Create SSO on SAP portal to ECC 6.0 EHP4 backend
Hello,
I want to create a SSO connection form my SAP Portal server to my ECC 6.0 EHP4 Backend system.
My JAVA Portal is installed on the same system as the ECC 6.0 backend system.
For the configuration I follow the steps as described in the document: http://www.sap-img.com/basis/configure-the-sso-single-sign-on-for-portal.htm.
At point 5.3 I have to set the Backend System as "ACL" in the Portal. So Iu2019m still in the Visual administrator from point 5.2 but now I go to the path Server --> Services --> Security Provider --> Ticket.
Here I choose the authentication tab and want to add the com.sap.security.core.server.jass.EvaluateTicketLoginModule. Buth when I press the Add button I get a list of available login members. In this list there is no com.sap.security.core.server.jass.EvaluateTicketLoginModule login module available. Does someone know what Iu2019m doing wrong or how I could add the correct login module?
I attach a screen shot from Visual administrator.
Kind regards,
Richard Meijn
Edited by: Richard Meijn on Aug 10, 2011 8:20 AM
Cahtal,
Thanks for you quick reaction but it's not all clear for me. So could you explain it a little bit more detailed fo me.
If I write something wrong please correct me. I understand the following
So If I am on the "Authentication" tab I press the Add new button
In the list which shows up I select the u201CEvaluateTicketLoginModuleu201D
Here I change the name and option value to trustedsys01=<PORTAL_SID>, <PORTAL_CLIENT>
Kind regards,
Richard Meijn
Similar Messages
-
SSO between SAP Portal 7.3 and Ruby on Rails
Hello Everyone,
We are planning to integrate SAP Portal 7.3 and a RoR application and I am wondering If someone can share some experience (If you have any of course) on how to establish SSO between SAP Portal and RoR.
The SAP Portal will act as service provided and RoR as a consumer, we don't have LDAP, so the Portal UME is in ABAP and RoR uses an own UME database. We have SSO between our Portal and SAP Backend systems.
In RoR customers will have access to their own information (Invoices, etc..) that will be provided by the backend system.
URL transaction and iFrames is not an option for us.
The second option is to call Web Services, directly or through the SAP Portal (we are using a central sr).
I am a NetWeaver consultant who heard about RoR but have no experience in this field.
All help and tips are greatly appreciated!.
Regards,
RidouanWe used Client certificates. Still working on the PoC.
-
Webservice & SSO in SAP portal
Hi,
I have created a webservice with basic authentification in my ABAP SAP backend.
Now I like to use this webservice at my Java Web Dynpro application in SAP Portal. SSO (or is it SAP Logon-Ticket?) for the portal is set up correctly. I tested it with a SAP transaction iView that now doesn't need an addition logon.
In the Web Dynpro application I added the webservice as a model.
At project properties a also added tcsecwssec~service in the "Service references" tab.
If I manually add username/pw the webservice works fine.
._setUser("user");
._setPassword("pw123456");
But I like to use Single Sign On (SSO) for calling the webservice. How can I reach this?
I also searched the Forum but none of the tested workarounds worked for me.
Calling the webservices results in this exception:
Service call exception; nested exception is: com.sap.engine.services.webservices.jaxrpc.exceptions.InvalidResponseCodeException: Invalid Response Code: (401) Unauthorized.
Thanks a lot.
Henningok, I found the solution on my own.... it's easy :-D
I had to define a HTTP destination for my webservice in Visual Administrator:
(Services -> Destionations -> HTTP)
Then only add the destination in the custom controller:
setHTTPDestinationName("ZDEMO_SERVICE");
Henning -
Create custom com.sap.portal.layouts.framework to allow google index
Hello experts,
I can't create a full .par from a copy of the com.sap.portal.layouts.framework component because when I create the .par for upload it in the portal, this .par file just includes the portalapp.xml. I don't know if there is a restriction in the portalapp.xml, so that the .jsp files are not exported to the par file?
