Problems with SAP Logon ticket

Similar Messages

• SSO with SAP logon tickets to non-SAP web app

  I am trying to implement SSO to an oracle portal based web application using SAP logon tickets, but can't seem to find a way for it to work.  I thought maybe it would be a web server filter, but am unsure if this would work for oracle portal.  Anyone tried similar?
  Cindy

  Hi Cindy,
  If it is EP6 SP2 probably you can checkout the following document.
  http://service.sap.com/ep60
  Go to Documentation Help>How-To-Guides>Current How To Guides section.
  checkout the following how to guide.
  Perform Cross Domain SSO with SAP Logon tickets zip file.
  If you want the zip file please send an e-mail to
  [email protected]
  Regards
  -Venkat Malempati

• Problem with SAP logon 720 for printng with Citrix.

  Hi,
  I have a problem with sap logon 720 when printing for Citrix, one time print and other time don't print....
  I try to start SAPLPD for prompt comand... it's start but don't print....
  i'm write here for look if other people have this problem... I dont know what I can do.....
  Thank you very much....

  Hi Itmar,
  I was having the similar issue on my Windows Server 2003 Terminal Server. At times SAP prints stop working. Then i changed Printer Type to "G" and it had solved the problem. It skips the use of SAPLPD service and calling windows printing service directly.
  Just try with that.
  Regards,
  Gaurav

• SSO using Kerberos with SAP Logon Tickets

  Hi,
  I am creating a Repository Manager for the Portal Knowledge Management System and I want to use SSO to a backend IIS application and I have a few questions here. 
  I have a three tiered architecture. 
  A.  The presentation tier (SAP Portal which has my Repository Manager implementation)
  B.  ASP.NET web service data layer.
  C.  Backend document management system which runs on IIS. 
  I have installed the ISAPI filter on my ASP.NET application server and have enabled this HOST account for delegation in MSAD 2003.   Server B will use Kerberos constrained delegation to access Server C, which is an IIS backend server. 
  My question is how do I pass an SAP Logon Ticket to an ASP.NET web service request from my Repository Manager implementation?  Basically how do I just make an HTTP request to an ASP.NET application from some portal iView or WebDynPro code and pass along the SAP Logon Ticket in the request so it can be interpreted by the ISAPI filter on the IIS server.  Does anyone have any sample code or an application here that does this?
  Thanks,
  Scott

  Hi Scott
  Did you managed to find out anything regarding how to pass SAP Logon ticket to ASP.NET Webservice. Can you share it with me?
  regards
  ram

• Use of JCo destinations with SAP Logon Ticket

  I would have got a precision about the use of a connection pool in a JCo destination using the SAP Logon Ticket connectivity: do i have got the same functionality around the pool connection if i use the SAP logon ticket instead of a user/password inside a JCo destination defined in the web dynpro content administrator ?
  Thank in advance,
  Regards,
  Eric.

  Hello Eric,
  There is only one difference in ticket and user/password authentification method:
  By using a ticket
  <i>For SSO specify the user to be $MYSAPSSO2$ and pass the base64 encoded ticket as as the passwd parameter.
  </i>
  and for user/password you are passing user and password.
  So, there us no difference from connection pool management or behavior perspective.
  Best regards, Maksim Rashchynski.
  P.S.
  Link to JCo javadoc, it can be useful:
  http://media.sdn.sap.com/html/submitted_docs/60_sp2_javadocs/sapjco/com/sap/mw/jco/JCO.html

• Problem with SAP Logon

  Hi alls,
  I hope can some help me, I'm trying to connect to SAP via SAPLogon.
  I've tried to fix the problem but I don’t have success.
  SAP Logon Properties:
  Description:  NSP
  Application Server: localhost
  SAProuter-String: blank
  System-ID:        NSP
  System Number:     00
  Here is the error message.
  Runtime Errors         DBIF_RSQL_INVALID_REQUEST       
  Date and Time          2007-01-22 19:14:39                                                                               
  Short text                                            
       Invalid request.                                                                               
  What happened?                                        
       The current ABAP/4 program terminated due to      
       an internal error in the database interface.      
  Trigger Location of Runtime Error                       
      Program         SAPMSYST    
      Include         SAPMSYST    
      Row             2,556       
      Module type     (FORM)      
      Module Name     FILL_INFO_TAB
  SAP-GUI installation:
  Release:      640 Final Release
  Dateiversion: 640.5.18.1016
  Build:        815416
  Patch-Level:  18
  Can you help me ?
  Thanks a lot in advance ..¡
  Ralph Hübner

  Hi,
    Try to check you DB server installation. It seems to be some issue with your Database server.
  With Regards,
  Rajesh V.

