Issues accessing keystore of SAP Portal

we need to configure an SSO from SAP portal and a third party website by passing encrypted userid as url parameters.
To configure the SSO I have received the public key of the third party and able to access it from server location. Now I have to access priavte key of the SAP Portal certificate and sign the UserId and pass it as url parameter. I have gone through many blogs and written code as below which is giving Invalid Keystore Format error.
My question is
1. What should be passed to FileInputStream?
As of now we are passing the .cer file which is stored as part of project.
Below code is throwing error at ks.load() method.
String fielPath1 = request.getPublicResourcePath()+"/SAPLogonTicketKeypair-cert1.cer";
FileInputStream ksfis = new FileInputStream(fielPath1);
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(null, sPass.toCharArray());
BufferedInputStream ksbufin = new BufferedInputStream(ksfis);
ks.load(ksbufin, sPass.toCharArray());
PrivateKey priv = (PrivateKey) ks.getKey(alias, kPass.toCharArray());
Error is:
Invalid keystore formatsun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:633)sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:38)java.security.KeyStore.load(KeyStore.java:1185)am_sso_apc.doContent(am_sso_apc.java:132)com.sapportals.portal.prt.component.AbstractPortalComponent.serviceDeprecated(AbstractPortalComponent.java:213)
Please let me know how to pass the filepath to extract the priavte key .
Regards,
Satish

Sorry to say: but that's a bad advise.
The usertype impacts not only the ability / requirement to change passwords (see <a href="http://service.sap.com/~form/handler?_APP=01100107900000000342&_EVENT=REDIR&_NNUM=622464">SAP Note 622464</a>).
A better advise might be <a href="http://service.sap.com/~form/handler?_APP=01100107900000000342&_EVENT=REDIR&_NNUM=869218">SAP Note 869218</a>: if users need to have the option to logon to the ABAP backend systems by using UID/PWD but do not want to be prompted to change those backend passwords when accessing the backend systems through the Portal, then that note can provide some solution.
Of course: not using UID/PWD but some (other) sort of SSO would be the better approach. However, somethimes that is not possible (e.g. when it would be required to purchase an SNC partner product, according to <a href="http://service.sap.com/~form/handler?_APP=01100107900000000342&_EVENT=REDIR&_NNUM=66687">SAP Note 66687</a>).
Wolfgang

Similar Messages

  • Users are not able to access two different SAP portals at a time

    Hi Experts,
    Users are not able to access two different SAP portals at a time, if users login the OLD SAP Portal then they are not able to access NEW SAP Production Portal asking user id's & Password while doing ECC & APO transactions.
    If user clear the Internet Explorer cache then for time being they can access but its not the permanant solution.
    Can any one please help me on this.
    Thanks,
    Jay

    Hello Jay,
    here we are facing this problem, this company users not able to access both the portals at at time
    If you want to access HTC and Armed at the same time you gotta complete SSO Config or User mapping between these two Portals. You can refer to the below link for more details.
    http://help.sap.com/saphelp_nw04/helpdata/en/f8/3b514ca29011d5bdeb006094191908/content.htm
    Thanks
    SM

  • IE11 Issues with sap portal

    Hi,
        I am getting compatibility issues in IE11 with SAP portal....I have followed the procedure to set compatibility view(tools-->compatibility view Settings...)..but the issue hasn't been solved.....I am getting this error...the application
    was stopped due to critical error rendering....activate compatibility mode....could anybody tell me what are the different ways to activate compatibility mode in IE11
    Thanks...

