Configuring BI-java portal to BW backend

Similar Messages

• Single-Sign-On (SSO) configuration on JAVA Stack through HTTP Header method

  Hello SDN community,
  in the context of a Proof of Concept, we are testing the integration of Microsoft Sharepoint Portal with SAP Backend (addin) systems.
  As the architecture impose use an external scenario (access from the internet), we couldn't use the Kerberos (SPNego) solution and thus we chosed the http header solution which in short uses an intermediary web server (in this case the IIS of the MOSS solution) which will act as authority.
  I miss information on how the workflow works for this http header authentication method. Through the visual administrator of the addin JAVA stack, it is possible to configure each application with a customized authentication (a choice of security modules). But this all that I know.
  My task is to configure SSO. From a sharepoint portal, the user should be able to access Web Dynpros and BSPs. I imagine that the very first call to a webdynpro or bsp (or maybe when we log on the sharepoint portal), the request to the WDP or BSP will first be forwareded by the intermediary server to the JAVA stack (or is it the SAP dispatcher that has to be configured).
  Is there an application to be built on the java stack to deal with the authentication, modify http header?
  What will the Java stack return? a sap long ticket? a token?
  How will the redirect work (to by example a BSP which is in the ABAP stack)?
  SAP preconise to secure with SSL the link between the intermediary web server and the JAVA stack, is IP restriction also a solution?
  A lot of questions about how this SSO http header should work,
  I would be very greatful for any help, or info,
  Kind regards,
  Tanguy Mezzano

