MYSAPSSO2 problem
Hi
I try to configure SSO feature to IIS system. I installed the required components and it looks ok. but when from the portal I access the web server through url iView, i get in the log the following error:
"Can't find MYSAPSSO2 ticket cookie"
Does anybody know what might be the problem ?
P.S: The portal server and IIS webserver are on the same domain
Hello,
It might be worth checking if the cookie is in fact reaching the IIS. You can display it with an ASP, or simply go to the IIS URL then enter"javascript:alert(document.cookie);" (without the quotes) as the location in your browser and see what you get.
Another possibility is that you need to use domain relaxation if one URL has more "parts" than the other (e.g., its.company.com <-> my.portal.company.com). If that is the case, look at the discussion on "domain relaxation" in Note 701205.
If that doesn't help, can you describe what you have done on the IIS?
Regards,
Sean
Similar Messages
-
Issuing Multiple MYSAPSSO2 tickets for Multiple Domains
Hi,
I am having a problem understanding the SAP documentation on how to go about issuing SAP login tickets in multiple domains. In the documentation it states that in order to do so, you require either a IRJ or the SAP ISAPI Web Filter installed in on a server in the target Domain. I have now setup the IIS_SSO.dll ISAPI filter in the domain I require the SSO ticket to be issued in however when I make a request to that webserver I do not see the MYSAPSSO2 cookie being created in my browser, I do see in the ISAPI logs that the request has been filtered and the portal username extracted and set to the configured HTTP Header, but no new Cookie created in the DOMAIN.
Can anyone help? Has anyone done something like this before?
Basically I have a portal in the domain <b>myportal.subdomain.domain.com</b> and an ITS in the domain <b>myits.domain.com</b>. With this configuration the MYSAPSSO2 cookie is not sent to the ITS server as it is in a Super Domain. So what I want is to configure the portal to issue a Cookie in the super domain (domain.com) rather then subdomain.domain.com. I thought I could do this with the parameter login.ticket_recieving_hosts in the usermanagment.properties file (EP5) and the IIS ISAPI filter to SSO (IIS_SSO.dll) configured on a website in the super domain (domain.com).
Any help would be greatly appriciated.
Simon.I believe we had to set the domain relax level (ume.logon.security.relax_domain.level) but needed to make sure this was secure since it changes the domain scope of cookies that are valid for the system.
See the following:
http://scn.sap.com/thread/1534863
http://help.sap.com/saphelp_nw70ehp3/helpdata/en/5e/473d4124b08739e10000000a1550b0/frameset.htm
Hope this helps. -
Issue while parsing the MYSAPSSO2 Cookie
Hi All,
We are trying to establish SSO with a non SAP web application using MYSAPSSO2 cookie.
Plan is to write a java class which can parse out the MYSAPSSO2 cookie, extract the user Id and use it for single sign on.
Following Libraries are used:
logging.jar
i18n_cp.jar
iaik_jce.jar
com.sap.security.api.jar
com.sap.security.core.jar
rscp4j.dll(this is downloaded from a SAP EP 7.0 instance running in windows 2003 server in our landscape).
Our Source SAP EP 7.0 instance which will be issuing the cookie is running in Solaris.
The target application in which the cookie is parsed, is running in Windos 2003 64 bit server.
Following is the code which we are using.
//Instantiate the rpovider
IAIK provider = new IAIK();
Security.addProvider(provider);
//Instantiate the ticket
tv = new com.sap.security.core.ticket.imp.Ticket();
//set teh certificates
tv.setCertificates(certificates);
//set the MYSAPSSO2 cookie
tv.setTicket(strCookie);
if (!tv.isValid()){
System.out.println("Ticket is not valid");
//Verify the ticket
tv.verify();
isValid method is working fine - it is returning true or false exactly based on the validity.
ISSUE:
tv.verify();--->Raises the following exception:
java.security.SignatureException-Certificate (Issuer="CN=SID,OU=XX,O=XYZ,L=LO,ST=ST,C=CO", S/N=1234567890) not found.
When analyzed, it looks like the verify method is trying to compare the issuer's serial number in integer format
but the portal is providing the serial number in hexadecimal format.
So the keystore has the certificate with the same issuer and serial number but the serial number is in hexadecimal format.
The certificate from SAP Enterprise Portal was imported to the local keystore using the keytool -import option.
Could anyone help resolve this issue?
Thanks in advance.Hi,
im facing the exact same problem, and I think I found the reason for the behavior described above.
The Problem seems to be located at
[http://help.sap.com/javadocs/NW73/SPS01/CE/se/com.sap.se/com/sap/security/api/ticket/TicketVerifier.html#verify()]
from com.sap.security.api.jar, just like mentioned.
