SSO:Portal to J2EE Application
Hi all,
I have developed a simple java application that has user-id & password textboxes along with a submit button.(login.jsp)
this is deployed as an iView in the server.
When the submit button is clicked,it navigates 2 another JSP page(welcome.jsp) that displays the user's name if the id and passowrd matches with that present in the backend DB.
I want 2 display this welcome page directly without prompting for a logon frm the user.
How can i do this with AppIntegrator?I referd the following <a href="https://www.sdn.sap.com/irj/sdn/thread?threadID=95024">thread</a>I cant find the system uri,in the source code of the application!
How should i proceed further?
Thanks in advance.
anticipating replies
SwarnaDeepika
Hi Swarna,
Kindly try these steps..I have accumulated the points as per the discussions on mail.
Just try all these steps..
1) I hope you have created a J2EE application which has its own data source (i.e: tables in the Data Dictionary which has enteries for user and Password).
2) Create a HTTP system for usermapping.
3) After that perform all the steps as mentioned in the WebLog for the <b>App integrator</b>. (i.e: do the user mapping to the system by providing the User name and password.)
4) In the J2EE Application write the code that If that username which you got from the URL and the userName in your data source is same then show him the main page directly, else show him the Login Page.
5) Create a URL View in which you can put your application. Set the <b>admin,u</b>ser property from the User Management.
I hope all these will solve your problem!! Kinldy check this!!
Regards
Pravesh
Similar Messages
-
SSO to J2EE application from SAP Portal
Hi
I am trying to do SSO from SAP Portal to a J2EE engine which runs on SAP Web AS.
Here are my queries
1. When I deploy a J2EE application on Web AS , I dont get any login screen. How can I make sure that if a user wants to access this J2EE application he should get a login screen and provide his login credentials first, only then would he be able to access the J2EE application.
2.When I am done with Part 1. If a user tries to access this J2EE application from the Portal (asuming the user Id's in Portal and J2EE application are same and both are in the same domain) , I should not get any login screen and should be able to view the J2EE application.
3.I want to use SAP Logon tickets generated by the Portal to enable SSO.
I have done all the necessary configurations in the J2EE server.
1. Imported the Portal's verify.der certificate.
2. Adjusted the login modules stack for the application accordingly.
Can anyone please help me out with this or throw some light.
Please help.
Thanks in advance,
Vivek
PS - Points will be definitely rewardedHi Vivek,
Let me give you the solution for both questions differently.
<b>Ques 1. When I deploy a J2EE application on Web AS , I dont get any login screen. How can I make sure that if a user wants to access this J2EE application he should get a login screen and provide his login credentials first, only then would he be able to access the J2EE application.</b>
<b>Ans:</b> For doing this in the code of your J2EE application you have to write a if statement which will check if the user ID is coming from the backend or not. If yes then you display that logon page else you just pass that username which is coming from backend and displ;ay the page accordingly.
<b>Ques 2.When I am done with Part 1. If a user tries to access this J2EE application from the Portal (asuming the user Id's in Portal and J2EE application are same and both are in the same domain) , I should not get any login screen and should be able to view the J2EE application.</b>
<b>Ans:</b> Yes, this is what I am explaining you. Even I had also made same kind of J2EE application in which if the user is coming from the backend then he/she will look the J2EE screen else if the username is not coming then he will se the Login screen. Exactly same as what are looking for.
<b>3.I want to use SAP Logon tickets generated by the Portal to enable SSO.</b>
<b>Ans:</b> I have used User Mapping instead of SAP Logon ticket. Well that is also the option for SSO but personally I think User Mapping is easy and better way for implementing SSO.
I dont know whether this will help you or not. Please let me know. I can definately help if you want to implement SSO using User Maping.
Regards
Pravesh
PS: Please dont forget to reward points. -
Download/Display the image files stored at KM location: J2EE application
Hi All
Please let me know how to download/Display the image files stored at KM location on portal using J2EE application. Thanks.
Best Regards
P MYou can use a servlet to deliver the image data to the <img tag, which allows you to get the data from something other than a file on the server (e.g. store the image data as a session attribute with a generated attribute key, the key being given in the serlvet's query string).
-
J2EE application access from Portal - P4ObjectBroker
hey all,
I want to access access a J2EE application (Web Service) from a Portal Component. The documentation at http://help.sap.com/saphelp_nw04/helpdata/en/c0/a584409db95537e10000000a1550b0/content.htm shows an example.
They import the package <b>com.sap.engine.services.rmi_p4.P4ObjectBroker</b>. I cannot find the package on my system, i.e. my local portal installation.
Does anybody know what kind of package is required, or where I can find this package...
many thanks in advance
cheers SaschaHey Sascha,
the P4ObjectBroker is part of the implementation of the P4 Provider Service on the J2EE Engine. It is part of the com.sap.engine.services.rmi_p4 package.
If you can't find it I recommend you to search it using ClassLocator, it is a plugin that indexes all your packages and locates the propar class for you.
You can download it at this link: http://sourceforge.net/projects/classlocator
Read the instructions of how to use it with the NWDS, it is really simple. If you need more help do tell me.
Regards,
Roy -
How to access a Portal User Info from a J2EE application?
Hi,
I have deployed a j2ee application in portal and its running fine.
from that application i need to assign some roles to some users.i have the user id.
so my doubt is can i access the portal user info from this j2ee application?i have some servlets in the j2ee application....can i get the portal user info from this servlet?
plz help me
regards,
VisweswarHi,
Please check out this to get the portal user information from Java -
WdClientUser class/Interface to aciehve this.
Please check out these links on the same -
WDClientUser.getClientUser IUser
help needed
Regards
Lekha -
Unable to SSO to Campus Solution Application from Enterprise Portal
Hi all,
i am using Peoplesoft HRMS & Campus Solution 9.0 on machine (cms1) and Peoplesoft Enterprise Portal 9.0 on machine (cms2). the peopletools version on both is 8.49.
The database name for campus solution is HRCS9 and for portal is EPORTAL.
after configuring nodes on both the databases when i try to SSO to my CS application from portal error screen appears "invalid User ID or Pasword"
the logs from both the application servers are as follows:
Portal Application Server log:
PSADMIN.5032 (0) [11/10/08 19:23:16](0) Begin boot attempt on domain EPORTAL
PSWATCHSRV.5380 (0) [11/10/08 19:23:25] Checking process status every 120 seconds
PSWATCHSRV.5380 (0) [11/10/08 19:23:25] Server started
PSAPPSRV.5392 (0) [11/10/08 19:23:31](0) PeopleTools Release 8.49 (WinX86) starting
PSAPPSRV.5392 (0) [11/10/08 19:23:31](0) Cache Directory being used: C:\PA8.49\appserv\EPORTAL\CACHE\PSAPPSRV_2\
PSAPPSRV.5392 (0) [11/10/08 19:23:36](3) (PublishSubscribe): PubSubSystem::InitializeServer(): Initialization succeeded.
PSAPPSRV.5392 (0) [11/10/08 19:23:36](0) Server started
PSAPPSRV.5456 (0) [11/10/08 19:23:36](0) PeopleTools Release 8.49 (WinX86) starting
PSAPPSRV.5456 (0) [11/10/08 19:23:36](0) Cache Directory being used: C:\PA8.49\appserv\EPORTAL\CACHE\PSAPPSRV_1\
PSAPPSRV.5456 (0) [11/10/08 19:23:37](3) (PublishSubscribe): PubSubSystem::InitializeServer(): Initialization succeeded.