    Unfortunately your post is off topic as it's not specific to Microsoft Training and Certification.  
    This is a standard response I’ve written in advance to help the many people who post their question in this forum in error, but please don’t ignore it.  The links I provide below will help you determine the right forum to ask your question
    in.
    For technical issues with Microsoft products that you would run into as an end user, please visit the Microsoft Answers forum ( http://answers.microsoft.com ) which has sections for Windows, Hotmail,
    Office, IE, and other products.
    For Technical issues with Microsoft products that you might have as an IT professional (like technical installation issues, or other IT issues), please head to the TechNet Discussion forums at http://social.technet.microsoft.com/forums/en-us, and
    search for your product name.
    For issues with products you might have as a Developer (like how to talk to APIs, what version of software do what, or other developer issues), please head to the MSDN discussion forums at http://social.msdn.microsoft.com/forums/en-us, and
    search for your product or issue.
    If you’re asking a question particularly about one of the Microsoft Dynamics products, a great place to start is here: http://community.dynamics.com/ 
    If you think your issue is related to Microsoft Training and Certification and I've flagged it as Off-topic, I apologise.  Please repost your question and include as much detail as possible about your problem so that someone can assist you further. 
    If you really have no idea where to post your question please visit the Where is the forum for…? forum http://social.msdn.microsoft.com/forums/en-us/whatforum/ 
    When you see answers and helpful posts, please click Vote As Helpful,
    Propose As Answer, and/or Mark As Answer
    Jeff Wharton
    MSysDev (C.Sturt), MDbDsgnMgt (C.Sturt), MCT, MCSE: Data Platform & Business Intelligence
    Blog: Mr. Wharty's Ramblings
    Twitter: @Mr_Wharty
    MC ID:
    Microsoft Transcript

  • Vendor user in SAP PORTAL

    Hi experts
    I am configuring EBP-SUS and my vendors will use for bid responses, but ineed the vendors access SUS via SAP PORTAL, so when vendor receive an e-mail with user and pass to create a adiministrator after create a user bidder that must have access in SAP PORTAL to receive bids, the problem is in Supplier Relationship Management - Supplier Self-Services - Master Data -Maintain Systems for Synchronization of User Data I can use only logical system and the creation is done using RFC call, and SAP PORTAL IS a java aplication.
    Some help will be welcome.
    Nilson

    Hi Nilson,
    Can you please explain the issue with more clarity.
    Thanks,
    -Devi Swain