But the Problem seems to be the issuer, not the serial number.
When decompiling com.sap.security.api.jar with JD-GUI ([http://java.decompiler.free.fr/?q=jdgui]),
you can see the following:
public static java.security.cert.X509Certificate[] findCertificates(
java.security.cert.X509Certificate[] certificates, String issuer, BigInteger serial) {
if ((certificates == null) || (certificates.length == 0)) {
return null;
ArrayList certificateList = new ArrayList();
for (int i = 0; i < certificates.length; i++) {
java.security.cert.X509Certificate certificate = certificates<i>;
if ((certificate.getIssuerDN().getName().equals(issuer)) && (certificate.getSerialNumber().equals(serial))) {
certificateList.add(certificate);
if (certificateList.size() == 0) {
return null;
java.security.cert.X509Certificate[] matchedCertificates = new java.security.cert.X509Certificate[certificateList
.size()];
certificateList.toArray(matchedCertificates);
return matchedCertificates;
As you can see, the issuer-parameter is beeing compared with the issuer from the certificate. And here comes the weird stuff: While the issuer-parameter contains an issuer like
"OU=J2EE,CN=EXAMPLE"
the issuer retrieved from the certificate is
"OU=J2EE, CN=EXAMPLE"
(see toString() of the java.security.cert.X509Certificate)
You see the missing whitespace after the comma? This is the reason why the if-condition fails and you get something like
java.security.SignatureException: Certificate (Issuer="OU=J2EE,CN=EXAMPLE", S/N=1234) not found.
A workaround (a really UGLY one, I admit), is the following:
1. Open com.sap.security.api.jar with a ZIP-tool and delete
/com/sap/security/api/ticket/TicketVerifier.class
2. Copy the decompilied Version of TicketVerifier to Java-Class /com/sap/security/api/ticket/TicketVerifier.java
3. Change
for (int i = 0; i < certificates.length; i++) {
java.security.cert.X509Certificate certificate = certificates<i>;
if ((certificate.getIssuerDN().getName().equals(issuer)) && (certificate.getSerialNumber().equals(serial))) {
certificateList.add(certificate);
to
for (int i = 0; i < certificates.length; i++) {
X509Certificate certificate = certificates<i>;
String dnNameFromCert = certificate.getIssuerDN().getName().replaceAll(", ", ",");
BigInteger serialNumberFromCert = certificate.getSerialNumber();
if ((dnNameFromCert.equals(issuer)) && (serialNumberFromCert.equals(serial))) {
certificateList.add(certificate);
4. Package this class into a jar and make it available in your classpath.
5. Enjoy
To me, this is a huge bug in the SAP-Library and has to be fixed.
Regards
Matthias
Edited by: Matthias82 on Sep 29, 2011 12:47 PM -
How to connect to R/3 via JCo using MYSAPSSO2?
Hello!
I'm developing a J2EE application who resides in an EP with Single Sign On. I have to retrieve some data from R/3, the way I want to connect is via JCo using MYSAPSSO.
I have read that is possible to connect passing MYSAPSSO2 as <i>user</i> and its value as <i>password</i>. The java code in the jsp is something like this:
javax.servlet.http.Cookie [] my_cookies = request.getCookies();
java.util.Hashtable cks = new Hashtable();
for(int i=0;i<my_cookies.length;i++){
cks.put(my_cookies<i>.getName(),java.net.URLDecoder.decode(my_cookies<i>.getValue()));
String user = "$MYSAPSSO2$";
String pass = (String)cks.get("MYSAPSSO2");
JCO.Client conex;
JCO.Repository rep;
boolean ok=true;
conex = JCO.createClient("000",user,pass,"es","192.168.0.1","00","","");
try{
conex.connect();
rep = new JCO.Repository("mirep",conex);
} catch (Exception e){
out.write("<br>"e"<br>");
ok = false;
if (ok)
conex.disconnect();
We are working with EP6 SP2, WAS 6.20.
The error is:
com.sap.mw.jco.JCO$Exception: (103) RFC_ERROR_LOGON_FAILURE: Se ha recibido un ticket SSP que no se puede interpretar
(I translate you:)
RFC_ERROR_LOGON_FAILURE: unable to interpret a retrieved SSP ticket
Thank you all!!Ok!
I have solve the problem. So, I was trying to connect via SSO within an user that was not registered in R/3 and I forgot it.