PSAPPSRV.5456 (0) [11/10/08 19:23:37](0) Server started
PSSAMSRV.5500 (0) [11/10/08 19:23:37](0) PeopleTools Release 8.49 (WinX86) starting
PSSAMSRV.5500 (0) [11/10/08 19:23:37](0) Cache Directory being used: C:\PA8.49\appserv\EPORTAL\CACHE\PSSAMSRV_100\
PSSAMSRV.5500 (0) [11/10/08 19:23:37](0) Server started
PSDBGSRV.5660 (0) [11/10/08 19:23:41](0) PeopleTools Release 8.49 (WinX86) starting
PSDBGSRV.5660 (0) [11/10/08 19:23:41](0) Cache Directory being used: C:\PA8.49\appserv\EPORTAL\CACHE\PSDBGSRV_1\
PSDBGSRV.5660 (0) [11/10/08 19:23:41](0) Server started
PSADMIN.5032 (0) [11/10/08 19:23:43](0) End boot attempt on domain EPORTAL
PSAPPSRV.5392 (1) [11/10/08 19:26:41 GetCertificate](3) Returning context. ID=PTWEBSERVER, Lang=ENG, UStreamId=192641_5392.1, Token=PSFT_PA/2008-11-10-11.26.41.999750/PTWEBSERVER/ENG qQAAAAQDAgEBAAAAvAIAAAAAAAAsAAAABABTaGRyAk4Adwg4AC4AMQAwABQbbEPz+6zLyPQKGNiShI90iiKus2kAAAAFAFNkYXRhXXicLYpNDkAwEEZfEUtLtyDV1N+SpOykQVg6hss5nNGYl7z5MvPdQBJHSsl+IsLknp0Tx8gmXjmCU8fCTOblOknjwjNgDVroKKiEz/rPJYZGbEPuAy21/HkBHRYNEw==
PSAPPSRV.5392 (3) [11/10/08 19:26:45 GetCertificate](3) Returning context. ID=PTWEBSERVER, Lang=ENG, UStreamId=192645_5392.3, Token=PSFT_PA/2008-11-10-11.26.45.999344/PTWEBSERVER/ENG qAAAAAQDAgEBAAAAvAIAAAAAAAAsAAAABABTaGRyAk4Adwg4AC4AMQAwABTwJg4srjPRJcaB+xCKfDz62SDcVWgAAAAFAFNkYXRhXHicLYpLDkBAEAXLJ5aWbkF8hrAkwU4mCEvHcDmH80x0JdX9XvoGwsD3PO3Hx01i2TkZGdjklcM5GlmYia3aSR8Xlh5TkouWlEJ8zv87o6SRDbXcOSolAy8dRQ0W
PSAPPSRV.5392 (5) [11/10/08 19:26:49 GetCertificate](3) Returning context. ID=PS, Lang=ENG, UStreamId=192649_5392.5, Token=PSFT_PA/2008-11-10-11.26.50.000094/PS/ENG ngAAAAQDAgEBAAAAvAIAAAAAAAAsAAAABABTaGRyAk4AZQg4AC4AMQAwABSSKFTlDSWX4An/BOAT06JahrlSGl4AAAAFAFNkYXRhUnicLYoxCoAwFENfa3H0JpZaqtTRQd2koLuTt/Rw/l/MgySEPIBrrDGSr6XKFU7alYOdTvvGxU1hIUWCkOkZBPXwd09kEh9l8fWlzCT4AAJnCh8=
PSAPPSRV.5392 (31) [11/10/08 19:29:31 GetCertificate](3) Returning context. ID=PS, Lang=ENG, UStreamId=192931_5392.31, Token=PSFT_PA/2008-11-10-11.29.31.999829/PS/ENG mwAAAAQDAgEBAAAAvAIAAAAAAAAsAAAABABTaGRyAk4AZQg4AC4AMQAwABTzL4/qlLgyMb8tEqL+ecIQxTr7mlsAAAAFAFNkYXRhT3icLYgxDoAgEAQHJJb+RINgAaWF2hkS7a38JY/zuLiT7E72BVxnjZGtFo0rXPQbJwdD852bh8LKEvBCYmQWWvvfJwJZOqpnJenHBwPkCkI=
PSAPPSRV.5392 (101) [11/10/08 19:32:55 GetCertificate](3) Returning context. ID=PS, Lang=ENG, UStreamId=193255_5392.101, Token=PSFT_PA/2008-11-10-11.32.55.999563/PS/ENG nQAAAAQDAgEBAAAAvAIAAAAAAAAsAAAABABTaGRyAk4AZQg4AC4AMQAwABSF5U6f9jcl+IXjYPYkFDP4uPL3M10AAAAFAFNkYXRhUXicLYgxDoAgEAQHJJT+RIIgRksLtTMk2lv5Sx/nQdxJdif7AKbRSsm+mhqTObErBztt8Y2Lm8zCEPDCREcvlPa/OyJBOgmOuZIY5eUDA7MKPQ==
PSAPPSRV.5392 (127) [11/10/08 19:34:00 GetCertificate](3) Returning context. ID=PS, Lang=ENG, UStreamId=193400_5392.127, Token=PSFT_PA/2008-11-10-11.34.00.999829/PS/ENG nAAAAAQDAgEBAAAAvAIAAAAAAAAsAAAABABTaGRyAk4AZQg4AC4AMQAwABQFx3N1TnUPWz51nCxa1i9Q/xoGaFwAAAAFAFNkYXRhUHicLYkxDoAgEAQHJJb+RIJIAaWF2hkS7a38pY/zjriTzG6yD+A6a4z0a2lxlZN+5WBn0L1xcVNZSJEgZEYmQR3+7ZlJYv09pZGJYj4DQAo6
PSAPPSRV.5392 (134) [11/10/08 19:34:26 GetCertificate](3) Returning context. ID=PS, Lang=ENG, UStreamId=193426_5392.134, Token=PSFT_PA/2008-11-10-11.34.26.999641/PS/ENG nQAAAAQDAgEBAAAAvAIAAAAAAAAsAAAABABTaGRyAk4AZQg4AC4AMQAwABR/ru0ssiOhk5UPzOBClNrqwWWAw10AAAAFAFNkYXRhUXicLYhBCoAgFESfJi27SaEmUssW1S6E2rfqlh7OrzQP3gzzAabTSklnTYtJ3PQ7FydD3QcPL4mN4LHCwogTqu2/J2aC2BPFayPK46AAA7AKOg==
PSAPPSRV.5392 (141) [11/10/08 19:34:58 PS@SAJJAD (NETSCAPE 7.0; WINXP) ICScript](3) New authentication token detected from node PSFT_HR/2008-11-10-22.35.47.000234, no change needed for current session.
PSAPPSRV.5392 (141) [11/10/08 19:34:58 PS@SAJJAD (NETSCAPE 7.0; WINXP) ICScript](3) Returning context. ID=PS, Lang=ENG, UStreamId=193458_5392.141, Token=PSFT_HR/2008-11-10-22.35.47.000234/PS/ENG nAAAAAQDAgEBAAAAvAIAAAAAAAAsAAAABABTaGRyAk4AZQg4AC4AMQAwABRxo0+U3IHEtF9OLFkSVGTDW+/Im1wAAAAFAFNkYXRhUHicLYhLDkBAEETfjImlm5A2WriAz0oEeyu3dDg9E/WSV5V6gFB456xfT07YOSknNhaqtGcublYONCLGSE1rJMvvho7erAxmyUT7FD4EiAop
PSAPPSRV.5392 (182) [11/10/08 19:45:06 PS@SAJJAD (NETSCAPE 7.0; WINXP) ICPanel](3) PeopleSoft Token authentication failed: invalid token signature: PS@SAJJAD
PSAPPSRV.5392 (182) [11/10/08 19:45:06 PS@SAJJAD (NETSCAPE 7.0; WINXP) ICPanel](3) SwitchUser frame received invalid token, ignoring it. CtxUser=PS/ENG. Token: PSFT_HR/2008-11-10-22.45.59.000140/PS/ENG nQAAAAQDAgEBAAAAvAIAAAAAAAAsAAAABABTaGRyAk4AZQg4AC4AMQAwABSaO0dC5ooPNpst4hSrWhY4sPryll0AAAAFAFNkYXRhUXicLYjLCYAwFAQnMeRoJ8qLJKAF+DmJqHdPdpnifAnuwOyyL+Aaa4x2ttS4gws/s7PSlr1w87BxEgdEGekISrH87okkdWJSSyXoJ/ABBMgKKQ==
PSAPPSRV.5392 (183) [11/10/08 19:45:12 PS@SAJJAD (NETSCAPE 7.0; WINXP) ICScript](3) PeopleSoft Token authentication failed: invalid token signature: PS@SAJJAD
PSAPPSRV.5392 (183) [11/10/08 19:45:12 PS@SAJJAD (NETSCAPE 7.0; WINXP) ICScript](3) SwitchUser frame received invalid token, ignoring it. CtxUser=PS/ENG. Token: PSFT_HR/2008-11-10-22.45.59.000140/PS/ENG nQAAAAQDAgEBAAAAvAIAAAAAAAAsAAAABABTaGRyAk4AZQg4AC4AMQAwABSaO0dC5ooPNpst4hSrWhY4sPryll0AAAAFAFNkYXRhUXicLYjLCYAwFAQnMeRoJ8qLJKAF+DmJqHdPdpnifAnuwOyyL+Aaa4x2ttS4gws/s7PSlr1w87BxEgdEGekISrH87okkdWJSSyXoJ/ABBMgKKQ==
PSAPPSRV.5392 (184) [11/10/08 19:45:16 PS@SAJJAD (NETSCAPE 7.0; WINXP) ICScript](3) PeopleSoft Token authentication failed: invalid token signature: PS@SAJJAD
PSAPPSRV.5392 (184) [11/10/08 19:45:16 PS@SAJJAD (NETSCAPE 7.0; WINXP) ICScript](3) SwitchUser frame received invalid token, ignoring it. CtxUser=PS/ENG. Token: PSFT_HR/2008-11-10-22.45.59.000140/PS/ENG nQAAAAQDAgEBAAAAvAIAAAAAAAAsAAAABABTaGRyAk4AZQg4AC4AMQAwABSaO0dC5ooPNpst4hSrWhY4sPryll0AAAAFAFNkYXRhUXicLYjLCYAwFAQnMeRoJ8qLJKAF+DmJqHdPdpnifAnuwOyyL+Aaa4x2ttS4gws/s7PSlr1w87BxEgdEGekISrH87okkdWJSSyXoJ/ABBMgKKQ==
