SSO from JSP to IIS
Security gurus,
I am trying to implement a simple Single Sign-on solution and have been having pretty hard time getting it to work! I am wondering if you would be able to help me out..
The description of the problem and the attempts I made are presented below.
We have a web app that is restricted and hosted on IIS (windows 2000) server.
Now, I have a JSP that has the following link:
Secure Page
When the users click on it, they need to be able to access the Secure Page without being prompted for windows challenge (uid/pwd) window. mysite.com is configured to accept both 'BASIC' and 'Intergrated Windows Authentication'.
In the JSP, I know the username, password and domain. Somehow, I need to pass this authentication info to IIS, so that it does not prompt for uid/pwd pop-up.
Some of the approaches tried:
1) <form name="postForm" action="http://username:[email protected]" method="post" target="_blank" >
</form>
Secure Page
This thows an HTTP 405 (page expired) error. Even trying to access www.yahoo.com gives 405 error. Even if this worked, the uid and pwd will be visible in the browser and so, it is not acceptable.
2) Tried setting HTTP headers (appropriately Base64 encoded) but that did not work either. Here, I am not sure if I am soing the right stuff. Tried using the WWW-Authenticate and Authenticate headers.
3) The following link that has a good thread, but it does not address my prob. It is related, but not of direct help.
http://www.jguru.com/forums/view.jsp?EID=393110
Any leads that you could provide, would be of HUGE help. This has been giving me sleepless nights for a week! It shouldn't be that hard to accomplish this. Not sure where am I doing it wrong.
Thanks,
Anant
If the secure page needs basic authentication (that mean, if you configured it to be protected like that), sending the right HTTP headers should work.
You need to send your headers like this:
Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
The puzzled string is the Base64 coded username:password. See
http://www.zvon.org/tmRFC/RFC1945/Output/chapter11.html#sub1
for details.
--pn
Similar Messages
-
SSO from portal to Java based web application not happening
Hi,
We are trying to configure SSO from SAP Enterprise portal with Java based
web application(Solaris on SPARC 64 bit).
Then we downloaded library files for "Solaris on SPARC 64 bit" from
service market place from the path "Support Packages and Patches"
Additional Components" SAPSSOEXT".
We are successful in sending the portal side cookie to the application.
But while loading the library files we get the following error
INFO | jvm 1 | 2009/04/13 04:47:00 | java.lang.UnsatisfiedLinkError:
/usr/local/blackboard/apps/tomcat/lib/libsapssoext.so: ld.so.1: java:
fatal: /usr/local/blackboard/apps/tomcat/lib/libsapssoext.so: wrong ELF
class: ELFCLASS64 (Possible cause: endianness mismatch)
Can you please suggest us what went wrong in this whole process.
But when i tried with the 32 bit library files i was able to load libsapssoext.so file but when I
tried to initialize libsapsecu.so i got the below message
java.lang.Exception: MySapInitialize failed: rc= 14
Also do we require to take"SAPSECULIB" from Support Packages and Patches" ...>Additional Components" ...>SAPSECULIB" ...>SAPSECULIB 5.4 for this SSO activity.
Please get back on this ASAP as we are nearing the golive date.
regards
Bharathhi,
am facing similar issue... i.e.
java.lang.Exception: MySapInitialize failed: rc= 14
at com.mysap.sso.SSO2Ticket.init(Native Method)
at com.mysap.sso.SSO2Ticket.<clinit>(SSO2Ticket.java:27)
at org.apache.jsp.index_jsp._jspService(index_jsp.java:92)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:374)
at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:342)
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:267)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.netbeans.modules.web.monitor.server.MonitorFilter.doFilter(MonitorFilter.java:390)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
at java.lang.Thread.run(Thread.java:619)
static beendet.
java.lang.Exception: MySapEvalLogonTicketEx failed: standard error= 9, ssf error= 0
CustomeSSO: Object is null.
pls. help me in resolving it.
rgds,
santosh malavade -
SSO from Web Application to EP
Hi,
We have a requirement where we have to provide SSO from some web application to Portal (EP6 SP15).
This web application will be having link to portal on its pages.
User store for Web Application and Portal is different.
This Web Application can be accessed from Internet.