Sorry for the inconvenience. -
Hy Guys,
I have a problem with the connection with the NWBC. When I'm logging on appear the follow message:
"Could not load content from connection BLB-Brazil V1603 (error: Invalid server response")" and the follow message: "Could not load navigation tree". I watched the NWBCClient log and this is the error:
16.11.2008 21:12:06
INFO <NWBC::Texts> | Current default language is: 'EN'
INFO <NWBC::Texts> | Requested language: 'EN'
DEBUG <NWBC::CDalClientApp> | OnLogonFinished()
DEBUG <NWBC::CBCLogonDialog> | traceCookies: cookie detected (name sap-usercontext, domain 200.143.15.77, path /)
DEBUG <NWBC::CBCLogonDialog> | traceCookies: cookie detected (name MYSAPSSO2, domain agilesolutions.com, path /)
DEBUG <NWBC::CBCLogonDialog> | traceCookies: cookie detected (name sap-contextid, domain 200.143.15.77, path )
DEBUG <NWBC::CBCLogonDialog> | removeCookies: removing host cookie (URL HTTP://200.143.15.77:8000/, name sap-usercontext)
DEBUG <NWBC::CBCLogonDialog> | removeCookies: removing host cookie (URL HTTP://200.143.15.77:8000, name sap-contextid)
DEBUG <NWBC::CConnectionManager> | loadConnection(connectionName BLB-Brasil V1603)
16.11.2008 21:12:07
DEBUG <NWBC::CBackendConnection> | initialize()
DEBUG <NWBC::CBackendConnection> | startup()
DEBUG <NWBC::CBackendConnection> | CR3BackendConnection::initialize()
DEBUG <NWBC::CBackendConnection> | CR3BackendConnection::startup()
DEBUG <NWBC::CBackendConnection> | CR3BackendConnection::openConnection()
INFO <NWBC::Texts> | Current default language is: 'EN'
INFO <NWBC::Texts> | Requested language: 'EN'
DEBUG <NWBC::CBackendConnection> | CConnectionTool::getConnectionData()
DEBUG <NWBC::CBackendConnection> | CConnectionTool::getConnectionData: PROTOCOL = HTTP
DEBUG <NWBC::CBackendConnection> | CConnectionTool::getConnectionData: HOST = 200.143.15.77
DEBUG <NWBC::CBackendConnection> | CConnectionTool::getConnectionData: PORT = 8000
DEBUG <NWBC::CBackendConnection> | CConnectionTool::getConnectionData: PATH = /sap/bc/dal/demoA
DEBUG <NWBC::CBackendConnection> | CConnectionTool::getConnectionData: CLIENT = 100
DEBUG <NWBC::CBackendConnection> | CConnectionTool::getConnectionData: LANGUAGE = EN
DEBUG <NWBC::CBackendConnection> | CConnectionTool::getConnectionData: USER = TEST
DEBUG <NWBC::CBackendConnection> | CConnectionTool::getConnectionData: PASSWORD = xxx
<NWBC::CBackendConnection> | CR3BackendConnection::openConnection: sending HTTP request (connection HTTP://200.143.15.77:8000/sap/bc/dal/demoA)
00000000: 73 61 70 2D 63 6C 69 65 6E 74 3D 31 30 30 26 73 sap-client=100&s
00000010: 61 70 2D 6C 61 6E 67 75 61 67 65 3D 45 4E 26 78 ap-language=EN&x
00000020: 63 6D 64 3D 7E 65 63 68 6F cmd=~echo
16.11.2008 21:12:08
DEBUG <NWBC::CBackendConnection> | CConnectionTool::sendReceiveLoop: WinHttpReceiveResponse() failed (url HTTP://200.143.15.77:8000/sap/bc/dal/demoA, error 12044 (0x2F0C): )
DEBUG <NWBC::CBackendConnection> | CConnectionTool::sendReceiveLoop: server requested certificate (url HTTP://200.143.15.77:8000/sap/bc/dal/demoA)
DEBUG <NWBC::CBackendConnection> | CConnectionTool::sendReceiveLoop: not a secure connection: try once more with explicitely no certificate (url HTTP://200.143.15.77:8000/sap/bc/dal/demoA)
<NWBC::CBackendConnection> | CR3BackendConnection::openConnection: received HTTP response (connection HTTP://200.143.15.77:8000/sap/bc/dal/demoA)
INFO <NWBC::CBackendConnection> | CR3BackendConnection::openConnection: server returned 200 (OK) WITHOUT the expected signature (connection HTTP://200.143.15.77:8000/sap/bc/dal/demoA)
DEBUG <NWBC::CBackendConnection> | CR3BackendConnection::closeConnection()
ERROR <NWBC::CBackendConnection> | failed to startup connection BLB-Brasil V1603!
