applications for troubleshooting
/default_host/sap/bc/bsp/sap/it00
/default_host/sap/bc/bsp/sap/sbspext_htmlb
/default_host/sap/bc/bsp/sap/sbspext_xhtmlb
/default_host/sap/bc/bsp/sap/htmlb_samples
As of Release 6.30:
/default_host/sap/bc/bsp/sap/bsp_verificatio
Using Business Information Warehouse (BW)
/default_host/sap/bw
Web Applications
/default_host/sap/bw/BEx
/default_host/sap/bw/Mime
Reporting agent preliminary calculation
/default_host/sap/bw/ps
Drag and Relate in the portal
/default_host/sap/bw/dr
Data access using XMLA
/default_host/sap/bw/xml and all subordinate subservices
Document integration in the BEx Analyzer and Web Applications.
/default_host/sap/bw/doc and all subordinate subservices
Formatted reporting
/default_host/sap/bw/ce_url
Assignment of SAP icons
/default_host/sap/public/bc
/default_host/sap/public/bc/icons
/default_host/sap/public/bc/icons_rtl
/default_host/sap/public/bc/webicons
/default_host/sap/public/bc/pictograms
Assignment of Web Dynpro ABAP (WDA) applications
The use of WDA applications is released only as of SAP NetWeaver Release 7.0. For more information, see Note 1088717.
ICF test applications:
/default_host/sap/bc/echo
Among other things, this service returns information about the registration procedure being used, the header and form fields, and the generated SSO cookie for the executed request. Therefore, this service should only be activated for troubleshooting purposes.
/default_host/sap/bc/error
This service generates some error situations in the system and should only be activated for troubleshooting purposes.
/default_host/sap/bc/srt/xip/sap
You want to fix the Web service error message "Could not determine WSDL address (ICF_ERROR), SRT_REG038" in connection with XI services.
Using Support Package SAPKB62006, the following problems were solved in connection with inactive services:
The "RAISE_EXCEPTION" ABAP runtime error no longer occurs for an inactive host.
The error text "Forbidden" was replaced with "Service is not active" for an inactive service.
Header Data
Good luck.

SSO (SNC) for BEx applications

In our testing environment, we use SSO(SNC) through the SAP GUI for Windows to access our backend systems:
*SSO file gx64ntlm on the server side
*SSO file sncgss32.dll on the client side
*User mapping (SNC tab) mapped to active directory user
and everything works fine.
However, when launch BEx Analyzer, Query Designer, etc, we get the following error when accessing the SSO logon options in the SAP Logon Control tool:
Error Group
RFC_ERROR_PROGRAM
Message
Missing SNC_LIB=... in connect_param in RfcOpenEx
How does the logon control need to be configured in order to connect to the backend system via SSO?

Almost there....AFter that setting, I get the following:
Error Group
RFC_ERROR_COMMUNICATION
Message
SAP_CMINIT3 : rc=20 > Connect to SAP gateway failed
Connect_PM GWHOST=xxx.xx.x.xxx, GWSERV=sapgw00s, SYSNR=00
LOCATION    CPIC (TCP/IP) on local host
ERROR       partner xxx.xx.x.xxx:4800' not reached
TIME        Thu Jan 15 14:42:56 2009
RELEASE     710
COMPONENT   NI (network interface)
VERSION     39
RC          -10
MODULE      nixxi.cpp
LINE        3139
DETAIL      NiPConnect2: xxx.xx.x.xxx:4800
SYSTEM CALL connect
ERRNO       10061
ERRNO TEXT WSAECONNREFUSED: Connection refused
COUNTER     2
SNC is set to accept insecure RFC (value =1)...

How do I call a SAP RFC from an Oracle Form using webutils CLIENT_OLE2?