We have not yet decided about accessing Portal from internet.
Is there any solution to this? Is this doable??
I have looked at thread
SSO from .Net application to SAP Portal
can anyone provide more information??
Thanks in advanceHi Santosh,
there is not much to explain. It your web app side, you must have some matching table between webAppUser and the portal users and their passwords, like:
webAppUser1 portalUserA xy56123
webAppUser2 portalUserB g6324s3
Your own "integration" checks which user is logged on, takes the portal user name and password and calls the portal with the parameters "j_user" and "j_password" (and "login_submit=true"); for example via the client and a form where these values are put in and the target is requested per POST. And that's it. For the form (including the pwd) would be send to the client from your webApp server, you definitely should use https at least, as already stated.
Hope it helps
Detlev -
SSO from Microsoft wabsite to SAP Portal
Hi
My client wants SSO from .net based Microsoft website to SAP Portals. Requirement is that when customer enters the website e.g. www.mysite.com , he will be automatically gain access (SSO) to SAP Portal .
How it can be done ?
Please help
Thanks in advanceHi Ananda,
This link answers your query.
https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.docs/library/interoperability/dotnet/_web%20services%20and%20a2a%20interoperability%20center/sample%20application%3a%20sso%20with%20a%20.net-based%20web%20service%20client%20using%20sap%20logon%20tickets.pdf
Reward points if handy!
Regards,
Sandeep Tudumu -
SSO from Microsoft ISA to SAP enterprise Portal
Hi Gurus,
Our vendors access the Internal network using MS-ISA as proxy.The first point of authentication is MS-ISA where the Vendor needs to give his User id and Password.After that he hits the Internal Portal and is prompted for a Login again.Is there a way to set up SSO from MS-ISA to SAP EP7.0 so that there is no need for second Logon.
Thanks in Advance!The easiest, and common way to solve this, l but not the only way is to use ISA as a proxy and use the fact that the ID of the authenticated user can be stored in an http header variable (e.g. REMOTE_USER). This HTTP header variable can then be used by the back-end SAP system (internal portal) to authenticate the user and issue an SSO2 ticket so that the authentication only needs to occur first time they access a page on the SAP system.
The use of HTTP Header variables in SAP J2ee engine is widely documented on SDN and in SAP help library.
Thanks,
Tim -
SSO from non-SAP J2EE to NW04 ABAP WebService
Hello,
I currently have issues establishing SSO from a J2EE (which is NOT a NetWeaver system) server to a WebService that resides on a AS ABAP 6.40. When I look over the options I see no obvious SSO solution. I cannot be the only one in this situation. Which solution have you managed to implement.
I must stress that username/password is not a solution.
Withouth really understanding the different scenarios, I would prefer to make som sort of trust relation. And then just let the calling application supply the username in a header variable
Best regards,
Thomas Mouritsen>
Thomas Mouritsen wrote:
> Hello,
>
> I currently have issues establishing SSO from a J2EE (which is NOT a NetWeaver system) server to a WebService that resides on a AS ABAP 6.40. When I look over the options I see no obvious SSO solution. I cannot be the only one in this situation. Which solution have you managed to implement.
>
> I must stress that username/password is not a solution.
>
> Withouth really understanding the different scenarios, I would prefer to make som sort of trust relation. And then just let the calling application supply the username in a header variable
>
> Best regards,
> Thomas Mouritsen
Well, the best solution would be using message-based authentication (WS-Security) - either "X.509 Token" (digitally signed message) or "SAML (1.1) Token". Unfortenately you are using an older ABAP system where this feature is not available.
Especially regarding Web Services it is definetly worth to consider upgrading to NWAS 7.0 Enhancement Pack 1 (or at least: NWAS 7.0 with SP14 or higher).
But it also depends on the capabilities of "your" J2EE server. Does it support WS-Security and SAML Tokens? Can it servce as SAML Source Site?
Transport-level security (e.g. SSL with X.509 client certificates) will not help in your scenario (system-to-system calls). It would only be an option if the WS Consumer is an User Agent (-> SSL client represents a single user); only then X.509 client certificates can be used for SSO.
Best regards, Wolfgang -
Hi.
We need SSO from Non-SAP portal to EP.