PSAPPSRV.5392 (185) [11/10/08 19:45:16 PS@SAJJAD (NETSCAPE 7.0; WINXP) ICPanel](3) PeopleSoft Token authentication failed: invalid token signature: PS@SAJJAD
PSAPPSRV.5392 (185) [11/10/08 19:45:16 PS@SAJJAD (NETSCAPE 7.0; WINXP) ICPanel](3) SwitchUser frame received invalid token, ignoring it. CtxUser=PS/ENG. Token: PSFT_HR/2008-11-10-22.45.59.000140/PS/ENG nQAAAAQDAgEBAAAAvAIAAAAAAAAsAAAABABTaGRyAk4AZQg4AC4AMQAwABSaO0dC5ooPNpst4hSrWhY4sPryll0AAAAFAFNkYXRhUXicLYjLCYAwFAQnMeRoJ8qLJKAF+DmJqHdPdpnifAnuwOyyL+Aaa4x2ttS4gws/s7PSlr1w87BxEgdEGekISrH87okkdWJSSyXoJ/ABBMgKKQ==
PSAPPSRV.5392 (186) [11/10/08 19:45:19 PS@SAJJAD (NETSCAPE 7.0; WINXP) ICPanel](3) PeopleSoft Token authentication failed: invalid token signature: PS@SAJJAD
PSAPPSRV.5392 (186) [11/10/08 19:45:19 PS@SAJJAD (NETSCAPE 7.0; WINXP) ICPanel](3) SwitchUser frame received invalid token, ignoring it. CtxUser=PS/ENG. Token: PSFT_HR/2008-11-10-22.45.59.000140/PS/ENG nQAAAAQDAgEBAAAAvAIAAAAAAAAsAAAABABTaGRyAk4AZQg4AC4AMQAwABSaO0dC5ooPNpst4hSrWhY4sPryll0AAAAFAFNkYXRhUXicLYjLCYAwFAQnMeRoJ8qLJKAF+DmJqHdPdpnifAnuwOyyL+Aaa4x2ttS4gws/s7PSlr1w87BxEgdEGekISrH87okkdWJSSyXoJ/ABBMgKKQ==
PSAPPSRV.5392 (187) [11/10/08 19:45:21 PS@SAJJAD (NETSCAPE 7.0; WINXP) ICPanel](3) PeopleSoft Token authentication failed: invalid token signature: PS@SAJJAD
PSAPPSRV.5392 (187) [11/10/08 19:45:21 PS@SAJJAD (NETSCAPE 7.0; WINXP) ICPanel](3) SwitchUser frame received invalid token, ignoring it. CtxUser=PS/ENG. Token: PSFT_HR/2008-11-10-22.45.59.000140/PS/ENG nQAAAAQDAgEBAAAAvAIAAAAAAAAsAAAABABTaGRyAk4AZQg4AC4AMQAwABSaO0dC5ooPNpst4hSrWhY4sPryll0AAAAFAFNkYXRhUXicLYjLCYAwFAQnMeRoJ8qLJKAF+DmJqHdPdpnifAnuwOyyL+Aaa4x2ttS4gws/s7PSlr1w87BxEgdEGekISrH87okkdWJSSyXoJ/ABBMgKKQ==
PSAPPSRV.5392 (188) [11/10/08 19:45:23 PS@SAJJAD (NETSCAPE 7.0; WINXP) ICPanel](3) PeopleSoft Token authentication failed: invalid token signature: PS@SAJJAD
PSAPPSRV.5392 (188) [11/10/08 19:45:23 PS@SAJJAD (NETSCAPE 7.0; WINXP) ICPanel](3) SwitchUser frame received invalid token, ignoring it. CtxUser=PS/ENG. Token: PSFT_HR/2008-11-10-22.45.59.000140/PS/ENG nQAAAAQDAgEBAAAAvAIAAAAAAAAsAAAABABTaGRyAk4AZQg4AC4AMQAwABSaO0dC5ooPNpst4hSrWhY4sPryll0AAAAFAFNkYXRhUXicLYjLCYAwFAQnMeRoJ8qLJKAF+DmJqHdPdpnifAnuwOyyL+Aaa4x2ttS4gws/s7PSlr1w87BxEgdEGekISrH87okkdWJSSyXoJ/ABBMgKKQ==
PSAPPSRV.5392 (189) [11/10/08 19:45:26 PS@SAJJAD (NETSCAPE 7.0; WINXP) ICPanel](3) PeopleSoft Token authentication failed: invalid token signature: PS@SAJJAD
PSAPPSRV.5392 (189) [11/10/08 19:45:26 PS@SAJJAD (NETSCAPE 7.0; WINXP) ICPanel](3) SwitchUser frame received invalid token, ignoring it. CtxUser=PS/ENG. Token: PSFT_HR/2008-11-10-22.45.59.000140/PS/ENG nQAAAAQDAgEBAAAAvAIAAAAAAAAsAAAABABTaGRyAk4AZQg4AC4AMQAwABSaO0dC5ooPNpst4hSrWhY4sPryll0AAAAFAFNkYXRhUXicLYjLCYAwFAQnMeRoJ8qLJKAF+DmJqHdPdpnifAnuwOyyL+Aaa4x2ttS4gws/s7PSlr1w87BxEgdEGekISrH87okkdWJSSyXoJ/ABBMgKKQ==
PSAPPSRV.5392 (190) [11/10/08 19:45:29 PS@SAJJAD (NETSCAPE 7.0; WINXP) ICPanel](3) PeopleSoft Token authentication failed: invalid token signature: PS@SAJJAD
PSAPPSRV.5392 (190) [11/10/08 19:45:29 PS@SAJJAD (NETSCAPE 7.0; WINXP) ICPanel](3) SwitchUser frame received invalid token, ignoring it. CtxUser=PS/ENG. Token: PSFT_HR/2008-11-10-22.45.59.000140/PS/ENG nQAAAAQDAgEBAAAAvAIAAAAAAAAsAAAABABTaGRyAk4AZQg4AC4AMQAwABSaO0dC5ooPNpst4hSrWhY4sPryll0AAAAFAFNkYXRhUXicLYjLCYAwFAQnMeRoJ8qLJKAF+DmJqHdPdpnifAnuwOyyL+Aaa4x2ttS4gws/s7PSlr1w87BxEgdEGekISrH87okkdWJSSyXoJ/ABBMgKKQ==
PSAPPSRV.5392 (191) [11/10/08 19:45:30 PS@SAJJAD (NETSCAPE 7.0; WINXP) ICPanel](3) PeopleSoft Token authentication failed: invalid token signature: PS@SAJJAD
PSAPPSRV.5392 (191) [11/10/08 19:45:30 PS@SAJJAD (NETSCAPE 7.0; WINXP) ICPanel](3) SwitchUser frame received invalid token, ignoring it. CtxUser=PS/ENG. Token: PSFT_HR/2008-11-10-22.45.59.000140/PS/ENG nQAAAAQDAgEBAAAAvAIAAAAAAAAsAAAABABTaGRyAk4AZQg4AC4AMQAwABSaO0dC5ooPNpst4hSrWhY4sPryll0AAAAFAFNkYXRhUXicLYjLCYAwFAQnMeRoJ8qLJKAF+DmJqHdPdpnifAnuwOyyL+Aaa4x2ttS4gws/s7PSlr1w87BxEgdEGekISrH87okkdWJSSyXoJ/ABBMgKKQ==
PSAPPSRV.5392 (192) [11/10/08 19:45:32 PS@SAJJAD (NETSCAPE 7.0; WINXP) ICPanel](3) PeopleSoft Token authentication failed: invalid token signature: PS@SAJJAD
PSAPPSRV.5392 (192) [11/10/08 19:45:32 PS@SAJJAD (NETSCAPE 7.0; WINXP) ICPanel](3) SwitchUser frame received invalid token, ignoring it. CtxUser=PS/ENG. Token: PSFT_HR/2008-11-10-22.45.59.000140/PS/ENG nQAAAAQDAgEBAAAAvAIAAAAAAAAsAAAABABTaGRyAk4AZQg4AC4AMQAwABSaO0dC5ooPNpst4hSrWhY4sPryll0AAAAFAFNkYXRhUXicLYjLCYAwFAQnMeRoJ8qLJKAF+DmJqHdPdpnifAnuwOyyL+Aaa4x2ttS4gws/s7PSlr1w87BxEgdEGekISrH87okkdWJSSyXoJ/ABBMgKKQ==
PSAPPSRV.5392 (193) [11/10/08 19:45:35 PS@SAJJAD (NETSCAPE 7.0; WINXP) ICPanel](3) PeopleSoft Token authentication failed: invalid token signature: PS@SAJJAD
PSAPPSRV.5392 (193) [11/10/08 19:45:35 PS@SAJJAD (NETSCAPE 7.0; WINXP) ICPanel](3) SwitchUser frame received invalid token, ignoring it. CtxUser=PS/ENG. Token: PSFT_HR/2008-11-10-22.45.59.000140/PS/ENG nQAAAAQDAgEBAAAAvAIAAAAAAAAsAAAABABTaGRyAk4AZQg4AC4AMQAwABSaO0dC5ooPNpst4hSrWhY4sPryll0AAAAFAFNkYXRhUXicLYjLCYAwFAQnMeRoJ8qLJKAF+DmJqHdPdpnifAnuwOyyL+Aaa4x2ttS4gws/s7PSlr1w87BxEgdEGekISrH87okkdWJSSyXoJ/ABBMgKKQ==
PSAPPSRV.5392 (195) [11/10/08 19:46:11 GetCertificate](3) Returning context. ID=PS, Lang=ENG, UStreamId=194611_5392.195, Token=PSFT_PA/2008-11-10-11.46.10.999875/PS/ENG nQAAAAQDAgEBAAAAvAIAAAAAAAAsAAAABABTaGRyAk4AZQg4AC4AMQAwABS0qpyQho8sgQmnp1cRCH5eiqUov10AAAAFAFNkYXRhUXicLYhBDkAwFERfq7F0E01JUUsL7KQJeyu3dDj/N+YlMy/zAK6yxsi+lhKXOalXDnYa9Y2Lm8xC7AlCoqUTtMPvnsgorY9nLiQmBvgAA6cKPw==
PSAPPSRV.5392 (216) [11/10/08 20:19:47 PS@SAJJAD (NETSCAPE 7.0; WINXP) ICScript](3) New authentication token detected from node PSFT_HR/2008-11-10-23.15.45.000015, no change needed for current session.