Hi guys,
Your help on this problem would be greatly appreciated.
We have an older forms 6i application which we are currently updating to 10g (which is a pain itself... but that's a different story.) which currently uses unssupported c++ routines to connect to the SAP system, we want to do away with this c++.
What I have so far is the following test code:
PROCEDURE cmd_summary
IS
o_sap_log client_ole2.obj_type;
o_sap_conn client_ole2.obj_type;
o_sap_rfcc client_ole2.obj_type;
-- o_sap_rfcx client_ole2.obj_type;
-- o_sap_rfc client_ole2.obj_type;
v_args ole2.list_type;
v_logon BOOLEAN := FALSE;
BEGIN
:block3.txt_result := 'TEST Started!';
--create logon control object
o_sap_log := client_ole2.create_obj ('SAP.logoncontrol.1');
--create the function object
o_sap_rfcc := client_ole2.create_obj ('SAP.Functions');
--create a new connection object
o_sap_conn := client_ole2.invoke_obj (o_sap_log, 'NewConnection');
--set the connection properties
client_ole2.set_property (o_sap_conn, 'System', caps$get_sys_param ('SAP_DST'));
client_ole2.set_property (o_sap_conn, 'MessageServer', caps$get_sys_param ('SAP_HST'));
client_ole2.set_property (o_sap_conn, 'GroupName', 'DEVELOP');
client_ole2.set_property (o_sap_conn, 'client', caps$get_sys_param ('SAP_CLT'));
client_ole2.set_property (o_sap_conn, 'SystemNumber', caps$get_sys_param ('SAP_SYN'));
client_ole2.set_property (o_sap_conn, 'User', caps$get_sys_param ('SAP_USR'));
client_ole2.set_property (o_sap_conn, 'Password', caps$get_sys_param ('SAP_PWD'));
client_ole2.set_property (o_sap_conn, 'language', caps$get_sys_param ('SAP_LNG'));
--set up the logon arguements
v_args := client_ole2.create_arglist;
client_ole2.add_arg (v_args, 1);
client_ole2.add_arg (v_args, TRUE);
--run the logon function
v_logon := client_ole2.get_bool_property (o_sap_conn, 'logon', v_args);
client_ole2.destroy_arglist (v_args);
IF v_logon
THEN
:block3.txt_result := :block3.txt_result || CHR (10) || 'LOGON Worked!!';
ELSE
:block3.txt_result := :block3.txt_result || CHR (10) || 'LOGON Failed!!';
END IF;
:block3.txt_result := :block3.txt_result || CHR (10) || 'TEST Ended!';
EXCEPTION
WHEN OTHERS
THEN
:block3.txt_result := :block3.txt_result || CHR (10) || SQLERRM (SQLCODE);
END cmd_summary;
NOTE: the get_sys_param functionis returning text from a table.
This seems to work okay, the logon command returning a TRUE. All good so far.
However, when I try to then use this connection for anything then I stumble and fall!
I've seen an example in VB where the SAP RFC object is "assigned" the connection object by simply stating:
Set oSAPrfc.Connection = oSAPconn
Where oSAPconn is setup in a similar way to my o_Sap_conn in the above example.
I have tried using the CLIENT_OLE2.SET_PROPERTY procedures but I don't think that's quite right.
I've tried using invoke, to try and "run" the method like:
v_args := CLIENT_OLE2.CREATE_ARGLIST;
client_ole2.add_arg_obj(v_args,o_sap_conn);
client_ole2.invoke(o_sap_rfcc,'Connection',v_args);
client_ole2.destroy_arglist(v_args);
but it fails.
I have also tried using the actual Connection function directly:
SAP_ISAPFUNCTIONS.connection(o_sap_rfcc, o_sap_conn);
But that just causes the Forms Server to crash... :?
Has anyone connected to SAP via Forms? I noticed one post on this forum which an example of some code using a SAPBAPI control but not WEBUTIL (Which I think I'd need to use because we are running 10g)
As a side note we are also looking into SAP Adapter as a possible "other" route but this too is getting very complicated... And I can't see a way of connecting a form to the Adpater anyway :(
Any advice would be very much appreciated.