The Non-SAP Portal has publish Form-based authentification.
I mean userid&password set to URL.
Then the EP can generate SAP Logon ticket to backend system?
regards,How to Enable Single Sign-on with Non-SAP Web Application
I have very good material coollected for the same implement this.
http://help.sap.com/saphelp_nw04/helpdata/en/12/9f244183bb8639e10000000a1550b0/content.htm
https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/a7b5ba90-0201-0010-4dbc-8f999dcd2798
Cheers!!
SJ. -
Values from JSP to Struts Action Class
Dear All,
Am working on a small struts project, i want to get values from JSP in the Action class, i tried with sending variables using request through URL, it works fine, any other way is there to send the values from JSP to action class. Am not having any input fields in the JSP.I have links.
Thanks,
vyrav.I have a dispatch action for that am calling the action like this viewfiles.do?parameter=edit, and i have to send a variable ID from the same page, so am doing like this through java script, viewfiles.do?parameter=edit&id=10. Am able to get the id in the dispatch action edit, but when i start tomcat with security manager its not calling the action itself and its giving accesscontrol exception, but when i directly type viewfiles.do in URL its calling the action.
I dont know wats the problem, tomcat security manager not allowing this. Please help me.
Thanks,
vyrav. -
How to get an ArrayList Object in servlet from JSP?
How to get an ArrayList Object in servlet from JSP?
hi all
please give the solution for this without using session and application...
In test1.jsp file
i am setting values for my setter methods using <jsp:usebean> <jsp:setproperty> tags as shown below.
After that i am adding the usebean object to array list, then using request.setAttribute("arraylist object")
---------Code----------
<jsp:useBean id="payment" class="com.common.PaymentHandler" scope="request" />
<jsp:setProperty name="payment" property="strCreditCardNo" param="creditCardNumber" />
<%-- <jsp:setProperty name="payment" property="iCsc" param="securityCode" /> --%>
<jsp:setProperty name="payment" property="strDate" param="expirationDate" />
<jsp:setProperty name="payment" property="strCardType" param="creditCardType" />
<%--<jsp:setProperty name="payment" property="cDeactivate" param="deactivateBox" />
<jsp:setProperty name="payment" property="fAmount" param="depositAmt" />
<jsp:setProperty name="payment" property="fAmount" param="totalAmtDue" /> --%>
<jsp:useBean id="lis" class="java.util.ArrayList" scope="request">
<%
lis.add(payment);
%>
</jsp:useBean>
<%
request.setAttribute("lis1",lis);
%>
-----------Code in JSP-----------------
In testServlet.java
i tried to get the arraylist object in servlet using request.getAttribute
But I unable to get that arrayObject in servlet.....
So if any one help me out in this, it will be very helpfull to me..
Thanks in Advance
EdwardHi,
Im also facing the similar problen
pls anybody help..
thax in advance....
Litty -
Launching a Discoverer report from jsp page
Hi
I have a discoverer workbook created using BI Discoverer (for relational). I want to accept some parameters for this workbook from a jsp page, which will also have a "View report" button. This button when pressed should open up the Discoverer workbook and all the parameters from the jsp should be passed to the workbook.
Is it possible? If yes, any details on it?
We do the same thing successfully to launch Oracle Reports from jsps, we simply build the url in the jsp, and from jsp we submit it to a new window, and it opens up the report. Similar functionality we are looking to launch Discoverer reports.
Any help will be appreciated.
Thanks
ShaluYou can open the workbook with URL parameters with Discoverer Viewer much like you would Oracle Reports. Setting anything form the username, password, workbook name, worksheet, and parameters. All the information can be found in the following document:
http://download-east.oracle.com/docs/cd/B14099_11/bi.1012/b13918/urlstart.htm
The specific question your asking is addressed under 13.5.2 Example 2. Let me know if you have any issues
Matt Topper
Technical Management Consultant
TUSC, The Oracle Experts
[email protected] -
How to call Crystal Reports10 from JSP?
Hi!
I want to generate a crystal report based on the parameters from database which in turn will be taken from jsp page.Can anybody help me on this?