WARNING <NWBC::CConnectionManager> | failed to startup backend connection BLB-Brasil V1603! (error code 1)
ERROR <NWBC::CConnectionManager> | Failed to load content from connection BLB-Brasil V1603! (error Invalid server response, error code 1)
DEBUG <NWBC::CFoundation> | EvLoadingConnectionFailed(which BLB-Brasil V1603, error Could not load content from connection BLB-Brasil V1603 (error: Invalid server response))
DEBUG <NWBC::CDalClientApp> | EvLoadingConnectionFailed(which BLB-Brasil V1603, error Could not load content from connection BLB-Brasil V1603 (error: Invalid server response)) DEBUG <NWBC::CDalClientApp> | OnShowMessages()
16.11.2008 21:12:09
DEBUG <NWBC::CDalClientApp> | DisplayWindow(CBCPopupDialog, nCmdShow=SW_HIDE)
16.11.2008 21:12:10
DEBUG <NWBC::CFoundation> | EvLoadingConnectionsFinished(error )
DEBUG <NWBC::CDalClientApp> | EvLoadingConnectionsFinished(ok)
DEBUG <NWBC::CDalClientApp> | OnLoadingConnectionsFinished()
16.11.2008 21:12:11
DEBUG <NWBC::CDalClientApp> | DisplayWindow(CBCMenuDialog, nCmdShow=SW_HIDE)
Can you help me?
ThankI have the following configuration:
1. SAP GUI 7.1 Patchet 10
2. NWBC Version: 10000.1.9.777
3. Configuration of the note 900000, 1163891
4. SAP ERP 6.0 ENH 3
For extra information..
Thank -
Cherokee problem with php after upgrade
Hello!
Some weeks ago I upgraded cherokee to version 1.0.2.....!
Now php files in user directories http://localhost/~user/foo.php are processed correctly, but php files in the main server directory /srv/http give the
following error message: No input file specified.
I have no idea, is anyone able to give advice?
Thanks JohannesHi,
"Caused by: SOAP Fault Error (n.a) : The User Authentification is not correct to access to the Portal Service com.sap.portal.prt.soap.Bridge or the service was not found.
" Usually means one of two things.
1. You do not have SSO set up correctly between the portals.
2. The user (LogonID) you are using does not exist on both portals.
3. You have not used a fully qualified domain name to access the servers
Easiest way to check would be to logon to your consumer portal with a fresh browser. Then replace the URL with the producer's URL (Be sure to use the domain name that will enable the mySAPSSO2 cookie to be transfered by the browser to the producer. If you got a logon screen then you have probably one of the three problems mentioned above.
Be sure to check SAP note#1083421 which describes a new tool (As of SP14!) to be used to setup SSO/trust between servers. Perhaps you need to set up the SSO again with this tool.
Hope this helps,
Oren -
Terminate Portal User Login with JSessionID or MYSAPSSO2 Cookie
Dear All,
I know using Visual Administrator , we can terminate the session.
Is it possible for the administrator to terminate a logged in portal user with his/her JsessionID or MYSAPSSO2 cookie value or User Id programmatically.?
Is it possible for portal admin to forcibly exit (logoutl) an active user login without logging onto visual administrator?
Regards,
Eben JoysonThe only complete mitigation for session hijacking is to run the entire site as SSL. This is Oracle's recommendation if you need a complete mitigation solution. And example of an ATG site running in full SSL is Dennis Kirk (denniskirk.com).
The problem with doing so is that SSL (a) takes more processing power in the system running the client's browser and (2) incurs latency that degrades the perceived page performance. This is particularly true for consumers running Internet Explorer, where speed-up measures like SPDY are either incomplete or don't work. And for a hard core eComemrce site, slower page performance means that you make less money.
Most sites, including those that you mention, use a mixture of SSL and non-SSL pages to overcome this. They use non-SSL for those areas of the site where penetration does not have a material negative impact. Browsing catalog pages as an anonymous user, for example. If someone hijacks my session and I'm browsing the catalog anonymously, they're welcome to it. There's nothing private in my session. Even robots can access that content.
Once I login or go to pages where private information is being exchanged, then you have to secure the session. That's where the protocol switcher servlet comes in. As you authenticate, you switch the user to SSL.
I've tried a number of additional mitigation steps. Unfortunately I can't discuss them here at this time.
And none of the servlets that you mention have any benefit with mitigating session hijacking. -
Calling an Abap Web Service from IBM WebSphere with a MYSAPSSO2 Cookie
Hello,
I have the following problem :
I have to develop a proof of concept between IBM Web Sphere 5.1 and SAP AS JAVA 7.0.
I have created an IBM sevlet in Web Sphere, I use a specific redirect from an SAP AS Java to call it, this way I can have a SAP Logon Ticket, and I manage to call an ABAP module function with JCO with SSO.