  • Error while loading SAP Portal

    Can anybody help me to resolve the issue of installation of SAP Portal. This is a fresh installation and I got the following error while installing the portal.
    I will appreciate any body who helps me to resolve the issue.
    Info: Begin of log messages of the target system:
    10/10/21 19:52:31 -  ***********************************************************
    10/10/21 19:52:32 -  Start updating EAR file...
    10/10/21 19:52:32 -  start-up mode is lazy
    10/10/21 19:52:32 -  EAR file updated successfully for 109ms.
    10/10/21 19:52:32 -  Start deploying ...
    10/10/21 19:52:32 -  EAR file uploaded to server for 79ms.
    10/10/21 19:52:32 -  ERROR: Not deployed. Deploy Service returned ERROR:
                         java.rmi.RemoteException: Cannot deploy application sap.com/com.sapportals.dqe.beans..
                         Reason: Exception during generation of components of application sap.com/com.sapportals.dqe.beans in container EJBContainer.; nested exception is:
                              com.sap.engine.services.deploy.exceptions.ServerDeploymentException: Exception during generation of components of application sap.com/com.sapportals.dqe.beans in container EJBContainer.
                              at com.sap.engine.services.deploy.server.DeployServiceImpl.deploy(DeployServiceImpl.java:477)
                              at com.sap.engine.services.deploy.server.DeployServiceImplp4_Skel.dispatch(DeployServiceImplp4_Skel.java:1555)
                              at com.sap.engine.services.rmi_p4.DispatchImpl._runInternal(DispatchImpl.java:291)
                              at com.sap.engine.services.rmi_p4.DispatchImpl._run(DispatchImpl.java:183)
                              at com.sap.engine.services.rmi_p4.server.P4SessionProcessor.request(P4SessionProcessor.java:119)
                              at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:37)
                              at com.sap.engine.core.cluster.impl6.session.UnorderedChannel$MessageRunner.run(UnorderedChannel.java:71)
                              at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
                              at java.security.AccessController.doPrivileged(Native Method)
                              at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:94)
                              at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:162)
                         Caused by: com.sap.engine.services.deploy.exceptions.ServerDeploymentException: Exception during generation of components of application sap.com/com.sapportals.dqe.beans in container EJBContainer.
                              at com.sap.engine.services.deploy.server.application.DeploymentTransaction.makeComponents(DeploymentTransaction.java:609)
                              at com.sap.engine.services.deploy.server.application.DeployUtilTransaction.commonBegin(DeployUtilTransaction.java:365)
                              at com.sap.engine.services.deploy.server.application.DeploymentTransaction.begin(DeploymentTransaction.java:296)
                              at com.sap.engine.services.deploy.server.application.ApplicationTransaction.makeAllPhasesOnOneServer(ApplicationTransaction.java:290)
                              at com.sap.engine.services.deploy.server.application.ApplicationTransaction.makeAllPhases(ApplicationTransaction.java:321)
                              at com.sap.engine.services.deploy.server.DeployServiceImpl.makeGlobalTransaction(DeployServiceImpl.java:3028)
                              at com.sap.engine.services.deploy.server.DeployServiceImpl.deploy(DeployServiceImpl.java:462)
                              ... 10 more
                         Caused by: java.lang.NoClassDefFoundError: com/metamatrix/platform/service/api/exception/ServiceException
                              at java.lang.Class.getDeclaredConstructors0(Native Method)
                              at java.lang.Class.privateGetDeclaredConstructors(Class.java:1618)
                              at java.lang.Class.getConstructors(Class.java:865)
                              at com.sap.engine.services.ejb.deploy.verifier.BeanClassCheck.check(BeanClassCheck.java:33)
                              at com.sap.engine.services.ejb.deploy.verifier.session.SessionBeanCheck.check(SessionBeanCheck.java:51)
                              at com.sap.engine.services.ejb.deploy.verifier.Verifier.checkBean(Verifier.java:82)
                              at com.sap.engine.services.ejb.deploy.verifier.Verifier.check(Verifier.java:46)
                              at com.sap.engine.services.ejb.deploy.DeployAdmin.generate(DeployAdmin.java:258)
                              at com.sap.engine.services.ejb.EJBAdmin.deploy(EJBAdmin.java:2057)
                              at com.sap.engine.services.deploy.server.application.DeploymentTransaction.makeComponents(DeploymentTransaction.java:594)
                              ... 16 more
                         For detailed information see the log file of the Deploy Service.
    10/10/21 19:52:32 -  ***********************************************************
    Info: End of log messages of the target system.
    Info: ***** End of SAP J2EE Engine Deployment (J2EE Application) *****
    Error: Aborted: development component 'com.sapportals.dqe.beans'/'sap.com'/'SAP AG'/'609.20041012204607.0000':
    Caught exception during application deployment from SAP J2EE Engine's deploy service:
    java.rmi.RemoteException: Cannot deploy application sap.com/com.sapportals.dqe.beans..
    Reason: Exception during generation of components of application sap.com/com.sapportals.dqe.beans in container EJBContainer.; nested exception is:
         com.sap.engine.services.deploy.exceptions.ServerDeploymentException: Exception during generation of components of application sap.com/com.sapportals.dqe.beans in container EJBContainer.
    (message ID: com.sap.sdm.serverext.servertype.inqmy.extern.EngineApplOnlineDeployerImpl.performAction(DeploymentActionTypes).REMEXC)
    Info: SDM configuration: Do not automatically start/stop J2EE Engine. Do not restore state of J2EE Engine now.
    Error: -
    At least one of the Deployments failed -
    Info: Summarizing the deployment results:
    Error: Aborted: G:\SoftWare\netweaver\Identified\SAPNETWEAVER041DVD_ADDON\EP-KMC\DQE\SDA\J2EE\com.sapportals.dqe.beans.ear
    Processing error. Return code: 4
    Error: Processing error. Return code: 4
    ERROR 2010-10-21 19:52:33
    MUT-02041  SDM call of deploySdaList ends with returncode 4. See output of logfile C:\Program Files\sapinst_instdir\NW04SR1\EP\EP\callSdmViaSapinst.log.