I haven't changed the portalapp.xml, just deleted the components for the layouts that I donu2019t need to modify
<?xml version="1.0" encoding="UTF-8"?>
<application>
<!--THIS FILE IS A COPY OF THE ORIGINAL VERSION STORED IN THE PCD. PLEASE DO NOT CHANGE IT!-->
<application-config>
<property name="Vendor" value="sap.com"/>
<property name="SecurityArea" value="NetWeaver.Portal"/>
<property name="SharingReference" value="com.sap.portal.htmlb,com.sap.portal.themes.lafservice,com.sap.portal.useragent,com.sap.portal.pagebuilder"/>
</application-config>
<components>
<component name="framework">
<component-config>
<property name="ClassName" value="com.sapportals.portal.pb.layout.PageLayout"/>
<property name="ResourceBundleName" value="pagebuilder_nls"/>
<property name="SafetyLevel" value="no_safety"/>
</component-config>
<component-profile>
<property name="ComponentType" value="com.sapportals.portal.layout"/>
<property name="com.sap.portal.pcm.Title" value="Framework Layout"/>
<property name="com.sap.portal.pcm.Description" value="Layout displaying one full-width column that encompasses the entire portal desktop and contains scripts"/>
<property name="com.sap.portal.reserved.layout.TagLibLayout" value="/SERVICE/com.sap.portal.pagebuilder/taglib/layout.tld"/>
<property name="com.sap.portal.reserved.layout.TagLibHtmlb" value="/SERVICE/com.sap.portal.htmlb/taglib/htmlb.tld "/>
<property name="com.sap.portal.reserved.layout.TemplateFile" value="framework.jsp"/>
<property name="AuthScheme" value="anonymous"/>
<property name="com.sap.portal.reserved.layout.Cont1" value="frameworkColumn">
<property name="title" value="Framework Column"/>
<property name="orientation" value="vertical"/>
<property name="designClass" value="prtlHeaderCon"/>
</property>
</component-profile>
</component>
<component name="light_framework">
<component-config>
<property name="ClassName" value="com.sapportals.portal.pb.layout.PageLayout"/>
<property name="ResourceBundleName" value="pagebuilder_nls"/>
<property name="SafetyLevel" value="no_safety"/>
</component-config>
<component-profile>
<property name="EPCFLevel" value="0"/>
<property name="ComponentType" value="com.sapportals.portal.layout"/>
<property name="com.sap.portal.pcm.Title" value="Framework Layout"/>
<property name="com.sap.portal.pcm.Description" value="Layout displaying one full-width column that encompasses the entire portal desktop and contains scripts"/>
<property name="com.sap.portal.reserved.layout.TagLibLayout" value="/SERVICE/com.sap.portal.pagebuilder/taglib/layout.tld"/>
<property name="com.sap.portal.reserved.layout.TagLibHtmlb" value="/SERVICE/com.sap.portal.htmlb/taglib/htmlb.tld "/>
<property name="com.sap.portal.reserved.layout.TemplateFile" value="light_framework.jsp"/>
<property name="AuthScheme" value="anonymous"/>
<property name="com.sap.portal.reserved.layout.Cont1" value="frameworkColumn">
<property name="title" value="Framework Column"/>
<property name="orientation" value="vertical"/>
<property name="designClass" value="prtlHeaderCon"/>
</property>
</component-profile>
</component>
</components>
<services/>
</application>I'm trying to do the follow change in framework.jsp so that google can correctly index a external facing portal:
I allready consider the following links:
Note 933452
http://help.sap.com/saphelp_nw70/helpdata/en/44/ccf6bf687f3b9ae10000000a1553f6/frameset.htm
Re: EP and search engine
Re: Portal Page Header <HEAD> Keywords & Title
Re: EP and search engine
Re: New Framework Page From PAR File
Creating framework page from new jsp-file
Any advice will be very helpful
Best Regards,
Ernesto Serrano -
Hi
- I am trying to connect portal to ABAP so that from portal's iView i could access any ABAP T-Code (e.g. SE37).
- Secondly, just wanted to let you know that i am not implementing SSO.
- I used iView's SAP GUI Type = SAP GUI for HTML.
I made following 3 tests, out of which ITS connection is failed. and while previewing my iView i m not able to connect with ABAP and giving error: "The URL http://192.168.1.104:8001/sap/bc/gui/sap/its/webgui was not called due to an error."
Could u pls guide me what to do.... And i mentioned everything at the bottom in detail.
Thanks & looking forwarded for your replies.....