• Problem with SAP logon by VBA

  Hi, I'm new in the community and I'm also new with SAP, so sorry for any errors.
  For my work I need to open SAP by excel (VBA); and I have found the code below but it don't work.
  Sub Work()
  Set app = CreateObject("Sapgui.ScriptingCtrl.1")
  Set Connection = app.openconnection("my system", True)
  Set session = Connection.Children(0)
  session.findById("wnd[0]/usr/txtRSYST-MANDT").Text = "Client"
  session.findById("wnd[0]/usr/txtRSYST-BNAME").Text = "User"
  session.findById("wnd[0]/usr/pwdRSYST-BCODE").Text = "Password"
  session.findById("wnd[0]/usr/txtRSYST-LANGU").Text = "Language"
  Session.findById("wnd[0]").sendVKey 0
  End Sub
  When the macro runs there is this error  
  Can you help me?
  Thank you,
  ax_salerno

  Hi Alessandro - I am sharing an Excel sub that works for me by opening up logon pad, signing on to production, gettting credentials, then going into SAP and doing a transaction, and finally asking the user to click ok to terminate the session. I think this is something that there were questions on how to do the session close nicely but not sure if there is a solution yet.
  Hope this helps.
  Regards
  Umur
  Sub Logon()
  'starts by executing logon pad, selecting prod, then enters
  id/pwd
  'works to sign on to sap and then kill the connection.
  refers to saplogon.exe in Program Files/SAP71/FrontEnd/SAPGui folder
  Dim SAPguiAPP As Object
  Dim oConnection As Object
  Dim Session As Object
  Dim SAPCon As Object, SAPSesi As Object
  Dim SapGuiAuto As Object, SAPApp As Object
  If SAPguiAPP Is Nothing Then
      Set SAPguiAPP =
  CreateObject("Sapgui.ScriptingCtrl.1")
  End If
  If oConnection Is Nothing Then
      Set oConnection =
  SAPguiAPP.OpenConnection("1. Prod", True)
  End If
  If SAPSesi Is Nothing Then
     Set SAPSesi =
  oConnection.Children(0)
  End If
  Application.DisplayAlerts = False
  With SAPSesi    
      .FindById("wnd[0]/usr/txtRSYST-MANDT").Text
  = "010"
  .FindById("wnd[0]/usr/txtRSYST-BNAME").Text = "USER"
  .FindById("wnd[0]/usr/pwdRSYST-BCODE").Text =
  "PASSW"
  '.FindById("wnd[0]/usr/txtRSYST-LANGU").Text = "EN"
  .FindById("wnd[0]").SendVKey 0
      'start extraction
  .FindById("wnd[0]").Maximize
  .FindById("wnd[0]/tbar[0]/okcd").Text = "/Niw33"
  .FindById("wnd[0]").SendVKey 0
  .FindById("wnd[0]").Maximize
  .FindById("wnd[0]/usr/ctxtCAUFVD-AUFNR").Text =
  "8762449"
      .FindById("wnd[0]/usr/ctxtCAUFVD-AUFNR").CaretPosition
  = 7
  .FindById("wnd[0]/tbar[1]/btn[8]").Press
  .FindById("wnd[0]/usr/subSUB_ALL:SAPLCOIH:3001/ssubSUB_LEVEL:SAPLCOIH:1107/tabsTS_1100/tabpKOAU/ssubSUB_AUFTRAG:SAPLICO1:1100/tabsTABSTRIP/tabpTS05/ssubVALUES:SAPLICO1:1105/cntlPMCO_SUM_TREE/shellcont/shell/shellcont[1]/shell").HierarchyHeaderWidth
  = 162
  .FindById("wnd[0]/usr/subSUB_ALL:SAPLCOIH:3001/ssubSUB_LEVEL:SAPLCOIH:1107/tabsTS_1100/tabpKOAU/ssubSUB_AUFTRAG:SAPLICO1:1100/btnPUSH1").Press
      .FindById("wnd[0]/usr/cntlGRID1/shellcont/shell/shellcont[1]/shell").SelectedRows
  = "0"
  .FindById("wnd[0]/usr/cntlGRID1/shellcont/shell/shellcont[1]/shell").DoubleClickCurrentCell
  .FindById("wnd[0]/tbar[0]/btn[3]").Press
  .FindById("wnd[1]/usr/btnSPOP-OPTION1").Press
  .FindById("wnd[0]/tbar[0]/btn[3]").Press
  .FindById("wnd[0]/tbar[0]/btn[3]").Press
  .FindById("wnd[0]/tbar[0]/btn[3]").Press
      'etc
  End With
       MsgBox
  "After clicking OK, this SAP session is terminated."
  Application.DisplayAlerts = True
       Set Session =
  Nothing
      Set Connection =
  Nothing
      Set SAPguiAPP =
  Nothing
  End Sub

• Problem with sap logon/bex

  Hello Peoples,
  I have a machine is the same with Windows Vista Home Premium, sap logon 7.10 - patch 11
  Access to the SAP system is perfect, but when I try to open the Bex query designer after informing username and password I get the error of communication rfc.
  Can you please tell me know how can I fix this error? or if Bex is compatible with Vista Home Premium?
  Regards...