    Hi,
    I believe VISTA is not a recomended OS for SAP Portal, I tried for a week to install and finally gave up
    check this
    Adventures with NetWeaver Portal 7 - Vista Installation
    jo
    Edited by: Ravi Joseph on Dec 12, 2008 11:51 AM

  • SSO from Microsoft wabsite to SAP Portal

    Hi
    My client wants SSO from .net based Microsoft website to SAP Portals. Requirement is that when customer enters the website e.g. www.mysite.com , he will be automatically gain access (SSO) to  SAP Portal .
    How it can be done ?
    Please help
    Thanks in advance

    Hi Ananda,
    This link answers your query.
    https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.docs/library/interoperability/dotnet/_web%20services%20and%20a2a%20interoperability%20center/sample%20application%3a%20sso%20with%20a%20.net-based%20web%20service%20client%20using%20sap%20logon%20tickets.pdf
    Reward points if handy!
    Regards,
    Sandeep Tudumu

  • SAP Portal - InfoView - Dashboard

    Hello, Our company is currently implementing SAP BW, SAP Portal and SAP Business Objects ( Xcelcius, WebI, Crystal).A few Dashboards have been built, accessing data in the new BI servers. I have very little knowledge of these and I am questioning the use of InfoView portal to display the Dashboards.  At present we access the SAP Portal, choose a Role named BI Analytics.  This Role accesses an URL iView that accesses another portal for  InfoView App.  This InfoView portal has a home page that allows the user to navigate to various reports and Dashboards.
    Our executives want quick easy access to their dashboards. I have never seen any presentations/demos that require so much navigation to occur in order to view a dashboard.   My question is why the InfoView Portal is required? Is this required to access all reports/dashboards that are fetching data from BI ?  Can't a Dashboard using data in BI, be directly accessed from the SAP Portal, like an URL iView or a Transaction iView would?
    Appreciate any expert comments and suggestions.
    Thank you
    MPersson

    Export your dashboard to webi infoview and you can use open doc syntax to call it from url

  • How to restrice ananymous user access to portal link /irj/servlet/prt/portal/prtroot/com.sap.portal.navigation.portallauncher.default?

    Hi experts,
    We had an issue with portal access. I wonder if portal is venerable for security threats?
    Could you please let me how to restrict the unauthorized users (anonymous user) to the portal URL.
    https://HOST:50001//irj/servlet/prt/portal/prtroot/com.sap.portal.navigation.portallauncher.default .
    Appreciate your help.
    Regards
    Maruti

    Hi Maruti,
    Hope you are doing good.
    Can't you just amend the portal permissions so that this access is not possible.
    The PCD location should be:
    com.sap.portal.system/security/sap.com/NetWeaver.Portal/no_safety/com.sap.portal.navigation.portallauncher....
    Hope this helps.
    Thank you and have a nice day!
    Kind Regards,
    Hemanth

  • Access denied:com.sap.ip.bi.web.portal.integration.launcher

    Hi Friends,
    I have installed a Standalone Portal ( EP, EP core, BI Java) , configured LDAP as data source and imported the Portal content from Source system . ( in Development, Quality, Production)
    I completed all configuration and testing completed.
    But the portal user created with customized  iviews roles are working fine in Development and Production.
    But ....Access denied:com.sap.ip.bi.web.portal.integration.launcher error is encountered in Quality system.
    In QAS system, while installation I have selected EP, EP core as Usage type.. and after Insatllation I have installed additional Usage tye BI JAVA using JSPM
    Whereas in DEV, PRD ( EP, EP core, BI Java) were taken as Usage types while installation only..
    Above reason may effect the Test user for access denied error.
    Please suggest.
    Thanks
    Venkat

    Ramana,
    It looks like a permissions issue, right click on the system created for BI under System Admin-System Configuration-System landscape and open the permissions and ensure you have the everyone group added there and enduser checked.
    Good Luck!
    Sandeep Tudumu

  • Server Names exposed while accessing SAP Portal

    We are using FireFox browser to access the SAP Portal application.We are running SAP EnterPrise Portal on NW 7.01. Our Production SAP portal is exposed to
    internet.
    After the users log into the system, using Firefox browser, the server name is seen in the status bar of the
    browser. This is a security threat, as the server names are exposed.
    This issue is not there if we access the sameusing Internet explorer.