PSAPPSRV.5392 (216) [11/10/08 20:19:47 PS@SAJJAD (NETSCAPE 7.0; WINXP) ICScript](3) Returning context. ID=PS, Lang=ENG, UStreamId=201947_5392.216, Token=PSFT_HR/2008-11-10-23.15.45.000015/PS/ENG mQAAAAQDAgEBAAAAvAIAAAAAAAAsAAAABABTaGRyAk4AZQg4AC4AMQAwABQMZZkf0TkEbWOuy2hvwAqxOdvmd1kAAAAFAFNkYXRhTXicS2VgYGBhZmJkBNJ7mBjAgCWAIZiBzZXBj8GdgQ/EdmMIYYhn8GAIYjAxYjAAQgsGXQZDIASRBlC2HhCbAkkTMGkAhSAxBgAEPAoj
PSWATCHSRV.5380 (0) [11/10/08 20:23:11] Shutting down
PSADMIN.2052 (0) [11/10/08 20:23:20](0) Begin boot attempt on domain EPORTAL
PSWATCHSRV.4188 (0) [11/10/08 20:23:29] Checking process status every 120 seconds
PSWATCHSRV.4188 (0) [11/10/08 20:23:29] Server started
PSAPPSRV.4572 (0) [11/10/08 20:23:29](0) PeopleTools Release 8.49 (WinX86) starting
PSAPPSRV.4572 (0) [11/10/08 20:23:29](0) Cache Directory being used: C:\PA8.49\appserv\EPORTAL\CACHE\PSAPPSRV_2\
PSAPPSRV.4572 (0) [11/10/08 20:23:30](3) (PublishSubscribe): PubSubSystem::InitializeServer(): Initialization succeeded.
PSAPPSRV.4572 (0) [11/10/08 20:23:30](0) Server started
PSAPPSRV.2356 (0) [11/10/08 20:23:30](0) PeopleTools Release 8.49 (WinX86) starting
PSAPPSRV.2356 (0) [11/10/08 20:23:30](0) Cache Directory being used: C:\PA8.49\appserv\EPORTAL\CACHE\PSAPPSRV_1\
PSAPPSRV.2356 (0) [11/10/08 20:23:31](3) (PublishSubscribe): PubSubSystem::InitializeServer(): Initialization succeeded.
PSAPPSRV.2356 (0) [11/10/08 20:23:31](0) Server started
PSSAMSRV.5632 (0) [11/10/08 20:23:31](0) PeopleTools Release 8.49 (WinX86) starting
PSSAMSRV.5632 (0) [11/10/08 20:23:31](0) Cache Directory being used: C:\PA8.49\appserv\EPORTAL\CACHE\PSSAMSRV_100\
PSSAMSRV.5632 (0) [11/10/08 20:23:32](0) Server started
PSDBGSRV.5360 (0) [11/10/08 20:23:36](0) PeopleTools Release 8.49 (WinX86) starting
PSDBGSRV.5360 (0) [11/10/08 20:23:36](0) Cache Directory being used: C:\PA8.49\appserv\EPORTAL\CACHE\PSDBGSRV_1\
PSDBGSRV.5360 (0) [11/10/08 20:23:36](0) Server started
PSADMIN.2052 (0) [11/10/08 20:23:38](0) End boot attempt on domain EPORTAL
PSAPPSRV.2356 (1) [11/10/08 20:25:02 GetCertificate](3) Returning context. ID=PTWEBSERVER, Lang=ENG, UStreamId=202502_2356.1, Token=PSFT_PA/2008-11-10-12.25.02.000187/PTWEBSERVER/ENG pwAAAAQDAgEBAAAAvAIAAAAAAAAsAAAABABTaGRyAk4Adwg4AC4AMQAwABQQsYcH3IQfKnnerJ5hIMFKc0iMlmcAAAAFAFNkYXRhW3icHYpLDkBAEAXLJ5aWbkGGELYkw04mCEvHcDmH83RXul6n8x4gTeIoUr4xNkXg4MIzscsbpznzrCzkQd9ZjZvASNvgxEBJLX47c0Ol7WRntzNqNXv4ABuyDPk=
PSAPPSRV.2356 (3) [11/10/08 20:25:03 GetCertificate](3) Returning context. ID=PTWEBSERVER, Lang=ENG, UStreamId=202503_2356.3, Token=PSFT_PA/2008-11-10-12.25.03.000141/PTWEBSERVER/ENG pwAAAAQDAgEBAAAAvAIAAAAAAAAsAAAABABTaGRyAk4Adwg4AC4AMQAwABToF9dLt4Qjr/+VEATVk6CVD4LgFmcAAAAFAFNkYXRhW3icHcpBDkAwEIXhX4mlpVuQohJbkrKTBmHpGC7ncJ7Oy/smmcwDZKlJEu3XEKcMHFx4Jna5cUZzz8pCEXSd9XETGHEtVhmoaJRfG22p1V5auuifBqfyARudDPA=
PSAPPSRV.2356 (5) [11/10/08 20:25:06 GetCertificate](3) Returning context. ID=PS, Lang=ENG, UStreamId=202506_2356.5, Token=PSFT_PA/2008-11-10-12.25.06.000609/PS/ENG mwAAAAQDAgEBAAAAvAIAAAAAAAAsAAAABABTaGRyAk4AZQg4AC4AMQAwABRQhF048bQ+Z5DECgIB3RE4d+MoGVsAAAAFAFNkYXRhT3icHYYxCoAwEAQnMVj6E8MZVLS0iHYS0N7KX/o4L7fDzu4LhMY7p/t5LKFw0WZODrr6d24eChtjQpSFnkGpFnMiaie1MJvFnrDCDwKACiI=
Campus Solution Application server log:
PSADMIN.8716 (0) [11/10/08 18:30:29](0) Begin boot attempt on domain HRCS9
PSWATCHSRV.8500 (0) [11/10/08 18:30:37] Checking process status every 120 seconds
PSWATCHSRV.8500 (0) [11/10/08 18:30:37] Server started
PSAPPSRV.8136 (0) [11/10/08 18:30:38](0) PeopleTools Release 8.49 (WinX86) starting
PSAPPSRV.8136 (0) [11/10/08 18:30:38](0) Cache Directory being used: C:\PT8.49\appserv\HRCS9\CACHE\PSAPPSRV_2\
PSAPPSRV.8136 (0) [11/10/08 18:30:38](3) (PublishSubscribe): PubSubSystem::InitializeServer(): Initialization succeeded.
PSAPPSRV.8136 (0) [11/10/08 18:30:38](0) Server started
PSAPPSRV.5584 (0) [11/10/08 18:30:39](0) PeopleTools Release 8.49 (WinX86) starting
PSAPPSRV.5584 (0) [11/10/08 18:30:39](0) Cache Directory being used: C:\PT8.49\appserv\HRCS9\CACHE\PSAPPSRV_1\
PSAPPSRV.5584 (0) [11/10/08 18:30:39](3) (PublishSubscribe): PubSubSystem::InitializeServer(): Initialization succeeded.
PSAPPSRV.5584 (0) [11/10/08 18:30:39](0) Server started
PSSAMSRV.7824 (0) [11/10/08 18:30:40](0) PeopleTools Release 8.49 (WinX86) starting
PSSAMSRV.7824 (0) [11/10/08 18:30:40](0) Cache Directory being used: C:\PT8.49\appserv\HRCS9\CACHE\PSSAMSRV_100\
PSSAMSRV.7824 (0) [11/10/08 18:30:40](0) Server started
PSDBGSRV.5264 (0) [11/10/08 18:30:43](0) PeopleTools Release 8.49 (WinX86) starting
PSDBGSRV.5264 (0) [11/10/08 18:30:43](0) Cache Directory being used: C:\PT8.49\appserv\HRCS9\CACHE\PSDBGSRV_1\
PSDBGSRV.5264 (0) [11/10/08 18:30:43](0) Server started
PSADMIN.8716 (0) [11/10/08 18:30:45](0) End boot attempt on domain HRCS9
PSAPPSRV.5584 (1) [11/10/08 18:31:39 GetCertificate](3) Error Setting Sign on PeopleCode context for User QEDMO@TRAVELPC7: Sign on PeopleCode was not executed
PSAPPSRV.5584 (1) [11/10/08 18:31:39 GetCertificate](3) PeopleSoft ID and Password authentication failed. Invalid user QEDMO@TRAVELPC7.
PSAPPSRV.5584 (1) [11/10/08 18:31:39 GetCertificate](1) (NET.502): QEDMO@TRAVELPC7 is an Invalid User ID, or you typed the wrong password. User ID and Password are required and case-sensitive. Make sure you're typing in the correct upper and lower case.
PSAPPSRV.5584 (1) [11/10/08 18:31:39 GetCertificate](1) (NET.346): Failed to execute GetCertificate request
PSAPPSRV.5584 (2) [11/10/08 18:35:45 GetCertificate](3) Error Setting Sign on PeopleCode context for User QEDMO@TRAVELPC7: Sign on PeopleCode was not executed
PSAPPSRV.5584 (2) [11/10/08 18:35:45 GetCertificate](3) PeopleSoft ID and Password authentication failed. Invalid user QEDMO@TRAVELPC7.
PSAPPSRV.5584 (2) [11/10/08 18:35:45 GetCertificate](1) (NET.502): QEDMO@TRAVELPC7 is an Invalid User ID, or you typed the wrong password. User ID and Password are required and case-sensitive. Make sure you're typing in the correct upper and lower case.
PSAPPSRV.5584 (2) [11/10/08 18:35:45 GetCertificate](1) (NET.346): Failed to execute GetCertificate request
PSAPPSRV.5584 (3) [11/10/08 18:35:47 GetCertificate](3) Returning context. ID=PS, Lang=ENG, UStreamId=183547_5584.3, Token=PSFT_HR/2008-11-10-10.35.47.000234/PS/ENG nAAAAAQDAgEBAAAAvAIAAAAAAAAsAAAABABTaGRyAk4AZQg4AC4AMQAwABRxo0+U3IHEtF9OLFkSVGTDW+/Im1wAAAAFAFNkYXRhUHicLYhLDkBAEETfjImlm5A2WriAz0oEeyu3dDg9E/WSV5V6gFB456xfT07YOSknNhaqtGcublYONCLGSE1rJMvvho7erAxmyUT7FD4EiAop
PSAPPSRV.5584 (8) [11/10/08 18:35:49 GetCertificate](3) Returning context. ID=PS, Lang=ENG, UStreamId=183549_5584.8, Token=PSFT_HR/2008-11-10-10.35.49.000671/PS/ENG nQAAAAQDAgEBAAAAvAIAAAAAAAAsAAAABABTaGRyAk4AZQg4AC4AMQAwABR0fEtz3pni7zhAyAK80s6LQnHBvV0AAAAFAFNkYXRhUXicLYlNDkAwGERfq7F0E/KhigP4WYlgb+WWDudrY17yZpJ5AJdZY7RfS4rbOcknNhaKuGcublYOfIMoAyW1Ei2/K1o6tWdUSyLQ68cHBNEKMA==
PSAPPSRV.5584 (20) [11/10/08 18:36:06 GetCertificate](3) Error Setting Sign on PeopleCode context for User QEDMO@TRAVELPC7: Sign on PeopleCode was not executed
PSAPPSRV.5584 (20) [11/10/08 18:36:06 GetCertificate](3) PeopleSoft ID and Password authentication failed. Invalid user QEDMO@TRAVELPC7.