  Hi Tanguy,
  to tell you the truth I'm really unsure about what you are trying to achieve. When I started posting to your thread I thought all you wanted was trying to access your J2EE engine via Browser and authenticate against the engine using HTTP Header Variables. Nevermind:
  Here are some answers to your question:
  in fact I did succeed, the problem was that even after domain-relaxation done by the J2EE, I had to change the domain of th SAP cookie to the bbbb.domain.com to be understood (I would have thought that all hosts in/under domain .domain would have accepted such a cookie but it seems that no...).
  The server does not care about the domain because Cookies in an HTTP Request do not contain any domain information. The domain is just important when the Cookie is set by the server so your Client (Browser) will know in which cases the Cookie may be sent or not. So if your domain is xxx.yyy.domain.com and your cookie is issued to .domain.com then your Browser will definitely sent it to all hosts under .domain.com (This includes xxx.yyy.domain.com etc.)
  My current scenario is: in a first request get a SAP Logon Ticket from the Java Stack, then change its domain and then directly call the backend with it.
  You can do that but there is no Client involved in this scenario. So this is useful if you just want to test the functionality (e.g. authentication to J2EE using Header Variables (This works finally!!!) and then use the fetched Logon Ticket to test SSO against any trusted Backend!!)
  So everything's is in a Java Client application without using any redirection.
  If I understand you, you're solution is from the Browser call a servlet (which is deployed on the Java Stack and has no authentication schema) by passing to it our http header.
  No, you should initially authenticate somewhere! I thought that maybe you had some resource you access before accessing the Java Stack. This could be any application (e.g. deployed on a Tomcat or JBOSS or other server or if you like even SAP J2EE). After authenticating there you are aware of the username and could use it to  procceed (e.g. Authenticate against the J2EE using the same user and HTTP Header authentication for that particular user!)
  That servlet will transfer the http header (with the HttpClient app) in order to get from the Java Stack a SAP Logon ticket, and then to redirect to the resource and by sending back the cookie in client browser. Am I correct?
  This was just a suggestion because I realized that there was no Client ever involved in any of your testing (looked strange to me!). I was just thinking that it would be easier for you to just get the Cookie into your Browser so your Browser would do the rest for you (in your case finally send the Logon Ticket Cookie to your Backend to test SSO using Logon Tickets!).
  The AuthenticatorServlet somehow serves as a Proxy to your client because your client is not able to set the Header Variable. That's why I initially suggested to use a Proxy (e.g. Apache) for that purpose. The problem is just that if you use a Proxy you will have to tell it somehow which username it should set in the Header Variable (e.g. using a URL Parameter or using a personalized client certificate and fetch the username (e.g. cn=<username> from the certificate!)
  This way of doing would simplify the calls for sso for each new application needing authentication, instead of having all code each time in it...
  I'm stuck again! Do you want to authenticate an End User or do you want to authenticate an application that needs to call any resources in your Backend that requires authentication?
  So my problem now, is how to call the servlet from the client browser:
  I'm trying to call my servlet from the browser but I don't succeed. I am able to understand how to reach a jsp from the Java Stack, but not to reach a servlet. I don't find the path to my servlet:
  <FORM method="POST" action="SSORedirect2" >
  A JSP is a servlet too. There is just no JAVA Class involved!
  You do not need any POST Request to invoke a Servlet.
  I see that my servlet is deployed, but I don't how what path to give to my form to invoke the servlet, here follows my web.xml
    <?xml version="1.0" encoding="UTF-8" ?>
    <!DOCTYPE web-app (View Source for full doctype...)>
  - <web-app>
    <display-name>WEB APP</display-name>
    <description>WEB APP description</description>
  - <servlet>
    <servlet-name>SSOredirect2</servlet-name>
    <servlet-class>com.atosorigin.examples.AuthenticatorServlet</servlet-class>
    </servlet>
  - <servlet>
    <servlet-name>SSORedirect2.jsp</servlet-name>
    <jsp-file>/SSORedirect2.jsp</jsp-file>
    </servlet>
  - <security-constraint>
    <display-name>SecurityConstraint</display-name>
  - <web-resource-collection>
    <web-resource-name>WebResource</web-resource-name>
    <url-pattern>/*</url-pattern>
    <http-method>GET</http-method>
    <http-method>POST</http-method>
    </web-resource-collection>
  - <auth-constraint>
    <role-name>DefaultSecurityRole</role-name>
    </auth-constraint>
    </security-constraint>
  - <security-role>
    <role-name>DefaultSecurityRole</role-name>
    </security-role>
    </web-app>
  If you have an AuthenticatorServlet Class all you need is to add the Servlet Mapping in your web.xml file
  e.g.
  <servlet>
    <description>
    </description>
    <display-name>AuthenticatorServlet</display-name>
    <servlet-name>AuthenticatorServlet</servlet-name>
    <servlet-class>com.atosorigin.examples.AuthenticatorServlet</servlet-class>
  </servlet>
  <servlet-mapping>
    <servlet-name>AuthenticatorServlet</servlet-name>
    <url-pattern>/AuthenticatorServlet</url-pattern>
  </servlet-mapping>
  You can directly call the Servlet in your Browser by calling the URL provided in the url-pattern of your Servlet mapping ( in this case /AuthenticatorServlet). The engine will invoke the Class "com.atosorigin.examples.AuthenticatorServlet" in the background and do whatever you defined there!
  I have also to pass my http header and the redirectUrl in the GET request.
  If you like! I just suggested this for testing purposes. As I stated before you need a way to tell your proxy (or in your case AuthenticatorServlet) which user should be set when calling the Engine in order to authenticate using HTTP Header. You could use the URL Paramater to define the user you actually want to use when you set the Header Variable.
  I just introduced the redirectURL because you were talking about redirects all the time. So if you finally want to call the Backend you could define the Backend URL in the redirectURL Parameter and the Servlet will make sure that you are redirected to this location after the whole process!
  Thx for your input very helpful,
  But again 0 points
  Cheers

• Java portal to bw hana sp08 JCO error

  Dear Team
  I am facing an issue after BW Hana migration.
  Senario:1(BEFORE MIGRATION)
  ORACLE DB/ BW NW 7.3+ JAVA PORTAL  7.01, EACH ON SINGLE STACK
  HOSTNAME: xxxxx
  DOMAIN: xxx.LOCAL
  DATABASE: ORACLE11G
  SYSTEM : ABAP + JAVA SEPARATE STACKS
  PLATFORM: NW 7.3
  JAVA 7.01
  Senario 2
  ( MIGRATION ENTIRE ABAP STACK)
  HDB/ BW NW 7.3
  HOSTNAME: YYYYY
  DOMAIN: xxxx.LOCAL
  DATABASE: HDB SP08
  SYSTEM : ABAP
  PLATFORM: NW 7.3
  Migrated only Abap stack and Java portal still runs with older database(oracle)in Older system(Xxxxx). I did the re-deployment on java portal with new HANA db configuration and it was success but.
  When connecting Jco it is throwing error
  Test Connection with Connector
  Test Details:
  The test consists of the following steps:
  1. Retrieve the default alias of the system
  2. Check the connection to the backend application using the connector defined in this system object
  Results
  Retrieval of default alias successful
  Connection failed. Make sure that Single Sign-On is configured correctly
  only the issue with Jco  rest of all connectivity working fine, anybody face the same issue   ?