    Abdul,
    See this:
    http://help.sap.com/saphelp_nw04s/helpdata/en/b6/8b9aea8d7c11d5bdd8006094191908/frameset.htm
    The suspect is "User Mapping Type". It is probably set to "admin", instead of "admin, user". That is why you do not see the system when logged in as one of the users.
    Also make sure users have permissions in PCD to the system.
    If does not help, check other suspect as SAP help suggests:
    The selected principal does not have end-user permissions for the system.
    The system's logon method does not require any user mapping data for the system (such as "SAPLogonTicket" for a system that is not the SAP reference system).
    The system's user mapping type is not set correctly or not set at all.
    There is no system alias defined for the system.
    There is no system landscape registered, for example, the one contained in Enterprise Portal.
    Regards,
    Slava

  • How to access Sap portal login user in ejb web service

    Hi,
    I wnt to access SAP Portal login user in my ejb application which resides on the same server.
    I am using following code
    try {
         IUser user =null;                         IWDClientUser wdUser = WDClientUser.getCurrentUser();
                                  user = wdUser.getSAPUser();
                             } catch (WDUMException e) {
                                  // TODO Auto-generated catch block
                                  e.printStackTrace();
    Some additional jar files are required for this?
    The same code works fine with webDynpro but not with ejb.
    Thanks in advance     
    Best regards,
    Nilesh

    Thanks for reply.
    I have already added com.sap.security.api in my EJB module project classpath. How to add the same in EJB application Project (application-j2ee-engine.xml)?
    Best regards,
    Nilesh

  • Integration: how to best access and run SAP through Portal

    We are currently using Oracle Portal for publishing reports directly from our EDW, for giving access to some applications and for delivering unstructured information.
    In the future we are very likely to give our suppliers and employees access to reports and interfaces for conducting transactions straight into SAP. This is most likely done via a web GUI.
    One way to do this of course is to implement the SAP Portals solution, the other is to keep using Oracle Portal and access SAP Portlets/iViews from there - the latter is to be preferred based on the cost of switching platforms, but we have also to take into account the cost of integration.
    So to my question: What would be the best way to integrate these to systems? Has it been done before? Is Web Services the way to go? ???????

    Ajax is a microsoft toolkit that the web site is using and is not compatible with Safari. They only support I.E. and windows.
    From the Safari menu bar click Safari / Preferences then select the Advanced tab. Enable the Develop menu. In the Develop menu select User Agent and then try Internet Explorer 9.

  • Access denied (Object: com.sap.portal.system/security/no_safety)

    We are implementing EP 6.0, currently with SP11. We have developed some iViews, which are using RFC functions to get information from backend system, in this case SRM.
    Everything worked fine, till the day we’ve transported those developments into other systems (production and testing systems). We are getting the following error Access denied (Object: com.sap.portal.system/security/no_safety). This error only comes out if the iView is called from inside another one, if called isolated it works fine.
    Does any one have any idea about how to solve this?

    Hi AA, you can find in the log file in order to identify what is the object that you need to add in the security zone.
    You can find information for the security zones on:
    http://help.sap.com/saphelp_nw04/helpdata/en/25/85de55a94c4b5fa7a2d74e8ed201b0/content.htm
    Regards.

  • Can I access Webi queries and Xcelsius dashboards from SAP portal?