PSAPPSRV.5584 (20) [11/10/08 18:36:06 GetCertificate](1) (NET.502): QEDMO@TRAVELPC7 is an Invalid User ID, or you typed the wrong password. User ID and Password are required and case-sensitive. Make sure you're typing in the correct upper and lower case.
PSAPPSRV.5584 (20) [11/10/08 18:36:06 GetCertificate](1) (NET.346): Failed to execute GetCertificate request
PSAPPSRV.5584 (22) [11/10/08 18:36:12 GetCertificate](3) PeopleSoft ID and Password authentication failed. Invalid password for user PS@TRAVELPC7.
PSAPPSRV.5584 (22) [11/10/08 18:36:12 GetCertificate](1) (NET.502): PS@TRAVELPC7 is an Invalid User ID, or you typed the wrong password. User ID and Password are required and case-sensitive. Make sure you're typing in the correct upper and lower case.
PSAPPSRV.5584 (22) [11/10/08 18:36:12 GetCertificate](1) (NET.346): Failed to execute GetCertificate request
PSAPPSRV.5584 (24) [11/10/08 18:36:18 GetCertificate](3) Returning context. ID=PS, Lang=ENG, UStreamId=183618_5584.24, Token=PSFT_HR/2008-11-10-10.36.17.999828/PS/ENG nAAAAAQDAgEBAAAAvAIAAAAAAAAsAAAABABTaGRyAk4AZQg4AC4AMQAwABRGfL1yB177ZbI+Ypj9oXv+BvImz1wAAAAFAFNkYXRhUHicLYZNDkAwGERfq7F0E9IfoQ7gZyVC91Zu6XC+NuZl3swDmEorJftqSszBRT2zs9Lkv5C42TjpPVaItDgh2/7uCAxixyieChEv5QMFwApL
PSAPPSRV.5584 (31) [11/10/08 18:36:33 GetCertificate](3) Error Setting Sign on PeopleCode context for User QEDMO@TRAVELPC7: Sign on PeopleCode was not executed
PSAPPSRV.5584 (31) [11/10/08 18:36:33 GetCertificate](3) PeopleSoft ID and Password authentication failed. Invalid user QEDMO@TRAVELPC7.
PSAPPSRV.5584 (31) [11/10/08 18:36:33 GetCertificate](1) (NET.502): QEDMO@TRAVELPC7 is an Invalid User ID, or you typed the wrong password. User ID and Password are required and case-sensitive. Make sure you're typing in the correct upper and lower case.
PSAPPSRV.5584 (31) [11/10/08 18:36:33 GetCertificate](1) (NET.346): Failed to execute GetCertificate request
PSAPPSRV.5584 (39) [11/10/08 18:37:14 GetCertificate](3) Error Setting Sign on PeopleCode context for User QEDMO@SAJJAD: Sign on PeopleCode was not executed
PSAPPSRV.5584 (39) [11/10/08 18:37:14 GetCertificate](3) PeopleSoft ID and Password authentication failed. Invalid user QEDMO@SAJJAD.
PSAPPSRV.5584 (39) [11/10/08 18:37:14 GetCertificate](1) (NET.502): QEDMO@SAJJAD is an Invalid User ID, or you typed the wrong password. User ID and Password are required and case-sensitive. Make sure you're typing in the correct upper and lower case.
PSAPPSRV.5584 (39) [11/10/08 18:37:14 GetCertificate](1) (NET.346): Failed to execute GetCertificate request
PSAPPSRV.5584 (40) [11/10/08 18:39:25 GetCertificate](3) Returning context. ID=PS, Lang=ENG, UStreamId=183925_5584.40, Token=PSFT_HR/2008-11-10-10.39.24.999906/PS/ENG nAAAAAQDAgEBAAAAvAIAAAAAAAAsAAAABABTaGRyAk4AZQg4AC4AMQAwABQ3+W4XtDdyAym8UBAHH8NzifD5wVwAAAAFAFNkYXRhUHicLcZNDkAwEIbht9VYugkZ1Uh7AD8rEeyt3NLhTKXzJs83D+Aqa4zua/nP7ZzUExsLTf5nLm5WDoJHtEhLr2Wl2DGQVE9QU0kY4QMF3ApJ
PSAPPSRV.5584 (58) [11/10/08 18:40:12 GetCertificate](3) Error Setting Sign on PeopleCode context for User QEDMO@SAJJAD: Sign on PeopleCode was not executed
PSAPPSRV.5584 (58) [11/10/08 18:40:12 GetCertificate](3) PeopleSoft ID and Password authentication failed. Invalid user QEDMO@SAJJAD.
PSAPPSRV.5584 (58) [11/10/08 18:40:12 GetCertificate](1) (NET.502): QEDMO@SAJJAD is an Invalid User ID, or you typed the wrong password. User ID and Password are required and case-sensitive. Make sure you're typing in the correct upper and lower case.
PSAPPSRV.5584 (58) [11/10/08 18:40:12 GetCertificate](1) (NET.346): Failed to execute GetCertificate request
PSAPPSRV.5584 (59) [11/10/08 18:45:59 GetCertificate](3) Returning context. ID=PS, Lang=ENG, UStreamId=184559_5584.59, Token=PSFT_HR/2008-11-10-10.45.59.000140/PS/ENG nQAAAAQDAgEBAAAAvAIAAAAAAAAsAAAABABTaGRyAk4AZQg4AC4AMQAwABSaO0dC5ooPNpst4hSrWhY4sPryll0AAAAFAFNkYXRhUXicLYjLCYAwFAQnMeRoJ8qLJKAF+DmJqHdPdpnifAnuwOyyL+Aaa4x2ttS4gws/s7PSlr1w87BxEgdEGekISrH87okkdWJSSyXoJ/ABBMgKKQ==
PSAPPSRV.5584 (95) [11/10/08 18:48:17 GetCertificate](3) Error Setting Sign on PeopleCode context for User QEDMO@SAJJAD: Sign on PeopleCode was not executed
PSAPPSRV.5584 (95) [11/10/08 18:48:17 GetCertificate](3) PeopleSoft ID and Password authentication failed. Invalid user QEDMO@SAJJAD.
PSAPPSRV.5584 (95) [11/10/08 18:48:17 GetCertificate](1) (NET.502): QEDMO@SAJJAD is an Invalid User ID, or you typed the wrong password. User ID and Password are required and case-sensitive. Make sure you're typing in the correct upper and lower case.
PSAPPSRV.5584 (95) [11/10/08 18:48:17 GetCertificate](1) (NET.346): Failed to execute GetCertificate request
PSAPPSRV.5584 (96) [11/10/08 19:08:27 GetCertificate](3) Error Setting Sign on PeopleCode context for User QEDMO@SAJJAD: Sign on PeopleCode was not executed
PSAPPSRV.5584 (96) [11/10/08 19:08:27 GetCertificate](3) PeopleSoft ID and Password authentication failed. Invalid user QEDMO@SAJJAD.
PSAPPSRV.5584 (96) [11/10/08 19:08:27 GetCertificate](1) (NET.502): QEDMO@SAJJAD is an Invalid User ID, or you typed the wrong password. User ID and Password are required and case-sensitive. Make sure you're typing in the correct upper and lower case.
PSAPPSRV.5584 (96) [11/10/08 19:08:27 GetCertificate](1) (NET.346): Failed to execute GetCertificate request
please suggest me what to do to resolve it.Check your trusted nodes in both applications.
To do this go to PeopleTools->Security->Security Objects->Single Signon
Make sure PSFT_HR is in the list under "Trust Authentication Tokens issued by these Nodes" in Enterprise Portal and PSFT_PA is in the list in HR/Campus Solutions.
You could also check your authentication domain for both to make sure it is the same.
This is set in PeopleTools->Web Profile->Web Profile Configuration under the General tab. -
Portal User details and credentials for a J2EE application?
Hi,
I am trying to access a J2EE application which is deployed in SAP Web Application Server. I want to maintain the security of this application depending the portal user. So I want to get the user id of the portal login to my J2EE application. For Example:
A user with id "super" is logging into portal I want the userid "super" in my J2EE application how to get the userid to my J2EE application's servlet. Is this possible? If possible please tell how I can acheive it?
Can I do it by creating HTTP System? If possible can u tell me where can I set the URL?
Thanks,
Ashok.hi,
Certainly you can get the user id of the portal login in your J2EE application by using UME api's
IUserFactory userFact = UMFactory.getUserFactory();
getUserFactory().getUser(String uniqueID)
getUserFactory().getUserByLogonID(String logonID)
Also have a look at this
http://help.sap.com/saphelp_nw04/helpdata/en/15/abdc3ed98f7650e10000000a114084/frameset.htm
Instead of url iview, it would be better to use AppIntegrator
Also have a look at this
https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.docs/library/events/webinars/using the user management api with ep applications.pdf
Hope it helps...