  Hi,
  Issue got resolved .
  OOPS N BUGS !!!: Java portal to bw hana JCO error / Connection failed. Make sure that Single Sign-On is configured corre…
  Thanks
  Yoonus

• Want to delete all the mails in the mail box configured for BPM Portal

  Hi All,
  Do you have idea to perform this activity.
  I want to delete all the mails in the Dev mail box configured for BPM Portal.
  Server and mailbox details as given below :
  Mail a/c = Y00123
  Mail server = sap.mail.com
  Thanks, Sanjay

  http://java.sun.com/developer/onlineTraining/JavaMail/contents.html
  http://www.jguru.com/faq/view.jsp?EID=17035
  if you know the password of the account, i think you can also access the mail using mail client, like you use outlook to deal with your company mail daily.

• EWA for Java /Portal

  Hi
  I have several instances PI /XI ,ECC ...
  I have configured the ABAP System in Solution Manager but I want to know to configure tha java side & portal in Solution Manager because for the ABAP System we have to create RFC connection in solution manager and the satellite systems
  How configure Early Watch for Java?
  Regards
  B VA

  You can use SAP Note 976054.

• Issue when execute query in JAVA portal

  Hi all,
  I aways used the Query Designer 3.x and now im using the Query Design and i know that run with JAVA portal. So I have new issues and it not expected.
  When I run RSRT and select a query I have no problems running by ABAP but when I select JAVA Web i had issue.
  I know that JAVA give the addres:
  http://MACHINE:PORT/irj/servlet/prt/portal/prtroot/pcd!3aportal_content!2fcom.....
  but in my case only give me:
  /irj/servlet/prt/portal/prtroot/pcd!3aportal_content!2fcom.....
  Anyone have some idea?
  Thanks in advice
  Ralph

  Hello,
  Let me understand the issue.
  When you click on Java Web (RSRT), the browser opens the following URL "/irj/servlet/prt/portal/prtroot/pcd!3aportal_content!2fcom....." ?
  Download the note 937697 and follow the instructions. Maybe the BI Master data is not configured on your portal.
  This note will detects the inconsiste and suggest a solution.
  Also, there is a table which you have to maintain the Portal server name.
  TABLE: RSPOR_T_PORTAL
  Check if exist a default portal on this table.
  Thanks...
  Edward John

• Creating system in portal for the backend SRM

  Dear All,
  We are in the process of setting up a system  in portal for the backend SRM system
  I have tried to create system in System admin--> System configuration --.>System landscape
  For SAP Web AS Connection , the parameters maintained are:
  Hostname : <FQ hostname>:8000  ( 8000 is the HTTP port for ICM)
  Web AS path: /sap/bc/webdynpro
  protocol :8000
  But test is failing as 'An HTTP/S connection to http://xxxxxxxxx::8000/sap/bc/webdynpro was not obtained successfully; this might be due to a closed port on the Firewall:
  test details:
  SAP Web AS Connection
    Test Details:
  The test consists of the following steps:
  1. Checks the validity of system ID in the system object.
  2. Checks if the system can be retrieved from the PCD.
  3. Check whether a SAP system is defined in the system object
  4. Validate the following parameters: WAS protocol; WAS host name
  5. Checks if the host name of the server can be resolved.
  6. Pings the WAS ping service; works only if the service is activated on the ABAP WAS.
  7. Checks HTTP/S connectivity to the defined back-end application
    Results
  1. The system ID is valid
  2. The system was retrieved.
  3. The system object represents an SAP system
  4. The following parameters are valid: Web AS Protocol (http) Web AS Host Name (bhidfwao06.ent.bhicorp.com:8000)
  5. The host name bhidfwao06.ent.bhicorp.com was resolved successfully.
  6. The Web AS ping service http://bhidfwao06.ent.bhicorp.com:8000/sap/bc/ping was pinged successfully.
  7. An HTTP/S connection to http://xxxxxxxxx::8000/sap/bc/webdynpro was not obtained successfully; this might be due to a closed port on the Firewall.
  Is there any problem with the port, I doublechecked and the port for HTTP is 8000.
  If I give the Web AS path: /sap/bc/bsp  test is successful.
  Any pointers please?
  Regards,
  Arun

  hi arun,
  u may have to activate some more services in sicf
  u can follow this link what are the neccesary applicaiton need in sicf
  http://help.sap.com/saphelp_nw70/helpdata/EN/46/d28dfa34bb12bee10000000a1553f7/frameset.htm
  let me know u need any further information
  ravindra

• Internal and External Portals be hosted & Configured on Same Portal server?