SAP Web AS Connection (Successful)
Test Details:
The test consists of the following steps:
1. Checks the validity of system ID in the system object.
2. Checks if the system can be retrieved from the PCD.
3. Check whether a SAP system is defined in the system object
4. Validate the following parameters: WAS protocol; WAS host name
5. Checks if the host name of the server can be resolved.
6. Pings the server to see if it is alive.
7. Pings the WAS ping service; works only if the service is activated on the ABAP WAS.
8. Checks HTTP/S connectivity to the defined back-end application
Results
1. The system ID is valid
2. The system was retrieved.
3. The system object represents an SAP system
4. The following parameters are valid: Web AS Protocol (http) Web AS Host Name (192.168.1.104:8001)
5. The host name 192.168.1.104 was resolved successfully.
6. The server 192.168.1.104 was pinged successfully.
7. The Web AS ping service http://192.168.1.104:8001/sap/bc/ping was pinged successfully.
8. An HTTP/S connection to http://192.168.1.104:8001/sap/bc/bsp/sap was obtained successfully.
ITS Connection (Failed)
Test Details:
The test consists of the following steps:
1. Checks the validity of system ID in the system object.
2. Checks if the system can be retrieved from the PCD.
3. Check whether the system object has a valid system alias
4. Check whether a SAP system is defined in the system object
5. Validate the following parameters: ITS protocol; ITS host name
6. Checks if the host name of the server can be resolved.
7. Pings the server to see if it is alive.
8. Checks HTTP/S connectivity to the defined back-end application
Results
1. The system ID is valid
2. The system was retrieved.
3. Retrieval of the default alias was successful
4. The system object represents an SAP system
5. The following parameters are valid: ITS Protocol (http) ITS Host Name (192.168.1.104:8001)
6. The host name 192.168.1.104 was resolved successfully.
7. The server 192.168.1.104 was pinged successfully.
8. User mapping is valid
9. An HTTP/S connection to http://192.168.1.104:8001/sap/bc/gui/sap/its/webgui/ was not obtained successfully; this might be due to a closed port on the Firewall.
Test Connection with Connector (Successful)
Test Details:
The test consists of the following steps:
1. Retrieve the default alias of the system
2. Check the connection to the backend application using the connector defined in this system object
Results
1. Retrieval of default alias successful.
2. Connection successful.
I am getting following error while Previeiwng iView.
Error when processing your request
What has happened?
The URL http://192.168.1.104:8001/sap/bc/gui/sap/its/webgui was not called due to an error.
Note
The following error text was processed in the system D10 : Template interpretation cancelled, syntax error.
The error occurred on the application server eccdcs1s_D10_01 and in the work process 0 .
The termination type was: RABAX_STATE
The ABAP call stack was:
SYSTEM-EXIT of program SAPLSFUNCTION_BUILDER
Function: RS_FUNCTION_INITIAL_SCREEN of program SAPLSFUNCTION_BUILDER
Method: IF_WB_PROGRAM~PROCESS_WB_REQUEST of program CL_FB_FUNCTION_INITIAL_SCREEN=CP
Method: DO_THE_NAVIGATION of program CL_WB_NAVIGATOR===============CP
Method: DO_THE_NAVIGATION of program CL_WB_NAVIGATOR_VIS_AS_DYNPRO=CP
Method: PROCESS_WB_REQUEST of program CL_WB_MANAGER=================CP
Method: PROCESS_REQUEST_QUEUE of program CL_WB_MANAGER=================CP
Method: IF_WB_MANAGER~SET_WORKSPACE of program CL_WB_MANAGER=================CP
Method: START_INTERNAL of program CL_WB_STARTUP=================CP
Module: MANAGER_START of program SAPLWB_MANAGER
What can I do?
If the termination type was RABAX_STATE, then you can find more information on the cause of the termination in the system D10 in transaction ST22.
If the termination type was ABORT_MESSAGE_STATE, then you can find more information on the cause of the termination on the application server eccdcs1s_D10_01 in transaction SM21.
If the termination type was ERROR_MESSAGE_STATE, then you can search for more information in the trace file for the work process 0 in transaction ST11 on the application server eccdcs1s_D10_01 . In some situations, you may also need to analyze the trace files of other work processes.
If you do not yet have a user ID, contact your system administrator.