Regards,
Ganesh N
Hope it helps... -
What is the best way to SSO custom Tomcat J2EE, Sharepoint and Portal?
We are implementing EP7.0 and I believe we can use logon tickets and SAPSECULIB to integrate all our infrastructure which is Sharepoint (Runs on IIS), our custom J2EE applications (run on Apache webserver and Tomcat).
Is using of logon tickets and SAPSECULIB the recommended way to accomplish SSO or is there a better way?
Thanks in advanceHi Victoria,
I would put the html file that you generated on the file system
let say the Apache/Apache/htdocs
Then I'd put an HTML portlet on the page and show the HTML file using an iframe
<iframe src="name of your file"
height="600"
width="800"
frameborder="0"
scrolling="no"
</iframe>Hope this helps.
Cheers
Diego -
How to use the Portal Connection Service in a standard J2EE application
Hi,
We want to use portal connection service to connection backgend system from a standard j2ee application.
But the connection need a connectionProperties object which is created in this way:
ConnectionProperties connectionProperties =
new ConnectionProperties(
request.getLocale(),
request.getUser());
Because the "request" object is IPortalComponentRequest object, which is a portal object. In our standard application, we can use this way.
So how?
Thanks and Best Regards,
Xiaoming YangDoes anybody has any idea? Many thanks and points will definitely be awarded.
Best Regards,
Xiaoming -
Integrating WebSphere/J2EE applications in portal
Greetings!
I need to integrate Websphere/J2EE applications in <b>NW04s</b> Portal. How can we acheive this.
I have heard about AppIntegrator iViews can be used for this purpose, but can anyone help me on how to configure one on <b>NW04s</b>? Are there any good documents that can help?
Thanks for your help!
Regards
KVHi KV,
Here is the documentation for the AppIntegrator iview:
http://help.sap.com/bp_epv260/EP_JA/documentation/How-to_Guides/25_HowToUseAppIntegrator_en.pdf
And two blogs covering this topic:
Step-By-Step Guide to implement Application Integrator
Integrating your Web Front-ends into the SAP Enterprise Portal using the Application Integrator
Regards,
Johan -
Performance of J2ee Application running in Portal Server
Hi,
We have developed the J2ee Application using JSPDynPage and the performance of this Application is going down day by day.
It is taking arround 30 sec to load the page.Sometimes I am getting iView Timed out error if the Load is Very high.
This is all happening in Production server.Can any one please help me to increase the Performance of the Portal.
Thanks in Advance
Ajay> Thanks for the response.
>
> There is no problem in the application as i know the
> code in this application is perfectly fine.
>
> There will be huge load on monday that too between
> 9-11 AM as too many people will be doing the the
> Database transactions at that point of time (adding
> the data in to the DB extracting huge amount of data
> from DB) the CPU usage in the porduction server will
> reach 90 % to 99 % and it will never come down
> ...this will again come to the normal situation when
> we restart the portal database.
>
> But every monday i cannot restart the server as this
> is in production.
>
> Can anyone please give some tips to increase the
> performance of the portal.
Have you checked your Garbage Collector log file ?
I posted some hints about how to do that in the thread "Server Performance Issue" in this forum.
I could be that you are running out of memory after the heavy load and then everything will be slow afterwards, because full GC's might be triggered frequently.
Regards,
Markus
>
> Thanks
> Ajay -
Can i call portal service from a j2ee application?
Hi Experts,
Can i call portal service from a j2ee application?
If yes then how?
If no then is there any other way to achieve the same?
I m reffering this link:
http://help.sap.com/saphelp_nw2004s/helpdata/en/42/9ddd0cbb211d72e10000000a1553f6/content.htm
but not getting any help
Please help me out.Hi,
Can you check this link?
http://help.sap.com/saphelp_nw04s/helpdata/en/82/6a0e7bbe744276bf393654b9b576ed/content.htm
Regards
Srinivasan T -
SSO Enabling a custom application with OAM
Hi All !
Am a bit stuck on a problem and need some urgent help. Actually we are trying to launch some custom-built (J2EE/.NET) web applications from the Oracle Portal with SSO i.e. once the user logs into the portal he would not have to log-in again to the applications which would be launched from the portal home page.
We have successfully integrated the Oracle Portal with the OAM SSO, but facing some problems with SSO enabling the custom applications. Any help on what should be the ideal integration architecture and approach for SSO enabling the apps with minimum amount of modification of the application code.
The licenses are available for OID, OVD, OAM.
Thanks in advance. Any views/comments/links to useful material appreciated.
Cheers
SoumakIf your custom application uses its own database for Authentication, then you have to modify the login process for your application. i.e. you have to trust the OAM to have done the authentication and then create any custom cookie that your application might use in its landing page.
I am assuming that your custom application have some way of tracking if the user has logged in or not. You can protect the Custom application URL within OAM and once the user has logged in you can then generate your custom application cookie.
Even if you use OVD, you stil have to modify login process in your custom appliation to trust the third party to have done the authentication.
Thanks
Ram -
Dear gurus:
I have problems with the SSO configuration for Portal. I have executed the Diagtool from Note 957666 - Diagtool for Troubleshooting Security Configuration and this is the result:
<!LOGHEADER[START]/>
<!HELP[Manual modification of the header may cause parsing problem!]/>
<!LOGGINGVERSION[1.5.3.7185 - 630]/>
<!NAME[output\diagtool_080520_211200.log]/>
<!PATTERN[diagtool_080520_211200.log]/>
<!FORMATTER[com.sap.tc.logging.TraceFormatter([%s] %26d %m)]/>
<!ENCODING[UTF8]/>
<!LOGHEADER[END]/>
[Info] May 20, 2008 9:12:07 PM TXT*********************************************************************
[Info] May 20, 2008 9:12:07 PM diagtool version: 1.7.5
[Info] May 20, 2008 9:12:07 PM configiration file: J:\diagtool\conf\sso2.conf
[Info] May 20, 2008 9:12:07 PM configtool path: J:\usr\sap\EPI\JC01\j2ee\configtool\
[Info] May 20, 2008 9:12:07 PM
[Info] May 20, 2008 9:12:07 PM system name: EPI
[Info] May 20, 2008 9:12:07 PM system version: 7.00
[Info] May 20, 2008 9:12:07 PM SP number: 12
[Info] May 20, 2008 9:12:07 PM
[Info] May 20, 2008 9:12:07 PM Canonical Host Name: SAPIA64BW.gonvarri.com
[Info] May 20, 2008 9:12:07 PM Host: SAPIA64BW
[Info] May 20, 2008 9:12:07 PM IP: 10.20.1.91
[Info] May 20, 2008 9:12:07 PM
[Info] May 20, 2008 9:12:07 PM jdk vendor: Sun Microsystems Inc.
[Info] May 20, 2008 9:12:07 PM jdk version: 1.4.2_15
[Info] May 20, 2008 9:12:07 PM TXT*********************************************************************
[Error] May 20, 2008 9:12:09 PM JmxConnectionFactory.getMBeanServerConnection(...) failed for: com.sap.engine.services.jmx.exception.JmxConnectorException: Unable to connect to connector server. properties:{java.naming.provider.url=SAPIA64BW:50304, java.naming.factory.initial=com.sap.engine.services.jndi.InitialContextFactoryImpl, java.naming.security.principal=Administrator, java.naming.security.credentials=gonvarri1}
[Error] May 20, 2008 9:12:09 PM Log Viewer Client was not initialized.