  Hi,
  Yes,BEx is compatible with Vista Home Premium Edition.
  You will get an RFC Communication Error,if the backend system is down or if you enter the language as blank(sometimes) in the SAP Logon.
  Try opening other tools like WAD,RD and Analyzer and connect with backend and check whether it works or not.Try opening QD from WAD or Analyzer
  This is not tool specific anyway.
  Rgds,
  Murali

• Problem in SAP Logon

  Hi,
  I am Sikander (J2EE Developer). Currently i am working on SAP ABAP. For this purpose i have downloaded SAP Netweaver 2004 Sneak Preview and SAP GUI. These products are installed sucessfully but i am having problem with SAP logon.
  My Computer Name is shahbaz. My System Configurations are :
  Description: NSPSIK
  Application Server: shahbaz
  System ID: NSP
  System Number: 00
  I am having "partner not reached- connection error" message dialog. Please help me in this regard, i am stuck in this.
  Thanks in advance,
  Malik Sikander Khan

  Hi Sikandher,
  step 1:- Check network a) Try to ping your SAP server
  sep 2 :- Check ini files and hosts file
  copy hosts.txt,saplogon.ini,sapmsg from the working gui system to gui  prob system.
    Location of file
    hosts.txt : c:\windows\system32\drivers\etc
    saplogon.ini:c:\windows
    sapmsg: c:\windows
  note:-  before copying the above file , please close all the application on users machine.
  check the database path vaue from the registry
  Hkey_local_machine/system/services/current/controlset/tcpip/parameter
  make sure database path value is      c:\windows\system32\etc

• SSO to non SAP Application using SAP Logon Ticket

  Hi Experts,
  I Have EP 7 SP 15 using SPNego Wizard to SSO with Active Directory and SSO between EP and ECC using SAP Certificates.
  Now I have a demand to SSO some JAVA based applications (non SAP) to my portal using the SAP Logon Ticket.
  I Have followed some blogs that directed me to use SAPSSOEXT (some libs) to read the MYSAPSSO2 cookie. The problem is that I didn't found this cookie, I even executed the command javascript:document to look for this cookie but the browser just show me the JSESSIONID info.
  Does anybody knows where I can find this cookie or if there's a better way to set up this SSO? It´s necessary to say that I cannot SSO these application to the kerberos protocol because some security reasons on my company.
  Thanks
  Armando

  Hi,
  I dont have much info related but i can giv u hint
  refer OSS Notes 442401 and 723896.
  When using SAP logon tickets for non-SAP applications, two different implementation options are available. The difference lies in where the ticket verification takes place.
  In the first case,  the SAP logon ticket is submitted to the web server filter located on the web server. The web server filter verifies the portal serveru2019s public key
  certificate using its local Personal Security Environment (PSE) and then populates the HTTP header field with the user ID for SSO to the non-sap web application.
  In the second case,  the SAP logon ticket is sent to the non-SAP application, which then verifies it using the ticket verification DLL and submits the user ID to the application for SSO.
  You can refer following link :-
  http://help.sap.com/saphelp_nw70/helpdata/EN/89/6eb8deaf2f11d5993700508b6b8b11/frameset.htm
  user authentication and SSO
  http://help.sap.com/saphelp_nw70/helpdata/EN/8f/ae29411ab3db2be10000000a1550b0/frameset.htm
  Authentication Using a Directory with SSO Integration Using Logon Tickets
  http://help.sap.com/saphelp_nw70/helpdata/EN/f8/3b514ca29011d5bdeb006094191908/frameset.htm
  SSO
  SAP Logon Ticket-based Single Sign-On
  http://help.sap.com/saphelp_nwce10/helpdata/en/45/b6af743753003ae10000000a11466f/frameset.htm

• How to implement SSO to non-SAP systems using SAP logon ticket?

  Hello,
  We would like to implement Single Sign On between our SAP Netweaver system and a Siebel which is a non-SAP system using SAP logon tickets.
  Can anyone please give me some leads on this, in particular:
  1. Is there a JAVA API or an SAP plug-in that can be implemented on the Siebel machine to extract the SAP logon ticket?
  2. As the other machine might seat on a complete different domain, is it possible to implement SAP logon ticket without using cookies (perhaps through the HTTP header?
  3. In case you think using SAP logon tickets is not the best solution here I would be happy to hear any other suggestions you might have.
  Roy