Thanks in advance!http://www.businessobjects.com/products/dev_zone/java/default.asp?ref=devzone_main
Check their top 5 java downloads for documentation on how it works. -
i m trying to call it from jsp using
<a href="../purchaseP?orderno=<%=pno%>"><%=pno%></a>
but its giving error..
type Status report
message HTTP method GET is not supported by this URL
description The specified HTTP method is not allowed for the requested resource (HTTP method GET is not supported by this URL).i m trying to call it from jsp using
<a href="../purchaseP?orderno=<%=pno%>"><%=pno%></a>
but its giving error..
type Status report
message HTTP method GET is not supported by this URL
description The specified HTTP method is not allowed
for the requested resource (HTTP method GET is not
supported by this URL).Are you implementing the doGet or doPost method in your servlet? If you are calling from a hyperlink then it needs to be implementing the GET method. To access the POST method use a html form. -
How to call RDF report from JSP page
Dear all,
I want to call a RDF report from JSP page. I am creating the JSP page using j developer 10G.
Can anyone help me out in this case. Is there any tag or procedure or any other way by of that i can perform this work.
please help and send the reply on [email protected],[email protected]
thanks
AshokHi Ashok,
You can use rwservlet - nothing really to do with JDeveloper. Once you have report server up and running (hint: read http://download-uk.oracle.com/docs/cd/B14099_19/bi.1012/b14048/toc.htm), you can call a report like this:
http://server:port/rwservlet?report=my_report.rdf&destype=cache&desformat=html&p_my_parameter=xxx etcHope this helps,
John -
How to call cystal report8 report file from jsp page
hi guys
present i am using cystal report8 already i am having ReportViewer.jar and ReportviewerBean.jar files
using that please send me sample code how to call that report from jsp page..
and how to pass the parameters from jsp page to crystalreport8 report file.
it was very urgent task to me..so please send sample code on above topic..
or send me crystalreport8 API
thanks
regardsHi,
I also want to work on crystal report but i dont have the ReportViewerBean.jar and ReportViewer.jar. So, please tell from where will i get those jar files.
Thanks in advanced. -
How to import and display an applet from JSP
i m using netbeans 5.0
i have class named myapplet.class
and jsp named myjsp.jsp
now i want to access(import) this myapplet.class from jsp
also i want to display this applet from this jsp
i am able to do either thing but not both
so please help me it is so urgent and important for me bcoz
i have to complete my project as early as possible
Thanks in advancemy jsp source file page path is D:\Reliance
project\WebApplication3\web\
and classes path is D:\Reliance
project\WebApplication3\build\web\WEB-INF\classes\
so problem is that if i want to use myapplet.class
then i have to put my class in D:\Reliance
project\WebApplication3\build\web\WEB-INF\classes\
location
but at that time i am not able to display this applet
on my jsp
if i put my myapplet.class in
D:\Reliance project\WebApplication3\web\ then i m
able to display
applet but not able to access(import) this class
hope you will got the problem!!!
thanks for your reply !!!try to set the path of your applet on jsp something like this
"WEB-INF/classes/myclass.class"
Maybe you are looking for
-
My G5 1.8 dual has started crashing on start-up. I switch it on and it eventually powers up and I get my personalised desktop but as soon as I try to do anything I ge the spinning beach ball and cannot do anything but force it to close. I have tried
-
Using Windows Vista and IE7 with Forms based applications
A user has Vista & iexplorer 7 installed on their machine and when they attempt to access the Professional Buyer responsibility (forms based) they receive an error message stating that 'Internet Explorer has stopped working'. When they attempt the sa
-
How to connect T6100 to the DVD - home cinema
I really don't understand how I can connect 5.1 sound system T600 to DVD-player which have a 6 channels ( "cin-cin" connectors )?! Is better option to buy GD580 or T600? My DVD player support audio optical out connectors ? Please help me!
-
How to build Information button in WAD, web template
Hello friends, I am working in BI 7.0 WAD well i designed a query in Bex and it is linked with portal , so if i run the query it shows the result in Portal On portal while executing the query if i filter on some characteristics, then there is a butto
-
FIND Last Purchase Order of specific materials
Hello Gurus, I wonder if someone can help to find the last purchase order created of certain materiales, which tables Do i have to search for? thanks for the help.