Can anyone help?
Mike

An issue using the COM components supplied with SAP GUI 6.2 or 6.4

We are having an issue using the COM components supplied with SAP GUI 6.2 or 6.4. We used to have SAP 4.6c and now we have 5.0. When we were on 4.6c, we used these COM components to logon and execute RFC calls and we had much success. Now that we are on 5.0, we cant seem to instance any SAP functions that have something to do with SAP Workflow. We have experienced this problem when using VB6 or .NET, but our existing code that always worked is in VB 6.0.
SAP Components used:
o SAP Logon Control
o SAP Function Control
o Librfc32.dll
o Other supporting C DLLs and/or COM object supplied with the SAP GUI installation.
For example, if we want to call the RFC ARCHIV_CONNECTION_INSERT, this code fails in VB6 when the Set objworkflow = objFuncCtrl.Add(strFunction) line of code executes. Instead of returning an instance of the object ARCHIV_CONNECTION_INSERT function, no object is created. In 6.2, SAP raises no errors, but the object we are trying to create is still Nothing. If we use 6.4, SAP raises an error SAP data type not supported via a message box and then the object is still = Nothing. Interestingly enough, the 6.2 GUI COM controls dont display the error dialog. The message box that is shown comes from the SAP Function COM Object "SAP.Functions" (wdtfuncs.ocx).
Now, what is interesting is if we use the same code to call a standard function or custom function that doesnt have anything to do with SAP Workflow, then the code works fine. Again, all of our code used to work just fine on an SAP 4.6 system.
Here is the code that fails:
 'SAP Logon control - object for creating connections to an SAP system
 Dim objSAPLogonCtrl As Object
 'SAP connection object
 Dim objConnection As Object
 'Object that will represent the SAP function called
 Dim objSAP As Object
 'SAP function control object - object factory for creating other SAP function objects
 Dim objFuncCtrl As Object
 'Create instance of an SAP logon conrol
 Set objSAPLogonCtrl = CreateObject("SAP.Logoncontrol.1")
 'Create a connection object
 Set objConnection = objSAPLogonCtrl.NewConnection
 'Define connecion parameters
 objConnection.ApplicationServer = "sapvm"
 objConnection.SystemNumber = "00"
 objConnection.Client = "800"
 objConnection.User = "iissap"
 objConnection.Password = "tstadm"
 objConnection.Language = "E"
 objConnection.TraceLevel = 10
 'call the logon method of the connection object
 If objConnection.Logon(0, True) = False Then
 MsgBox Error
 Exit Sub
 End If
 'Create an instance of the SAP Function control object
 Set objFuncCtrl = CreateObject("SAP.Functions")
 'Set the function control connection object
 Set objFuncCtrl.Connection = objConnection
 'Function name to be generated and called
 Dim strFunction As String
 strFunction = "ARCHIV_PROCESS_RFCINPUT"
 'Create an instance of the function defined in strFunction
 Set objworkflow = objFuncCtrl.Add(strFunction)
 If objworkflow Is Nothing Then
 MsgBox "Could not create object " & strFunction
 Else
 MsgBox strFunction & " object created."
 End If
If anyone has seen anything like this or has any ideas, please help!
Mike and Hameed


Hi,
documentation on the Scripting API is available at ftp://ftp.sap.com/pub/sapgui/win/640/scripting/docs/
This API is a replacement of the existing, obsolete COM interfaces.
Best regards,
Christian

Login error in Portal after importing a new certificate into BI

Hi Experts,
Our certificate in BI expired last month and we were unable to login to the BEx reports due to this.
I have created a new certificate using Visual Administrator and imported that certificate into BI using STRUSTSSO2 after deleting the old certificate from the system PSE.
After which I have added this new certificate to the ACL for Single Sign On.
Then rebooted the JAVA stack for the changes to take effect.
Now, when I want to login to view reports on the Portal created by BEx Analyzer, I am getting this RFC_ERROR_LOGON_FAILURE exception.
When checked in SM50, it shows SsfVerify failed and SSF_API_NOCERTIFICATE errors.
Please help me out resolving this. Did I miss out on any of the steps?
Also when I ran the report, RSPOR_SETUP, the step 5 shows SID_certificate.crt is not existing and the step 12 shows that BI certificate not imported, SAP BI User is not mapped to SAP EP User.
Regards,

Hi,
Have a look at this [thread|The URL http://xxx was not called due to an error; as well as the [Wiki Link|http://wiki.sdn.sap.com/wiki/display/BSP/Logon].
Hope this will be helpful for you.
Regards,
Varadharajan M

Allowing Airwatch MDM access to the Captive-Portal guest users in pre-auth role for android and BB?