Scenario 1 : browser + authentication --> AS Java redirect servlet MYSAPSSO2 cookie -> IBM WebSphere servlet JCO -> Abap module function (ECC5)
This scenario works fine.
I have to do the same scenario with a Web Service and I don't know what to do.
I try to use jax-rpc handlers but I don't know how to pass my cookie from my servlet to my handler.
Scenario 2 : browser + authentication --> AS Java redirect servlet MYSAPSSO2 cookie -> IBM WebSphere servlet JCO -> Abap Web Service (ECC5)
Has someone already done that ?
Regards, Julien.Julien,
Why are you using 5.1....go for 6.0 and its cake walk, i have integrated WebSphere 6.0 with R/3 uysing xi.....in a week.
Scenario changed to:--
Browser+ authentication --> WebSphere AS servlet request --> XI --> RFC/bapi --> abap webService
Hope that helps
Regards
Ravi -
XI Post-Installation problem (403 Forbidden)
Hi,
currently i'm executing the post-installation of XI.
At topic "Creating RFC Destinations in the ABAP Environment" especially creating the RFC-Destination "INTEGRATION_DIRECTORY_HMI" (SM59) I have a problem. After saving all necessary entries in various tabs, i get after executing "Test connection" the HTTP-Code 403 (forbidden).
Following is the exact error i am getting:
HEADER NAME HEADER VALUE
~response_line HTTP/1.1 403 Forbidden
~server_protocol HTTP/1.1
~status_code 403
~status_reason Forbidden
connection close
set-cookie MYSAPSSO2=AjExMDAgAA9wb3J0YWw6WElJU1VTRVKIABNiYXNpY2F1dGhlbnRpY2F0aW9uAQAIWElJU1VTRVICAAMwM
set-cookie JSESSIONID=(ximac_XID_00)ID9751150DB19780753031607883521End; Version=1; Path=/
set-cookie saplb_*=(ximac_XID_00)9751150; Version=1; Path=/
pragma no-cache
cache-control no-cache
expires 0
content-type text/html
content-length 1506
server SAP J2EE Engine/6.40
date Mon, 23 Sep 2002 08:37:06 GMT
HTTP BODY
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<title>Error Report</title>
<style>
td {font-family : Arial,
Tahoma, Helvetica, sans-serif; font-size : 14px;}
A:link
A:visited
A:active
</style
>
</head>
<body marginwidth="0" marginheight="0" leftmargin="0" topmar
gin="0" rightmargin="0">
<table width="100%" cellspacing="0" cellpaddin
g="0" border="0" align="left" height="75">
<tr bgcolor="#FFFFFF">
<td align="left" colspan="2" height="48"><font face="Arial, Verdana, Hel
vetica" size="4" color="#666666"><b> 403   Forbidden</b><
/font></td>
</tr>
<tr bgcolor="#3F73A3">
<td height="23" width="8
4"><img width=1 height=1 border=0 alt=""></td>
<td height="23"><img
width=1 height=1 border=0 alt=""></td>
<td align="right" height="2
3"><font face="Arial, Verdana, Helvetica" size="2" color="#FFFFFF"><b>SA
P J2EE Engine/6.40 </b></font></td>
</tr>
<tr bgcolor="#9DCDFD">
<td height="4" colspan="3"><img width=1 height=1 border=0 alt=""></
td>
</tr>
</table>
<br><br><br><br><br><br>
<p><font face="Arial, Ve
rdana, Helvetica" size="3" color="#000000"><b> You are not au
thorized to view the requested resource.</b></font></p>
<p><font face="
Arial, Verdana, Helvetica" size="2" color="#000000"><table><tr><td valig
n="top"><b> Details:</b></td><td valign="top"><PRE>No details avail
able</PRE></font></td></tr></table></font></p>
</body>
</html>
Time (ms) 17,007
I do not find the way to solve it....
With regards
SunilHi,
Now i am getting another problem.
While testing SLDCHECK i am getting exception while calling function LCR_LIST_BUSINESS_SYSTEMS.
Please find the detail below.
Testing the RFC connection to the SLD java client...
RFC ping was successful
SLD server access settings:
host name: XIMAC
port number: 50000
user : XIAPPLUSER
Use transaction SLDAPICUST if you wish to maintain the SLD server access data
Launching the SLD GUI in a separate browser window...
=> Verify in the browser GUI that the SLD is in a healthy running state!
Calling function LCR_LIST_BUSINESS_SYSTEMS
Retrieving data from the SLD server...
Function call returned exception code 3
=> Check whether the SLD is running!