    Hello,
    Can I access Webi queries and Xcelsius dashboards from SAP portal?  And how?
    Thanks

    Portal Part 1
    /people/ingo.hilgefort/blog/2010/03/29/sap-businessobjects-enterprise-sap-enterprise-portal--part-1-of-4
    Portal Part 2
    /people/ingo.hilgefort/blog/2010/03/30/sap-businessobjects-enterprise-sap-enterprise-portal-part-2-of-4
    Portal Part 3
    /people/ingo.hilgefort/blog/2010/04/08/sap-businessobjects-enterprise-sap-enterprise-portal--part-3-of-4
    Portal Part 4
    /people/ingo.hilgefort/blog/2010/04/21/sap-businessobjects-enterprise-and-sap-enterprise-portal--part-4-of-4
    Ingo

  • HR Renewal Self Services Integration Issue with SAP Portal

    Hi,
    We are  Implementing  HR Renewal 2.0 FP1 and the Self-Services Landing Page to be launched from within SAP Portal.
    I have imported the PFCG role ZSAP_EMPLOYEE_ESS_XX_UI5_1  into portal and assigned to the user. The End User read permission is provided.
    We see the landing page with all lanes coming up fine when launched from portal. But subsequently when we click on the SAPUI5 delivered applications in the MY INFO Lane like Employee Profile, Salary Statement, Leave Application etc, they open from inside the portal in a new window via the below Standard Launchpad Start URL application
    /irj/portal?NavigationTarget=ROLES%3A%2F%2Fportal_content%2Fcom.sap.pct%2Fevery_user%2Fcom.sap.pct.erp.common.bp_folder%2Fcom.sap.pct.erp.common.roles%2Fcom.sap.pct.erp.common.erp_common%2Fcom.sap.pct.erp.common.lpd_start_url&RequestMethod=GET&System=SAP_HCM_PROXY&URLTemplate=<System.wap.WAS.protocol>%3A%2F%2F<System.wap.WAS.hostname><System.wap.WAS.path>%2Fsap%2Fbc%2Fui5_ui5%2Fsap%2FHRESS_PAYSLIP_G%2Findex.html%3Fsap-client%3D<System.client>%26sap-language%3DEN&PrevNavTarget=navurl%3A%2F%2F9302a2e5cab6590e376f9e6a16fffb13&NavMode=3&CurrentWindowId=WID1411300030322
    and getting the below error.
    Page not found. Refresh the page or try again later. If the problem persists, contact your Portal administrator for assistance
    Is any other configurations missing to launch the my info individual service application via portal as NavigationTarget.
    Appreciate your response.
    PS: No business packages (WD ABAP based etc.,) are installed in the portal side.
    Thanks,
    Urmi

    Hi All,
    The issue got fixed after installing the portal business package, Common Parts ERP 1.61.
    Thanks,
    Urmi

Maybe you are looking for

  • Burning Blu-ray from FCS 7

    I want to try burning an HD project to blu-ray. I can see that it is possible to use the 'Share' function to author directly from FCP. My questions: 1. Is there a specific burner required that will operate with an iMac intel 11.1 or will any external

  • Need help in BADI...full marks wud be given.

    Hi guys, i am implementing a badi for a transaction MIRO...i got the BADI which is AC_DOCUMENT ..but this is working fine,but want a badi for iline items.. can anybody help me in finding the right badi for line items..

  • Insert Equation in Adobe Captivate

    Please tell me how to insert a equation in adobe captive, I usually do this by copy it it Equation in Word but when i paste it in adobe captive it is a picture. Tell me how to add animation in equation. Help me.

  • Update filesystem-2013.01-1 and glibc-2.17-2 together problem

    Hello, I didn't check the news today (mistake #1) and I updated Arch. And I had configured pacman to first update glibc and then everything else (mistake #2). So I got the following: :: The following packages should be upgraded first : glibc :: Do yo

  • Trouble with native audio player

    Hi! recently I´ve been trouble with native audioplayer on my Ipod Touch 4 (64GB). When i chose the audio player from main menu screen, it changes to a blank screen (it seems as it is reading or something) but application does no starts and backs to m