Error code: ICF-IE-http -c: 001 -u: SAPUSER -l: E -s: D10 -i: eccdcs1s_D10_01 -w: 0 -d: 20090924 -t: 202054 -v: RABAX_STATE -e: ITS_CANT_LOAD_INCLUDE
HTTP 500 - Internal Server Error
Your SAP Internet Communication Framework Team
Edited by: Harpal Singh on Sep 24, 2009 4:55 PMHi,
> Goto SE80, Select "Internet Service". Give service name as WEBGUI and enter. Right click on the WEBGUI and select Publish - > Complete service.
Source : http://wiki.sdn.sap.com/wiki/display/BI/BiAdminCockpit+Issues
Or call transaction SIAC_PUBLISH_ALL_INTERNAL to publish all services.
[Note 964521 - Short dump ITS_CANT_LOAD_INCLUDE w/ call of SAP GUI for HTML|https://service.sap.com/sap/support/notes/964521].
Regards,
Pierre -
SSO with SAP R/3 with load balancing as backend over the Web AS
Hi,
we have Netweaver 2004 at this time and we have to connect the portal to a BSP application in a load balancing environment.
We set user mapping for the user and set the connection type from SAPLOGONTICKET to UIDPW. This is running for a test environment with only one R/3 system without load balancing.
Does anyone know the setting parameters for a load balancing environment (ok, the message server and...?).
Thank you.
Best regards
PatriziaHi all,
run into the same problem. Setting up a mapping with UIDPW in a non load balanced WEB-AS enviroment for BSP or Webdynpro for ABAP works fine. But if I go to set it up in a balanced system I can see the following behavior. The http request is send to the messageserver. This request enclosed my mapped user and password. The messageserver responds with an HTTP 301 wich contains one of my applicationservers, so far so good. The client sends a new request to the mentioned applicationserver but this time without the UIDPW. So the user will not be logged in.
I was wondering if my backend have to issue logonticket too, cause today it only accept tickets from the portal.
Is this is a bug or a feature?
Regards,
Bernd -
Creating Datasource and Extracting from SAP R/3 ECC 6.0
Hello Gurus,
I am very new in BI field, I am learning through notes provided in this Blog.
Curretnly I need to know how we create Datasource at SAP R/3 ECC 6.0 (is there any difference b/t these?)
and how we may extract data from R/3 ECC 6.0 Source System.
Looking for your kind reply
Thanks in Advance
KKYou can use any specific Extractors to Create Data Source in R/3 side.
Let me explain with Generic Extraction
Goto SBIW--> you can see all the extractions here
Generic extractors are of 3 types:
1. Based on table/view
2. Based on Info set Query
3. Based on Function module
If you would like to create a custom table, then goto SE11>Select Table>Click on Create (Now create you own table here & use this table while creating Transaction data)
Goto RS02-->Select Transaction data.
Click on Create
Choose an application component to which the data source is to be assigned
Click on Generic Delta
Specify the Delta-Specific and the type for the field.
Specify a safety interval
Select Data type>Save> Now Data source was generated successfully
After generating the data source , you will find Delta Flag checked.
Please go through the following link for Generic Delta
[https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/84bf4d68-0601-0010-13b5-b062adbb3e33]
Once you've done with Data Source in R/3 side--> u need to Replicate it to BI
Goto RSA1>source system>Select the Source system in which u've created Data source>R.C select Data Source Overview>Select the Application Component to which Data source is assigned>R.C Select Replicate dataSorce>here you can see your NEW Data source
Hope it helps! -
SSO to J2EE application from SAP Portal
Hi
I am trying to do SSO from SAP Portal to a J2EE engine which runs on SAP Web AS.
Here are my queries
1. When I deploy a J2EE application on Web AS , I dont get any login screen. How can I make sure that if a user wants to access this J2EE application he should get a login screen and provide his login credentials first, only then would he be able to access the J2EE application.
2.When I am done with Part 1. If a user tries to access this J2EE application from the Portal (asuming the user Id's in Portal and J2EE application are same and both are in the same domain) , I should not get any login screen and should be able to view the J2EE application.
3.I want to use SAP Logon tickets generated by the Portal to enable SSO.
I have done all the necessary configurations in the J2EE server.
1. Imported the Portal's verify.der certificate.
2. Adjusted the login modules stack for the application accordingly.
Can anyone please help me out with this or throw some light.
Please help.
Thanks in advance,
Vivek
PS - Points will be definitely rewardedHi Vivek,
Let me give you the solution for both questions differently.