  Hi Experts,
  Is it possible to host and configure the Internal portal and External Portal on the same portal server?
  If yes, kindly provide the inputs.
  We have a scenario wherein we have to use the same portal server for both kinds of users (Internal as well as External).
  We want to provide separate URLs for both the portals and the datasource for the users management would be different for both the scenarios.
  The user managemnet in case of Internal Portal has to be authenticated to an AD server whereas in case of External Portal the user management would be taken care by UME.
  Please suggest and share some docs if possible.
  Thanks & Regards,
  Anurag

  Hi,
  Can we customise the Portal logon page for both the portals differently?
  I've already customised the portal logon page by modifying the UME properties in the Config Tool but that was done keeping in mind the External Portal users. Now, we want to customise the page for Intranet users but with different options at the logon page.
  How can we achieve this functionality as any property that we modify in either VA or Config Tool will affect both types of portal pages.
  For an eg. we have a Self Registration link for the external users which we do not want for the Intranet users. How is this possible?
  If we design a webdynpro java application for the logon page and for authentication purpose, can we call a home page iview on successful authentication?
  And with this customised webdynpro java application, can we connect to the AD server for the user authentication?
  Best Regards,
  Anurag

• Can Central System administration be configured for JAVA systems?

  I know, we can configure Central system administration (DSWP -> Solution -> Operations Setup) for ABAP and ABAP+JAVA systems.
  Can some one tell me, can it be configured for JAVA systems like Portal?
  Thanks
  Aditya

  Hello Aditya
  Unfortunatelly Java only systems are not supported by CSA in EHP1. The CSA infrastructure is currently being overhauled and as a result of this, pure Java systems will also be covered starting with the next release of SAP Solution MAnager (SAP Solution Manager 7.1) The availability of this next release will be this year, but I am not yet sure when exactly. You can check further info in www.service.sap.com/solutionmanager -> in the last line of this page there is a link to get detail about this version Ramp-Up.

• Configurations for extracting portal activity data from netweaver portal.

  Hi,
  I need to fetch  the portal activity data from the portal into Solution Manager. I would like to know the configurations on the portal that will be needed in order to extract the portal actvity data . How will i proceed extracting the portal activity data?
  thanks and regards,
  Divya.

  Hi Divya,
  We can not say that Early Watch Alerts is same as the  the portal activity report.
  Its a diagnosis service, for the solution monitoring of SAP and non-SAP systems
  in the SAP Solution Manager. Its gives you the complete details of your System.
  If we talk about Portal then you can get the details like :
  1. Java Heap details
  2. Memory Uses
  3.Portal Objects access details (Like Activity report )
  4.Server Nodes details
     and many more things.................
  The Underlying concept is to ensure smooth operation of individual SAP Systems
  by keeping you informed of their status and allowing you to take action,
  before severe technical problem occurs.
  Check the below link for ewa:
  [SAP EarlyWatch Alert overview|http://www.mediafire.com/?gilijcnnwet]
  [SAP EarlyWatch Alert|http://help.sap.com/saphelp_sm40/helpdata/en/87/50cce344ae495bae240add66a28ed7/content.htm]
  [Using SAP EarlyWatch Alert|http://help.sap.com/saphelp_sm40/helpdata/en/5a/b27f17edb04a6882c59f6619a267b9/content.htm]
  Regards,
  Piyush

• Configuring BI java

  Hi all,
  Where do you configure BI java, what are the steps involved in it? I am little bit confused about this whether i have to do it in BI or in portal? While installing i  came across this question In which server i have to select BI java as application component?

  Hi,
  If you are running on Netweaver 2004S > SPS12 ..... Check in CTC ( Central Technical Configuration ) in Netweaver Adminstrator. It does all the confinguration steps automatically.
  check this link ...
  /people/boris.zarske/blog/2007/08/16/new-version-of-configuration-wizard-with-sap-netweaver-70-sps-13
  Thanks,
  Tanuj

• How to configure the ESS portal in ehp 6 server?