  Hi,
  I'm currently using SAML as well. Unfortunately the SAP J2EE cannot work as authority (identity provider) but what you can do is using an open implementation of SAML such as opensso which is an open version of SUNs Java System access manager.
  There are a couple of other projects such as opensaml, apache's wss4j or shibboleth that might be interesting in this context.
  I just installed opensso and got it working with SAP J2EE 7.0 using SAPs JAAS SAMLLoginModule to authenticate users within SAP J2EE.
  In this scenario opensso serves as identity provider just as you need! There are a couple of Policy agents available on SUNs Download site you can use with Apache, Tomcat, JBOSS, WebSphere, Bea Web Logic etc. in order to authenticate! Otherwise you just directly authenticate against opensso. When installing opensso you can configure the type of user store you want  to use! By default it uses LDAP but you can also use different types of user store using JDBC or other mechanisms. Since you have a Directory Service you could easily connect it to your existing directory.
  There is also a way to map user ids directly in opensso by adding a uid mapping class. I created some documentation with lots of screenshots about using opensso with SAP J2EE. You can easily use opensso with any other system that supports SAML. In the case of SAP the usage is currently limited to SAML versions 1.0 and 1.1. Version 2.0 is not yet supported but should be in one of the following versions.
  Here are some links you might want to check:
  OpenSAML: https://spaces.internet2.edu/display/OpenSAML/Home
  wss4j: http://ws.apache.org/wss4j/
  shibboleth: http://shibboleth.internet2.edu/
  opensso: https://opensso.dev.java.net/
  On SDN you will find a documentation on how to connect SUN Java System Access Manager to SAP J2EE (see https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/906d9fc6-31b9-2910-1385-90edad7d7570). As I said opensso is based on the SUN Access Manager code and looks quite the same. So you can adapt this documentation in order to configure opensso or you can just ask me for the documentation.
  Hope this is helpful...
  Let me know if you need further assistance on this topic
  Cheers

• Java client application + SAP Logon Tickets (SSO)

  Java client application + SAP Logon Tickets (SSO)
  Hello
  I have the following question, it is about connection between SAP Enterprise Portal and Java Application.
  After registration in Enterprise Portal (with Internet Explorer Browser) request is passed on to SAP backend system - cFolders (SSO methode)
  With internet browser functioned everything.
  How can one get, however, this Logon tickets with Java application and then be of use later for SOAP connection
  (everything with client java application)
  Thanks for quick help
  Edo

  Hi Edo,
  look at this https://media.sdn.sap.com/javadocs/NW04/SPS15/um/com/sap/security/api/ticket/TicketVerifier.html
  Best Regards
  Oliver

• Error in the configuration for sap logon tickets

  Hi Forum,
  I use Tcode crmd_order_bp to see the BP cockpit and the error message displays as
  <b>Error in the configuration for SAP logon tickets</b>
  But if I click "Yes", system displays cockpit.
  How can I avoid this error.
  Thanks in advance
  Regards
  Shridhar

  You will still need to configure SSO (either by logon ticket or username/password). The data source access is done using the username/password configured in the UM Config dialog box.
  I can see where you're coming from with your thinking, however logon-ticket-based SSO is probably the best approach.
  Cheers,
  Darren.

• Umw attribute responsible for user ID in SAP Logon Ticket

  In a typical portal login using the login module stack "ticket", I understand that j_user and j_password are used to login at the BasicPasswordLoginModule.
  With our UME running against an LDAP server, what attribute is responsible for the user ID of the generated SAP Logon Ticket at the CreateTicketLoginModule? It could be j_user or userid of the principal type account or the uniquename or loginid of the principal type user.
  Thanks,
  Florian

  i think it is by default but if you are using qoutes then you have to give it in upper case.
  select matnr into mara-matnr from mara where matnr = 'abc'.
  will not fetch any value here you have to give 'ABC'.
  regards
  shiba dutta

• SSO to Web Service using SAP Logon Ticket

  Hi,
  I have to do SSO using SAP Logon Ticket between my portal and a Java Web Service that is accessible over internet. I do have the WSDL file of this Web Service.
  I want to know:
  1. What changes are required in Web Service to configure it to read and accept Logon Ticket?
  2. What am I supposed to do at portal end to enable this process?
  Thanks,
  Vivek

  Hi Vivek & Raja,
  > is it that if the WS is a third party WS and running on a Non-SAP J2EE Server,
  > we can't implement SSO from Portal to it using SAP Logon Ticket?
  Right, if you cannot extend it's functionality, how should it do the ticket verification...
  @Raja:
  > SAP Logon Ticket is for authenticating to a SAP system, since yours in a
  > thirdparty ws, there is not need of SAP logonticket.
  On the other hand, that's not true. It is possible as well as often done to verify the SSO ticket on some third party system. This is also supported, for Java as well as for other systems, different articles about such scenarios have been published, also here on SDN.
  Hope it helps
  Detlev
  PS: Vivek, please consider rewarding points for helpful answers on SDN. Thanks in advance!