<b>Ques 1. When I deploy a J2EE application on Web AS , I dont get any login screen. How can I make sure that if a user wants to access this J2EE application he should get a login screen and provide his login credentials first, only then would he be able to access the J2EE application.</b>
<b>Ans:</b> For doing this in the code of your J2EE application you have to write a if statement which will check if the user ID is coming from the backend or not. If yes then you display that logon page else you just pass that username which is coming from backend and displ;ay the page accordingly.
<b>Ques 2.When I am done with Part 1. If a user tries to access this J2EE application from the Portal (asuming the user Id's in Portal and J2EE application are same and both are in the same domain) , I should not get any login screen and should be able to view the J2EE application.</b>
<b>Ans:</b> Yes, this is what I am explaining you. Even I had also made same kind of J2EE application in which if the user is coming from the backend then he/she will look the J2EE screen else if the username is not coming then he will se the Login screen. Exactly same as what are looking for.
<b>3.I want to use SAP Logon tickets generated by the Portal to enable SSO.</b>
<b>Ans:</b> I have used User Mapping instead of SAP Logon ticket. Well that is also the option for SSO but personally I think User Mapping is easy and better way for implementing SSO.
I dont know whether this will help you or not. Please let me know. I can definately help if you want to implement SSO using User Maping.
Regards
Pravesh
PS: Please dont forget to reward points. -
SSO from Microsoft wabsite to SAP Portal
Hi
My client wants SSO from .net based Microsoft website to SAP Portals. Requirement is that when customer enters the website e.g. www.mysite.com , he will be automatically gain access (SSO) to SAP Portal .
How it can be done ?
Please help
Thanks in advanceHi Ananda,
This link answers your query.
https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.docs/library/interoperability/dotnet/_web%20services%20and%20a2a%20interoperability%20center/sample%20application%3a%20sso%20with%20a%20.net-based%20web%20service%20client%20using%20sap%20logon%20tickets.pdf
Reward points if handy!
Regards,
Sandeep Tudumu -
My experience of SSO between SAP Portal6.0 and non-Sap Application
Firstly I announce that I am not a Sap developer or a Sap Consultant. I am a Cognos Consultant. I need do SSO between Sap Portal and Cognos Portal in my project, So I have to make SSO between two portals.
I tested SSO between the two products on IIS5 of Windows XP and IIS6 of Windows 2003 and passed.
Step 1: Copy sapsecin.exe and sapsecu.dll on any directory where you want, such as C:PortalSecurity
Then add this directory to your Environment variable PATH. You can find the two files on sapserv<x> under general/misc/security/SAPSECU/<platform>;
Step 2: Copy your Filter ISAPI Files IIS_SSO.dll or IIS6_SSO.dll in any directory where you want, such as C:PortalFilter. You can find this two files on SAP note 442401.
Step 3: Get you verify.pse which is located in
<irj>
ootWEB-INFpluginsportalservicesusermanagementdata and put it on the same directory with your ISAPI Files ,such as C:PortalFilter
(According Sap Support articles , IIS_SSO.dll should be used on IIS 5 and IIS6_SSO should be used on IIS 6,but I can not load IIS_SSO.dll on IIS 5 of Windows XP, I use IIS6_SSO.dll );
Step 4: Create a new file named verify.properties , the content of this file see the appendix A;
Step 5: Load the IIS6_SSO.dll on your IIS. On IIS5, Select Website PropertiesISAPI FilterAdd IIS6_SSO.dll and name it wp . On IIS6,do as such and Create a Web Extensions named wp and allocate file IIS6_SSO.dll. Finally restart the www service.
I
If you can load the filter successfully, you will see the filter color is green.
On IIS6,Maybe you find that you cant load your ISAPI file IIS6_SSO.dll, Its state is unloaded and its color is red. I am confused by this question long time. I finally found you must install some R3 dll files on your system! The .dll files which I mentioned can be found in SAP note 684106, put it in a same directory with your security files, such as C:PortalSecurity and restart your web server.
(The steps above I reference Chris beck s topic)
Step 6: I write an ASP file named headerdumper.asp on my website and create a i-view to show my asp file in SAP Portal. If you succeed, you can see the http header variable<your logon name> in ASP page. If you application can receive http header variables, then Congratulations! You have apply SSO successfully.