Summary: Connection to SLD does not work
=> Check SLD function and configurations
Now checking access to the XI Profile
any guess to solve this problem.
with regards
Sunil -
MYSAPSSO2 issue ...
Hello all,
Maybe you've a good idea ...
We're using an ITS 6.20 with PAS module for SSO; in parallel we have an ABAP webdynpro application which uses SSO via a JAVA Engine ( SPNego with Ticket );
when calling the ITS application, we get an MYSAPSSO2 cokkie and SSO is working; afterwards, calling the webdypro via SPNego authentication without ending the ITS session ==> authentication fails; non interpretable SSO cookie;
without calling the ITS application, SSO for the webdypro is working fine;
So I think it's on the MYSAPSSO2 cookie; somehow, they interfere each other;
The ITS application is recreating it's ticket evertime; so no problem with this application; what could be done on JAVA side to get rid of this roblem cause those two applications should run in parallel ?!?
Thanks in advance
OliverHi Madhu,
After activaiting requried services in SICF. then you need to below to access mentioned URL
Please check the host file is update or not for your server. if not then you need to update your server IP address and host name in host file entry at (Start > RUN > drivers > etc > host file) and test whether you are able to ping your server or not (RUN >> Ping <host name>)
Please refer to BI Integrated Planning - J2EE Setup Issue
Hope it helps
Regards
Arun
Edited by: Arun Jaiswal on May 11, 2010 10:20 PM -
Problem in implementing ODATA update using SAP UI5
Hi,
I am trying to develop an hwc mobile app [hwc] using sapui5 and phonegap. I am trying to perform odata crud operations in the app.
In the netweaver side, currently we have disabled the setting for X-CSRF token so that CUD operations are possible even without CSRF token. I am using datajs library for consumption of the odata services in my app. My read operation is successful and i am able to display the data in my app. But I am facing problems in the update operation.
In order to ensure that serverside is perfect, I used the WFetch tool to perform the update operation and verified that data got updated successfully in SAP backend { i got 204 response from server ]. In the wfetch tool, the headers and body section was like this
x-requested-with: XMLHttpRequest\r\n
\r\n
<?xml version="1.0" encoding="utf-8" standalone="yes"?>\r\n
<entry xmlns:d="http://schemas.microsoft.com/ado/2007/08/dataservices" xmlns:m="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata" xmlns="http://www.w3.org/2005/Atom">\r\n
<content type="application/xml">\r\n
<m:properties>\r\n
<d:value>0203_IN120</d:value> \r\n
<d:scheme_id>Z_BANK_RFC_GANESH</d:scheme_id> \r\n
<d:scheme_agency_id>LOCAL</d:scheme_agency_id> \r\n
<d:post_bank /> \r\n
<d:bank_branch>BANASWADI</d:bank_branch> \r\n
<d:street>123 MARUTHI SEVA NAGAR.</d:street> \r\n
<d:city>BANGALORE</d:city> \r\n
<d:swift_code/>\r\n
<d:region>KA</d:region> \r\n
<d:bank_name>HSBC</d:bank_name> \r\n
<d:pobk_curac /> \r\n
<d:bank_group /> \r\n
<d:addr_no /> \r\n
</m:properties>\r\n
</content>\r\n
</entry>\r\n
The response i got was like this
WWWConnect::Connect("XXXXX.XXXX.com","8000")\nIP = "10.6.13.146:8000"\nsource port: 50054\r\n
REQUEST: **************\nPUT /sap/opu/sdata/sap/ZBANKRFCGANESH/z_bank_rfc_ganeshCollection(value='0203_IN120',scheme_id='Z_BANK_RFC_GANESH',scheme_agency_id='LOCAL')/?$format=xml HTTP/1.1\r\n