  Dear All,
  Pls advice me how to configure the ESS portal in my client server?
  I want to create new iviews ,pages,workset and link them all to R/3,with total configuration steps please.
  Thanks and Regards,
  Pradip

  hi pradeep ,
  which version r u using wdjava or abap ? ......if ur using java you have to do all in home page framework and if you are using with launchpad from   EHP5 better you can create it from launchpad by going to t -code LPD_CUST and select the ROLE:ESS and INSTANCE: MENU
  REFER Below............
  http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/e09b3304-07d8-2b10-dbbf-81335825454f?QuickLink=index&overridelayout=true&38388417774934
  http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/21eb036a-0a01-0010-25a3-b2224432640a?QuickLink=index&overridelayout=true&5003637159921
  http://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=31476&bc=true
  http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/108c31e7-b6a7-2d10-3692-c1a9f7a5c4dc?overridelayout=true

• Configuring printers in portal

  hi,
  Pls me know the steps to configure printers in portal
  I am aware of configuring printers in SPAD from ABAP side
  Pls help

  Hi,
  Generally we dont congifure any printer in the portal,
  But when you do user mapping from your backend system,
  while creating ess users you specify the default printer,that device will be used for printing.
  Regards,
  Vamshi.

• Biller Direct Portal debugging in backend R3

  Hi,
  We have Biller Direct implmented for our customer.
  We need to debug a Contact List Link present in the Biller Direct Portal in the Backend,because when we click the link in Portal a BAPI program is callaed in the Backend.
  What we need is to debug it, in the sense that --> we put a BREAKPOINT in the BAPI program in the back end, when a user clicks on the Contact List link in the BD portal, it should stop and should not execute the whole PROGRAM in the backend.
  But here when we put a BreakPoint in the BAPI program in Backend R3 and user clicks on the Link in portal, the Porgram is Executed Completely without stopping.
  What could be the issue? How can we debug to know what exactly happens in the backend when user clicks on the link in Portal?
  Any help is appreciated.
  Regards,
  AVK
  Edited by: Abhi K on Nov 23, 2009 1:40 PM

  Hi David,
  Thanx for the response.
  But we have already tried placing a External Breakpoint in the ABAP and called the link from the Portal,but it did not work.The Program executed completely without stopping.
  But can you suggest whether there are any settings which need to be done in R3 for debugging? Any configuration or debugging specific settings in Back end which we might be missing?
  Can Basis team help in this?
  Appreciate your help.
  Regards,
  AVK

• CF 11: Configuration a datasources to MS SQL Backend with encryption enforced by SQL Server

  Hello List;
  I have the following problem: Configuration a datasources to MS SQL Backend with option encryption enforced (by SQL Server).
  I goggled in the internet for the configuration of the datasource and find multiple articles/advices:
  Configuration a datasource type other with jtds.jdbc.Driver and manual configuration of the connection string:
  1. Downloading the driver and copy to the cfusion/lib directory: Done, the driver was recognized by coldfusion after a restart of the service.
  2. Copying the ntlmauth.dll to the bin directory of jre/bin: Done
  3. Configuration of the jdbc URL: jdbc:jtds:sqlserver://xxxx.xxx.xxx.net:1433/db: Works, I don’t  get a connection timeout
  4. User and PW: Works: I don’T get a login failure.
  5. Advanced settings: Connection String: Maybe here is something wrong: EncryptionMethod=SSL; TrustStore=Path\sqlstore.jks; TrustStorePassword=xxx; ValidateServerCertificate=true; HostNameInCertificate=xxx.xxx.xxx.net;
  Error Message (Coldfusion logs/stack trace):  I/O Error: DB server closed connection. SQLException while attempting to connect: java.sql.SQLException: I/O Error: DB server closed connection..
  Has anybody experiences with this topic/can give me advices/send me screenshots.
  frank

  Hi Stephen;
  we tried: add EncryptionMethod=SSL; ValidateServerCertificate=false; to the connection string;
  And it doesn't work.. Are you sure, that you have enabled encryption enforced in your SQL-Server Settings.
  Oherwise the connection works, but the Connection is not encrypted:
  Coldfusion lies!
  You can controll this by veryfining the open connections on the sqlserver with the query:
  SELECT net_transport, protocol_type, encrypt_option ,auth_scheme, program_name FROM sys.dm_exec_connections AS c JOIN sys.dm_exec_sessions AS s ON c.session_id = s.session_id cross apply sys.dm_exec_sql_text(most_recent_sql_handle) AS d
  There you can see the jtds Connectionand the (programname) and the encryt_option (must be true).
  frank