Requirement:
How to allow Airwatch MDM access to the Captive-Portal guest users in pre-authentication role for Android and Blackberry devices?
What is Airwatch MDM?
Airwatch MDM is Mobile Device Management. The Airwatch is an enterprise which helps to manage and secure data traveling through the mobile devices like Laptops, Tablets, Android, iPhones, iPads etc.
Solution:
Why we need to allow access to Airwatch MDM?
The network administrator can force the guest users to register to Airwatch MDM before they get authenticated and access the internet. So that the network administrator could manage the guest devices through Airwatch Management tool. This can be achieved by CPPM server. To download the Airwatch MDM app and register with the Airwatch MDM server certain domains should be permitted in the captive portal pre-authentication role. This KB provides the configuration steps to allow the guest users to download the Airwatch MDM app and register with the Airwatch MDM server.
Configuration:
Below is the configuration
Configuration steps:
1. Create the following netdestinations
netdestination Airwatch
name *.awagent.com
name *.awmdm.com
name air-watch.com
netdestination Google-Play
name android.clients.google.com
name .ggpht.com
name gstatic.com
name accounts.google.com
name clients1.google.com
name clients2.google.com
name clients3.google.com
name clients4.google.com
name i.ytimg.com
name google-analytics.com
name .1e100.net
name android.l.google.com
name mtalk.google.com
name clients.l.google.com
name googleapis.com
name gvt1.com
netdestination BlackBerry
name *.blackberry.com
2. Now define the rules in the session acl and map it to the pre-authentication Role of the captive portal.
ip access-list session Airwatch_Access
any   alias Airwatch svc-http permit
any   alias Airwatch svc-https permit
ip access-list session Google-Play-Store
               any   alias Google-Play any permit
ip access-list session BlackBerry-Access
               any   alias BlackBerry any permit
3. Now map the session ACLs to captive-portal pre-authentication Role as follows
user-role Guest-Pre-Auth-Role
access-list session Airwatch_Access
access-list session Google-Play-Store
access-list session BlackBerry-Access
access-list session logon-control
access-list session captiveportal
4. Now whitelist the list of domain names in the Captive Portal profle
aaa authentication captive-portal Airwatch-Captive-Portal-Profile
white-list Airwatch
white-list Google-Play                                                                                ------------>Netdestinations where you defined the Domains.
white-list BlackBerry
Verification
Now the user will be placed under the "Guest-Pre-Auth-Role" before the authentication. The user can now go the Google Play-Store or BlackBerry Appworld to download the Airwatch MDM and register to Airwatch Management Server.

Thanks so much getting these names listed out. I have been working on this very issue for a few weeks and was basing my firewall rules on IP's. It was not going well. Now access is working and testing can commence!  Thanks,Chris

Source of Bex Browser SAP system entries (not saplogon.ini?)

I hope someone could help to clarify what I presume is a fairly simple query.
I will run through the steps I take to reach my point of confusion:
1. I navigate to "Start Menu\Programs\Business Explorer\Business Explorer (SAP BW 3.x)" and open the Browser (SAP BW 3.x).
2. A "SAP Logon" window (similar to a cut-down version of SAP GUI's SAP Logon program) opens, I select the appropriate BW system from the list and logon. I have just ticked the box for "Use Selected System as Default" at this stage.
3. The BW Browser opens, I navigate to ANY report and double-click to open.
4. Microsoft Excel 2003 opens in the background, I can see the Business Explorer add-on as well.
Now this is the problem stage at step 5 and a complete oddity at step 6....
5. Another "SAP Logon at SID" window opens, but if I enter my logon details again I get an RFC_ERROR_PROGRAM error.
6. At this point I repeat step 3 above but instead of typing in my password at step 5, I click the "System" button which opens the mini "SAP Logon" windows for BW Browser. It is here I notice that all the SAP system entries which I presumed were populated from saplogon.ini at C:\Windows, are in fact from a much older version of the saplogon.ini I previously had.
So my real question is about step 6, why/how are the SAP system entries being populated from an older version of saplogon.ini? Does the BW Browser cache these entries somewhere else locally?
For reference, I am running SAP GUI 710 at Patch Level 12 & BW Add-on Patch Level 4 for 710. I have tried updating everything to the latest version/patch levels but with the exact same result. I've done a complete rebuild before a new 710 install and still can't figure this out.
Thank you.

Hi David,
Thank you for providing details of those SAP Notes, unfortunately they haven't helped to resolve the issue.
We do not use an Environment Variable to make another SAPLOGON.ini file known to the SAP Logon Control.
On running the trace, it appears quite apparent that SAPLOGON.ini in C:\Windows is being utilised. My first thought on seeing the trace file was that a SAPLOGON.ini file might be present in the "current directory" identified as N:\My Documents, but this wasn't the case.
Steps 1 and 2 are void, the standard .ini file should be getting picked up in step 3:
Wed Aug 05 15:09:45 2009 0001 DpaPersPar::BasicInitialization() current directory N:\My Documents
Wed Aug 05 15:09:45 2009 0001 DpaPersPar::BasicInitialization() SAPLOGON_INI_FILE not set; use SAPLOGON.INI
Any other thoughts?
Thanks.
Simon

BSP Logon control

Similar Messages

Maybe you are looking for