x-requested-with: XMLHttpRequest\r\n
Host: i3lbwvids.itcinfotech.com\r\n
Accept: */*\r\n
Content-Length:884\r\n
Authorization: Basic Z2FuZXNoOmxvZ2luQDEyMzQ=\r\n
\r\n
<?xml version="1.0" encoding="utf-8" standalone="yes"?>\r\n
<entry xmlns:d="http://schemas.microsoft.com/ado/2007/08/dataservices" xmlns:m="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata" xmlns="http://www.w3.org/2005/Atom">\r\n
<content type="application/xml">\r\n
<m:properties>\r\n
<d:value>0203_IN120</d:value> \r\n
<d:scheme_id>Z_BANK_RFC_GANESH</d:scheme_id> \r\n
<d:scheme_agency_id>LOCAL</d:scheme_agency_id> \r\n
<d:post_bank /> \r\n
<d:bank_branch>BANASWADI</d:bank_branch> \r\n
<d:street>123 MARUTHI SEVA NAGAR.</d:street> \r\n
<d:city>BANGALORE</d:city> \r\n
<d:swift_code/>\r\n
<d:region>KA</d:region> \r\n
<d:bank_name>HSBC</d:bank_name> \r\n
<d:pobk_curac /> \r\n
<d:bank_group /> \r\n
<d:addr_no /> \r\n
</m:properties>\r\n
</content>\r\n
</entry>\r\n
RESPONSE: **************\nHTTP/1.1 204 No Content\r\n
set-cookie: MYSAPSSO2=AjQxMDMBABhHAEEATgBFAFMASAAgACAAIAAgACAAIAACAAY4ADAAMAADABBJAEQAUwAgACAAIAAgACAABAAYMgAwADEANAAwADEAMgA5ADAANwAyADUABQAEAAAACAYAAlgACQACRQD%2fAPowgfcGCSqGSIb3DQEHAqCB6TCB5gIBATELMAkGBSsOAwIaBQAwCwYJKoZIhvcNAQcBMYHGMIHDAgEBMBkwDjEMMAoGA1UEAxMDSURTAgcgEQQGCClRMAkGBSsOAwIaBQCgXTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0xNDAxMjkwNzI1MzlaMCMGCSqGSIb3DQEJBDEWBBRF%2fqnZ6znAGOYDuA1QJxZ7kOYTfDAJBgcqhkjOOAQDBC4wLAIUNk9rqGV16RPsLrLsHfHtNPc%21Q44CFBRiJ4BhRrmxUVH77EYIGSSd8WPb; path=/; domain=.itcinfotech.com\r\n
content-length: 0\r\n
dataserviceversion: 2.0\r\n
x-sap-odata-extension-version: 0.9;gp=0.8\r\n
server: SAP NetWeaver Application Server / ABAP 702\r\n
\r\n
Now i tried to do that using sapui5 code.
OData.request(
requestUri: "http://XXXXX.XXXXX.com:8000/sap/opu/sdata/sap/ZBANKRFCGANESH/z_bank_rfc_ganeshCollection(value='0203_IN120',scheme_id='Z_BANK_RFC_GANESH',scheme_agency_id='LOCAL')/?$format=xml",
method: "PUT",
headers: { "X-Requested-With": "XMLHttpRequest", "sap-user" : "ganesh", "sap-password" : "login@1234", "Content-Type": "application/atom+xml" },
data: {
"value" : "0203_IN120",
"scheme_id" : "Z_BANK_RFC_GANESH",
"scheme_agency_id" : "LOCAL",
"post_bank" : "",
"bank_branch" : "Park Street",
"street" : "Russel Street",
"city" : "KOLKATA",
"swift_code" : "",
"region" : "WB",
"bank_name" : "HSBC",
"pobk_curac" : "",
"bank_group" : "",
"addr_no" : ""
function (data, response){
// var header_xcsrf_token = response.headers['x-csrf-token'];
// alert(header_xcsrf_token);
// alert("hello");
//alert(data);
alert(JSON.stringify(response, null, 4));
function (err) {
alert(err.message);
I found the I am always getting a 200 OK in the respose and not 204 [ when i displayed the response using the alert message]. As expected data is also not getting updated.
Kindly guide me where i am going wrong in the code. Please help me out.
thanks and regards,
krishna.Hi Krishna
I will try and help.
The first thing i notice is you are using OData.request, this is not part of SAPUI5, OData is a global introduced by the datajs thirdparty plugin, I would recommend not using it directly, instead use the ODataModel API start by reading the Class sap.ui.model.odata.ODataModel and ODataModel. There are a lot of good of reasons for using the ODataModel, like databinding, event handling, it doesn't smell like a leak, besides the SAPUI5 ODataModel is a lot easier to use.