[Error] May 20, 2008 9:12:10 PM JmxConnectionFactory.getMBeanServerConnection failed(...) for: com.sap.engine.services.jmx.exception.JmxConnectorException: Unable to connect to connector server. properties:{java.naming.provider.url=SAPIA64BW:50304, java.naming.factory.initial=com.sap.engine.services.jndi.InitialContextFactoryImpl, java.naming.security.principal=Administrator, java.naming.security.credentials=gonvarri1}
[Error] May 20, 2008 9:12:10 PM LC client was not initialized
[Info] May 20, 2008 9:12:10 PM TXT
com.sap.engine.config.diagtool.tests.util.PropertiesDump
[Info] May 20, 2008 9:12:10 PM (EvaluateAssertionTicketLoginModule) com.sap.security.core.server.jaas.EvaluateAssertionTicketLoginModule
[Info] May 20, 2008 9:12:10 PM (EvaluateTicketLoginModule) com.sap.security.core.server.jaas.EvaluateTicketLoginModule
[Info] May 20, 2008 9:12:10 PM TicketKeystore (3 entries)
entry #1 (SAPLogonTicketKeypair-cert)
===========
CERTIFICATE entry:
Creation date : Tue May 20 20:44:00 CEST 2008 (20 May 2008 18:44:00 GMT)
Version : ver.3 X.509
Algorithm : DSA
Key Size : 1024 bits
Subject name : CN=EPI,OU=I0020275421,O=SAP Trust Community,C=DE
Issuer name : CN=EPI,OU=I0020275421,O=SAP Trust Community,C=DE
Serial number : 60679227
Signature Algorithm : dsaWithSHA (1.2.840.10040.4.3)
Validity:
not before : Tue May 20 20:42:00 CEST 2008 (20 May 2008 18:42:00 GMT)
not after : Wed May 20 20:42:00 CEST 2009 (20 May 2009 18:42:00 GMT)
Public key fingerprint : 97:56:3E:4F:D2:7E:71:97:5A:4B:BE:CD:47:90:00:18
Certificate fingerprint(MD5): 88:FE:7F:24:F7:64:2A:CC:D7:BE:16:70:74:73:96:27
Certificate extensions :
[critical]
[non critical]
SubjectKeyIdentifier: A3:2F:12:D4:B9:4C:33:00:A7:CB:22:F2:56:0A:3C:53:EE:57:13:F3
entry #2 (SAPLogonTicketKeypair)
===========
PRIVATE KEY entry
Creation date : Tue May 20 20:44:00 CEST 2008 (20 May 2008 18:44:00 GMT)
Version: : PKCS#8 DSA
Key Size : 1024 bits
CertificationChain has 1 certificate(s)
certificate #0 -
Version : ver.3 X.509
Algorithm : DSA
Key Size : 1024 bits
Subject name : CN=EPI,OU=I0020275421,O=SAP Trust Community,C=DE
Issuer name : CN=EPI,OU=I0020275421,O=SAP Trust Community,C=DE
Serial number : 60679227
Signature Algorithm : dsaWithSHA (1.2.840.10040.4.3)
Validity:
not before : Tue May 20 20:42:00 CEST 2008 (20 May 2008 18:42:00 GMT)
not after : Wed May 20 20:42:00 CEST 2009 (20 May 2009 18:42:00 GMT)
Public key fingerprint : 97:56:3E:4F:D2:7E:71:97:5A:4B:BE:CD:47:90:00:18
Certificate fingerprint(MD5): 88:FE:7F:24:F7:64:2A:CC:D7:BE:16:70:74:73:96:27
Certificate extensions :
[critical]
[non critical]
SubjectKeyIdentifier: A3:2F:12:D4:B9:4C:33:00:A7:CB:22:F2:56:0A:3C:53:EE:57:13:F3
entry #3 (BW_BWI_certificate)
===========
CERTIFICATE entry:
Creation date : Tue May 20 20:44:04 CEST 2008 (20 May 2008 18:44:04 GMT)
Version : ver.1 X.509
Algorithm : DSA
Key Size : 1024 bits
Subject name : CN=BWI,OU=I0020275421,OU=SAP Web AS,O=SAP Trust Community,C=DE
Issuer name : CN=BWI,OU=I0020275421,OU=SAP Web AS,O=SAP Trust Community,C=DE
Serial number : 0
Signature Algorithm : dsaWithSHA (1.2.840.10040.4.3)
Validity:
not before : Mon May 19 20:39:21 CEST 2008 (19 May 2008 18:39:21 GMT)
not after : Fri Jan 01 01:00:01 CET 2038 (1 Jan 2038 00:00:01 GMT)
Public key fingerprint : 96:9B:1F:02:D1:18:BC:25:61:16:BB:8D:AA:13:EA:68
Certificate fingerprint(MD5): 47:5D:87:50:89:F5:DD:72:A4:A3:B2:BA:FA:6A:B4:09
Certificate extensions :
NONE
[Info] May 20, 2008 9:12:10 PM <?xml version="1.0" encoding="UTF-8"?>
<!-- Configuration File for Authentication Schemes -->
<!-- $Id: //shared_tc/com.sapall.security/630_SP_COR/src/_deploy/dist/configuration/shared/authschemes.xml#4 $ from $DateTime: 2004/01/20 17:27:21 $ ($Change: 14181 $) -->
<document>
<authschemes>
<!-- authschemes, the name of the node is used -->
<authscheme name="uidpwdlogon">
<!-- multiple login modules can be defined -->
<authentication-template>
ticket
</authentication-template>
<priority>20</priority>
<!-- the frontendtype TARGET_FORWARD = 0, TARGET_REDIRECT = 1, TARGET_JAVAIVIEW = 2 -->
<frontendtype>2</frontendtype>
<!-- target object -->
<frontendtarget>com.sap.portal.runtime.logon.certlogon</frontendtarget>
</authscheme>
<authscheme name="certlogon">
<authentication-template>
client_cert
</authentication-template>
<priority>21</priority>
<frontendtype>2</frontendtype>
<frontendtarget>com.sap.portal.runtime.logon.certlogon</frontendtarget>
</authscheme>
<authscheme name="basicauthentication">
<authentication-template>
ticket
</authentication-template>
<priority>20</priority>
<frontendtype>2</frontendtype>
<frontendtarget>com.sap.portal.runtime.logon.basicauthentication</frontendtarget>
</authscheme>
<authscheme name="header">
<authentication-template>
header
</authentication-template>
<priority>5</priority>
<frontendtype>2</frontendtype>
<frontendtarget>com.sap.portal.runtime.logon.header</frontendtarget>
</authscheme>
<!-- Reserved 'anonymous' authscheme added for being in the list of authschemes -->
<authscheme name="anonymous">
<priority>-1</priority>
</authscheme>
</authschemes>
<!-- References for Authentication Schemes, this section must be after authschemes -->
<authscheme-refs>
<authscheme-ref name="default">
<authscheme>uidpwdlogon</authscheme>
</authscheme-ref>
<authscheme-ref name="UserAdminScheme">
<authscheme>uidpwdlogon</authscheme>
</authscheme-ref>
</authscheme-refs>
</document>
[Info] May 20, 2008 9:12:10 PM <?xml version="1.0" encoding="UTF-8"?>
<!-- $Id: //shared_tc/com.sapall.security/630_SP_COR/src/_deploy/dist/configuration/shared/dataSourceConfiguration_database_only.xml#2 $ from $DateTime: 2004/07/01 09:31:21 $ ($Change: 16627 $) -->
<!DOCTYPE dataSources SYSTEM "dataSourceConfiguration.dtd">
<dataSources>
<dataSource id="PRIVATE_DATASOURCE"
className="com.sap.security.core.persistence.datasource.imp.DataBasePersistence"
isReadonly="false"
isPrimary="true">
<homeFor>
<principals>
<principal type="group"/>
<principal type="user"/>
<principal type="account"/>
<principal type="team"/>
<principal type="ROOT" />
<principal type="OOOO" />
</principals>
</homeFor>
<notHomeFor/>
<responsibleFor>
<principals>
<principal type="group"/>
<principal type="user"/>
<principal type="account"/>
<principal type="team"/>
<principal type="ROOT" />
<principal type="OOOO" />
</principals>
</responsibleFor>
<privateSection/>
</dataSource>
</dataSources>
[Info] May 20, 2008 9:12:10 PM com.sap.security.core.umap.key = ******
login.authschemes.definition.file = authschemes.xml
login.serviceuser.lifetime = 100
login.ticket_client = 000
login.ticket_keyalias = SAPLogonTicketKeypair
login.ticket_keystore = TicketKeystore
login.ticket_lifetime = 8
login.ticket_portalid = auto
ume.acl.validate_cached_acls = false
ume.admin.account_privacy = true
ume.admin.addattrs =
ume.admin.allow_selfmanagement = false
ume.admin.auto_password = true
ume.admin.create.redirect =
ume.admin.debug_internal = false
ume.admin.display.redirect =
ume.admin.modify.redirect =
ume.admin.nocache = false
ume.admin.orgunit.adapterid =
ume.admin.password.migration = false
ume.admin.phone_check = true
ume.admin.public.addattrs =
ume.admin.search_maxhits = 1000
ume.admin.search_maxhits_warninglevel = 200
ume.admin.self.addattrs =
ume.admin.self.addressactive = false
ume.admin.self.generate_password = false
ume.admin.self.privacystatement.link =
ume.admin.self.privacystatement.version = 1
ume.admin.selfreg_company = false
ume.admin.selfreg_guest = true
ume.admin.selfreg_sus = false
ume.admin.selfreg_sus.adapterid = SUS
ume.admin.selfreg_sus.adminrole =
ume.admin.selfreg_sus.deletecall = true
ume.admin.wd.components.umeadminapp = {sap.com/tcsecumewdkit;com.sap.security.core.wd.maintainuser.MaintainUserComp},{sap.com/tcsecumewdkit;com.sap.security.core.wd.maintainrole.MaintainRoleComp},{sap.com/tcsecumewdkit;com.sap.security.core.wd.maintaingroup.MaintainGroupComp}
ume.admin.wd.locales =
ume.admin.wd.table.size.large = 20
ume.admin.wd.table.size.medium = 10
ume.admin.wd.table.size.small = 5
ume.admin.wd.tenant.identifier.all = - All -
ume.admin.wd.tenant.identifier.none = - None -
ume.admin.wd.url.help = http://help.sap.com/saphelp_nw04s/helpdata/en/5b/5d2706ebc04e4d98036f2e1dcfd47d/frameset.htm
ume.admin.wdactive = true
ume.allow_nested_groups = true
ume.cache.acl.default_caching_time = 1800
ume.cache.acl.initial_cache_size = 10000
ume.cache.acl.permissions.default_caching_time = 3600
ume.cache.acl.permissions.initial_cache_size = 100
ume.cache.default_cache = distributableCache
ume.cache.group.default_caching_time = 3600
ume.cache.group.initial_cache_size = 500
ume.cache.notification_time = 0
ume.cache.principal.default_caching_time = 3600
ume.cache.principal.initial_cache_size = 500
ume.cache.role.default_caching_time = 3600
ume.cache.role.initial_cache_size = 500
ume.cache.user.default_caching_time = 3600
ume.cache.user.initial_cache_size = 500
ume.cache.user_account.default_caching_time = 3600
ume.cache.user_account.initial_cache_size = 500
ume.company_groups.description_template = Company
ume.company_groups.displayname_template = ()
ume.company_groups.enabled = false