If your log file show Can't find MYSAPSSO2 ticket cookie for URI "" on host "", dont worry about it. I am confused by this question long time though. I found the key cause the errors are cross domain or different DNS suffix.
I tested 3 scenarios :
1 if your Sap Portal URL is http://sap-server:50000/irj/protal ,and your asp file is located in http://sap-server:80/headerdumper.asp, You cant access this asp page from i-view . I am sorry that I have no idea about this.
2 if your Sap Portal URL is http://sap-server:50000/irj/protal ,and your asp file is located in http://your-server:80/headerdumper.asp, Your log will show Can't find MYSAPSSO2 ticket cookie for URI "" on host "". because they have no domain name, which is seemed that they meant different domain.
3 you must deploy your asp file and sap portal like below ,So you can apply SSO correctly:
you must access SAP Portal like : http://sap-server.domain.com:50000/irj/portal
you must access your asp file like http://yourserver.domain.com:80/headerdumper.asp
then add your asp file as i-view to your SAP Portal which URL is like above , you can get Http header variable correctly.
I am not an native English speaker, I hope you can understand what I said.
Appendix A The Content of Verfy.properties
remote_user_alias=REMOTE_USER
pse_file=C:PortalFilterverify.pse
application=portal
log_file=C:PortalFilterverfy.log
log_level=3
cache_size= 1000
Appendix B The Code of headerdumper.aspI'd recommend to cross-post your inquiry to the Security
-
I know that we can create WIKI in sap portal (using Netweaver 7.0). can anyone, please, confirm that and send me a link in how to configure/create Wiki into the portal.
Thank youHello,
i have installed a EP 7.3 and i want test the wiki integration.
Which usagetype must be installed to use the wiki-system.
I have installed the following usages:
NetWeaver AS Application Server Java Extensions Application Server Java Extensions
NetWeaver EP Enterprise Portal Enterprise Portal
NetWeaver EPC EP Core - Application Portal EP Core - Application Portal
NetWeaver BASIC Application Server Java Application Server Java
NetWeaver NW-MODEL NW-MODEL NW Product Description
Best Regards,
Kai -
Issues accessing keystore of SAP Portal
we need to configure an SSO from SAP portal and a third party website by passing encrypted userid as url parameters.
To configure the SSO I have received the public key of the third party and able to access it from server location. Now I have to access priavte key of the SAP Portal certificate and sign the UserId and pass it as url parameter. I have gone through many blogs and written code as below which is giving Invalid Keystore Format error.
My question is
1. What should be passed to FileInputStream?
As of now we are passing the .cer file which is stored as part of project.
Below code is throwing error at ks.load() method.
String fielPath1 = request.getPublicResourcePath()+"/SAPLogonTicketKeypair-cert1.cer";
FileInputStream ksfis = new FileInputStream(fielPath1);
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(null, sPass.toCharArray());
BufferedInputStream ksbufin = new BufferedInputStream(ksfis);
ks.load(ksbufin, sPass.toCharArray());
PrivateKey priv = (PrivateKey) ks.getKey(alias, kPass.toCharArray());
Error is:
Invalid keystore formatsun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:633)sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:38)java.security.KeyStore.load(KeyStore.java:1185)am_sso_apc.doContent(am_sso_apc.java:132)com.sapportals.portal.prt.component.AbstractPortalComponent.serviceDeprecated(AbstractPortalComponent.java:213)
Please let me know how to pass the filepath to extract the priavte key .
Regards,
SatishSorry to say: but that's a bad advise.
The usertype impacts not only the ability / requirement to change passwords (see <a href="http://service.sap.com/~form/handler?_APP=01100107900000000342&_EVENT=REDIR&_NNUM=622464">SAP Note 622464</a>).
A better advise might be <a href="http://service.sap.com/~form/handler?_APP=01100107900000000342&_EVENT=REDIR&_NNUM=869218">SAP Note 869218</a>: if users need to have the option to logon to the ABAP backend systems by using UID/PWD but do not want to be prompted to change those backend passwords when accessing the backend systems through the Portal, then that note can provide some solution.
Of course: not using UID/PWD but some (other) sort of SSO would be the better approach. However, somethimes that is not possible (e.g. when it would be required to purchase an SNC partner product, according to <a href="http://service.sap.com/~form/handler?_APP=01100107900000000342&_EVENT=REDIR&_NNUM=66687">SAP Note 66687</a>).