try something like this
var url = 'http://XXXXX.XXXXX.com:8000/sap/opu/sdata/sap/ZBANKRFCGANESH';
var bJSON = true; //use JSON
var sUser = 'ganesh';
var sPassword = 'login@1234';
// create a model for OData service call
var oModel = new sap.ui.model.odata.ODataModel(url, true, sUser, sPassword);
sap.ui.getCore().setModel(oModel);
var path = '/z_bank_rfc_ganeshCollection(value='0203_IN120',scheme_id='Z_BANK_RFC_GANESH',scheme_agency_id='LOCAL')';
// create the data
var data = {
"value": "0203_IN120",
"scheme_id": "Z_BANK_RFC_GANESH",
"scheme_agency_id": "LOCAL",
"post_bank": "",
"bank_branch": "Park Street",
"street": "Russel Street",
"city": "KOLKATA",
"swift_code": "",
"region": "WB",
"bank_name": "HSBC",
"pobk_curac": "",
"bank_group": "",
"addr_no": ""
// get a CSRF token if needed
oModel.refreshSecurityToken();
// add own callback code
var oParams, fnSuccess, fnError, bUseMERGE;
//PUT data back to server
oModel.update(path, data, oParams, fnSuccess, fnError, bUseMERGE);
Let us know how you get on
hth
jsp
Message was edited by: John Patterson
I really dislike the SCN editor, especially the way it re formats code so it cannot be read while writing -
Ignore MYSAPSSO2 Logon Ticket from Portal in BSP
Hi all,
We have a WAS which is configured to access MYSAPSSO2 logon tickets from our EP 6.0 Portal. However, we have BSP's connected to the portal, and others to be used independently from the portal. The problem is that if we launch the portal as a new window of the BSP application, a MYSAPSSO2 logon ticket is created, so the BSP application, we refreshed, now changes the logged on user to the one on the logon ticket!
So the bottom line is: Is it possible to prevent accepting logon tickets for a specific BSP?
Thanks for your time and help.
Regards,
Nuno VitorinoHello Jain,
Thanks for your answer. Actually, it solved the problem the other way around. In the local hosts file, we set a different domain for the WAS (In productive, we'll add the new address in the DNS). Then launching the BSP with this new domain, we were able to launch the portal and the MYSAPSSO2 logon ticket generated is not accepted by the BSP. We couldn't change the portal server address, because that way, the SSO within the portal wouldn't work.
Anyway, you've set me in the right direction so I'm giving you 10 points.
Thanks and kind regards,
Nuno Vitorino -
JCO passing "$MYSAPSSO2$ " rather than actual user
Hi,
I have some bespoke code migrated from EP5 to EP6.
EP6 is using MS ADS and user mapping.
When I log on to EP6 using ADM I get a JCO error. JCO is passing the UID "$MYSAPSSO2$" rather than the mapped user. Another bespoke app works fine for my ADS backed user so I'm confused how one app is SSOing OK while the other does not.
Any idea where the problem may lie?
TIA,
JI was mistaken. The code was getting the user from the request and using it. Needed to update the code to get the mapped user...doh.
-
Getting the MYSAPSSO2 cookie in the application running in tomcat server
Hi All
I am trying to integrate the java application running in tomcat in to portal ...for this i have developed a servlet and trying to get the MYSAPSSO2 cookie in this so that i can vlaidate this ticket...
can any one plz help in solving this issue
Thanks & Regards
AjayHi Ajay,
Did you solve this problem? how? I need to do this too.
thanks,
Daniel Arakawa -
Not able to log in Portal(irj or nwa). MYSAPSSO2???
Hello,
When i try to log in portal(irj or nwa), the application always redirect-me to log in screen again. So, i try to log in with another user, the message "The user was has authenticated with another user.".
I verified and the MYSAPSSO2 cookie was not created. I think because of this i not able to login in Portal.
When i run a service through SICF, it open correctly in Internet Explorer and the MYSAPSSO2 cookie is created. If i try to open the Portal in another TAB, it open correctly.
Why the MYSAPSSO2 cookie is not created when i log in from portal.
Recently we changed the SSO Ticket Log in configuration. But we returned to default configuration and we are not able to log in Portal.
How to fix it?
Thanks.
João MarianoThe problem was in the Template security.
Thanks
Maybe you are looking for
-
Photoshop CS6 iPhone video editing
Photoshop CS6 has video editing but can not render any video from iPhone 5
-
Migration Jdev 11.1.1.1 to Jdev 1.1.2, IDE visual problems with ADF design CONTEXT I've been working my project with Jdev11.1.1.1, when I migrate to JDev 11.1.1.2. I realized that my project didn't compile successfully as before besides I couldn't se
-
Hi, when my user wants to pay a vendor opent item, the realized exchange rate difference can not be assigned to a CO object if the paying invoice is originally assigned to a directly capitalized asset. indeed,
-
Cache Connect TimesTen v7.0.5 and Oracle DB 11.1g error
I tested Cache Connect on HP-UX v11.31. I have error when running the command "call ttCacheUidPwdSet" with error "Cannot load backend library 'libclntsh.so' for Cache Connect." as below: $ sh bin/ttIsql demo Copyright (c) 1996-2008, Oracle. All right
-
I need to over ride the Tax code in the PO while saving, if i have to use the BADI EXTENSION_US_TAXES and the method ME_TAXCOM_MEPO which User Exit should i use. For example when the purchase order account assignment category is u201CYu201D and the c