Wolfgang -
Nakisa OrgChart STVN 21 JAVA Connectivity issue with ECC 6.0 Ehp4
Dear Nakisa,
We have deployed Nakisa component with following steps:
1. Java component OrgChart21 TalentOrgChart21_16.sca on SAP Netweaver CE 7.1 Ehp1.
2. applied Nakisa "STVN21_Addon_NW701.SAR" and "STVN21TP_OCOMECC60_1_1.zip" on SAP ERP 6.0 Ehp4.
3. Created SSO connectivity between NWCE and ERP 6.0 Ehp4.
5. Applied Nakisa License on portal using following URL:
http://coe-lba-asd1.group.coe:57000/OrgChart/manager.jsp
6. We have provided security settings entries without role mapping and getting following issues while accessing Nakisa user portal:
404 Not Found
SAP NetWeaver Application Server 7.11 / AS Java 7.11
Error: The requested resource /default.jsp is not available
Troubleshooting Guide https://sdn.sap.com/irj/sdn/wiki?path=/display/jsts/home
Details: File [default.jsp] not found in application root of alias [/] of Java EE application [sap.com/com.sap.engine.docs.examples].
Now we would require implement connectivity between Nakisa JAVA component and ERP 6.0 Ehp4. Please help us with its procedure.
Regards,
RajHello,
The connectivity if I understand you correctly is based on the Connection String.
Please refer to the page 33 "Setting the Authentication Source" on the Administrator Guide for STVN2.1.
An example of connection string would be:
ASHOST=SAPTWO SYSNR=02 USER=gsmith PASSWD=PWD1234 CLIENT=800
Cheers,
Bentow. -
SSO from Microsoft to SAP portal
Hi guys,
I am stacked in something regarding SSO, the problem here is that I have to create and ASP.net application able to create the SAPLogOnTicket and bypass the SAP portal logon screen and everytime I am using may application I have not to log in again in the SAP Portal.
Anyone who have an answer or a working example, please let me know.
Thanks in advance,
ArmandoHi Armando,
if your application is extranet application (you access it from internet) then you need to use citrix to log in to the portal without asking for username and password.
if the application is accessible from the intranet then you need to identify the application in the portal landscape system. for more information on this subject you can read the following useful help:
[Click Here|http://help.sap.com/saphelp_nw2004s/helpdata/en/ec/0fe43d19734b5ae10000000a11405a/frameset.htm]
Regards, -
Hi, gurus,
I need to connect our BW to an non-sap portal which is developed by JAVA. However, I have no ideas about how to realize SSO between BW and the portal. Is there any one has similar situation? Could you share your experience?
Thanks!
PengHi, gurus,
I need to connect our BW to an non-sap portal which is developed by JAVA. However, I have no ideas about how to realize SSO between BW and the portal. Is there any one has similar situation? Could you share your experience?
Thanks!
Peng
Maybe you are looking for
-
So recently i realised that my ID acts like new. It cannot get back(restore) old purchases, not even inapp purchases. I checked my emails and exatly a year ago i got an email from apple which said"welcome to itunes store" and that newbie blah blah li
-
T43p black screen, back for a few after standby
hi, i have a t43p, and recently, the screen has been going black after just a few moments of being on, between 1 and 7 minutes, average about 2-3 minutes. in the black screen, sometimes i can still see (dimly) what's going on 'behind' it. i've rec
-
Trail record size & check frecuency for end of uncommitted transactions
Hi, everyone, Does anyone know if the trail record size can be changed from its default value of 4K? What about how long the data pump process delays before searching for more data to proccess in its source trail while it waits for the end of a uncom
-
3.0 Inbound ABAP Proxy not executing
I am attempting a simple SAP (IDoc) -> XI [WAS 6.4] -> SAP (ABAP Proxy)[WAS 6.2]. This proxy receives a couple key elements from the Idoc and writes them to an accessible directory on the recipient SAP machine. Here's what I have thusfar: - ABAP Prox
-
9.0.1 EXS24 Sampler Instruments issue
After the 9.0.1 update, about half of my EXS24 instruments are now named "sampler instrument" or just "instrument." The presets in the subfolders still have their correct names. None of the factory instruments have this problem, but many 3rd party in