ume.company_groups.guestusercompany_enabled = true
ume.company_groups.guestusercompany_name = Guest Users
ume.db.connection_pool.j2ee.is_unicode = false
ume.db.connection_pool_type = SAP/BC_UME
ume.db.or_search.max_arguments = 50
ume.db.parent_search.max_arguments = 300
ume.db.use_default_transaction_isolation = false
ume.ldap.access.action_retrial = 2
ume.ldap.access.additional_password.1 = ******
ume.ldap.access.additional_password.2 = ******
ume.ldap.access.additional_password.3 = ******
ume.ldap.access.additional_password.4 = ******
ume.ldap.access.additional_password.5 = ******
ume.ldap.access.auxiliary_naming_attribute.grup =
ume.ldap.access.auxiliary_naming_attribute.uacc =
ume.ldap.access.auxiliary_naming_attribute.user =
ume.ldap.access.auxiliary_objectclass.grup =
ume.ldap.access.auxiliary_objectclass.uacc =
ume.ldap.access.auxiliary_objectclass.user =
ume.ldap.access.base_path.grup =
ume.ldap.access.base_path.uacc =
ume.ldap.access.base_path.user =
ume.ldap.access.context_factory = com.sun.jndi.ldap.LdapCtxFactory
ume.ldap.access.creation_path.grup =
ume.ldap.access.creation_path.uacc =
ume.ldap.access.creation_path.user =
ume.ldap.access.dynamic_group_attribute =
ume.ldap.access.dynamic_groups = false
ume.ldap.access.flat_group_hierachy = true
ume.ldap.access.kerberos_data_url =
ume.ldap.access.msads.control_attribute = userAccountControl
ume.ldap.access.msads.control_value = 512
ume.ldap.access.msads.grouptype.attribute = grouptype
ume.ldap.access.msads.grouptype.value = 4
ume.ldap.access.multidomain.enabled = false
ume.ldap.access.naming_attribute.grup =
ume.ldap.access.naming_attribute.uacc =
ume.ldap.access.naming_attribute.user =
ume.ldap.access.objectclass.grup =
ume.ldap.access.objectclass.uacc =
ume.ldap.access.objectclass.user =
ume.ldap.access.password = ******
ume.ldap.access.server_name =
ume.ldap.access.server_port =
ume.ldap.access.server_type =
ume.ldap.access.size_limit = 0
ume.ldap.access.ssl = false
ume.ldap.access.ssl_socket_factory = com.sap.security.core.server.https.SecureConnectionFactory
ume.ldap.access.time_limit = 0
ume.ldap.access.user =
ume.ldap.access.user_as_account = true
ume.ldap.blocked_accounts = Administrator,Guest
ume.ldap.blocked_groups = Administrators,Guests
ume.ldap.blocked_users = Administrator,Guest
ume.ldap.cache_lifetime = 300
ume.ldap.cache_size = 100
ume.ldap.connection_pool.connect_timeout = 25000
ume.ldap.connection_pool.max_connection_usage_time_check_interval = 120000
ume.ldap.connection_pool.max_idle_connections = 5
ume.ldap.connection_pool.max_idle_time = 300000
ume.ldap.connection_pool.max_size = 10
ume.ldap.connection_pool.max_wait_time = 60000
ume.ldap.connection_pool.min_size = 1
ume.ldap.connection_pool.monitor_level = 0
ume.ldap.connection_pool.retrial = 2
ume.ldap.connection_pool.retrial_interval = 10000
ume.ldap.default_group_member = cn=DUMMY_MEMBER_FOR_UME
ume.ldap.default_group_member.enabled = false
ume.ldap.record_access = FALSE
ume.ldap.unique_grup_attribute =
ume.ldap.unique_uacc_attribute =
ume.ldap.unique_user_attribute =
ume.locking.enabled = true
ume.locking.max_wait_time = 30
ume.login.basicauthentication = 1
ume.login.context = ticket
ume.login.context.default = ticket
ume.login.guest_user.uniqueids = Guest
ume.login.mdc.hosts =
ume.logoff.redirect.silent = false
ume.logoff.redirect.url =
ume.logon.allow_cert = false
ume.logon.branding_image = layout/branding-image.jpg
ume.logon.branding_style = css/ur/ur_.css
ume.logon.branding_text = layout/branding-text.gif
ume.logon.force_password_change_on_sso = true
ume.logon.httponlycookie = true
ume.logon.locale = false
ume.logon.logon_help = false
ume.logon.logon_help.name_required = false
ume.logon.logon_help.securityquestion = false
ume.logon.r3master.adapterid = master
ume.logon.security.enforce_secure_cookie = false
ume.logon.security.local_redirect_only = true
ume.logon.security.relax_domain.level = 1
ume.logon.security_policy.auto_unlock_time = 60
ume.logon.security_policy.cert_logon_required = false
ume.logon.security_policy.enforce_policy_at_logon = false
ume.logon.security_policy.lock_after_invalid_attempts = 6
ume.logon.security_policy.log_client_hostaddress = true
ume.logon.security_policy.log_client_hostname = false
ume.logon.security_policy.oldpass_in_newpass_allowed = false
ume.logon.security_policy.password_alpha_numeric_required = 1
ume.logon.security_policy.password_change_allowed = true
ume.logon.security_policy.password_change_required = TRUE
ume.logon.security_policy.password_expire_days = 90
ume.logon.security_policy.password_history = 0
ume.logon.security_policy.password_impermissible =
ume.logon.security_policy.password_last_change_date_default = 12/31/9999
ume.logon.security_policy.password_max_idle_time = 0
ume.logon.security_policy.password_max_length = 14
ume.logon.security_policy.password_min_length = 5
ume.logon.security_policy.password_mix_case_required = 0
ume.logon.security_policy.password_special_char_required = 0
ume.logon.security_policy.password_successful_check_date_default = 12/31/9999
ume.logon.security_policy.userid_digits = 0
ume.logon.security_policy.userid_in_password_allowed = false
ume.logon.security_policy.userid_lowercase = 0
ume.logon.security_policy.userid_special_char_required = 0
ume.logon.security_policy.useridmaxlength = 20
ume.logon.security_policy.useridminlength = 1
ume.logon.selfreg = false
ume.logonAuthenticationFactory = com.sap.security.core.logon.imp.SAPJ2EEAuthenticator
ume.multi_tenancy.automatic_logonid_prefixing = true
ume.multi_tenancy_support_enabled = false
ume.notification.admin_email =
ume.notification.create_approval = true
ume.notification.create_by_batch_performed = true
ume.notification.create_denied = true
ume.notification.create_performed = true
ume.notification.create_request = true
ume.notification.delete_performed = true
ume.notification.email_asynch = true
ume.notification.lock_performed = true
ume.notification.mail_host =
ume.notification.pswd_reset_performed = true
ume.notification.pswd_reset_request = true
ume.notification.selfreg_performed = true
ume.notification.system_email =
ume.notification.unlock_performed = true
ume.notification.update_by_batch_performed = true
ume.notification.workflow_email =
ume.persistence.batch.page_size = 25
ume.persistence.data_source_configuration = dataSourceConfiguration_database_only.xml
ume.persistence.pcd_roles_data_source_configuration = dataSourceConfiguration_PCDRoles.xml
ume.persistence.ume_roles_data_source_configuration = dataSourceConfiguration_UMERoles.xml
ume.principal.simple_search.attributes.account = j_user
ume.principal.simple_search.attributes.action = uniquename
ume.principal.simple_search.attributes.group = uniquename
ume.principal.simple_search.attributes.role = uniquename
ume.principal.simple_search.attributes.user = uniquename,firstname,lastname
ume.r3.connection.001.TimeZoneMapping =
ume.r3.connection.001.ashost =
ume.r3.connection.001.client =
ume.r3.connection.001.group =
ume.r3.connection.001.gwhost =
ume.r3.connection.001.gwserv =
ume.r3.connection.001.lang =
ume.r3.connection.001.msghost =
ume.r3.connection.001.passwd = ******
ume.r3.connection.001.poolmaxsize = 10
ume.r3.connection.001.poolmaxwait =
ume.r3.connection.001.r3name =
ume.r3.connection.001.receiverid = 001
ume.r3.connection.001.receiverid_guest = 001
ume.r3.connection.001.snc_lib =
ume.r3.connection.001.snc_mode =
ume.r3.connection.001.snc_myname =
ume.r3.connection.001.snc_partnername =
ume.r3.connection.001.snc_qop =
ume.r3.connection.001.sysnr =
ume.r3.connection.001.user =
ume.r3.connection.001.userole = false
ume.r3.connection.002.TimeZoneMapping =
ume.r3.connection.002.ashost =
ume.r3.connection.002.client =
ume.r3.connection.002.group =
ume.r3.connection.002.gwhost =
ume.r3.connection.002.gwserv =
ume.r3.connection.002.lang =
ume.r3.connection.002.msghost =
ume.r3.connection.002.passwd = ******
ume.r3.connection.002.poolmaxsize = 10
ume.r3.connection.002.poolmaxwait =
ume.r3.connection.002.r3name =
ume.r3.connection.002.receiverid = 002
ume.r3.connection.002.receiverid_guest = 002
ume.r3.connection.002.snc_lib =
ume.r3.connection.002.snc_mode =
ume.r3.connection.002.snc_myname =
ume.r3.connection.002.snc_partnername =
ume.r3.connection.002.snc_qop =
ume.r3.connection.002.sysnr =
ume.r3.connection.002.user =
ume.r3.connection.002.userole = false
ume.r3.connection.003.TimeZoneMapping =
ume.r3.connection.003.ashost =
ume.r3.connection.003.client =
ume.r3.connection.003.group =
ume.r3.connection.003.gwhost =
ume.r3.connection.003.gwserv =
ume.r3.connection.003.lang =
ume.r3.connection.003.msghost =
ume.r3.connection.003.passwd = ******
ume.r3.connection.003.poolmaxsize = 10
ume.r3.connection.003.poolmaxwait =
ume.r3.connection.003.r3name =
ume.r3.connection.003.receiverid = 003
ume.r3.connection.003.receiverid_guest = 003
ume.r3.connection.003.snc_lib =
ume.r3.connection.003.snc_mode =
ume.r3.connection.003.snc_myname =
ume.r3.connection.003.snc_partnername =
ume.r3.connection.003.snc_qop =
ume.r3.connection.003.sysnr =
ume.r3.connection.003.user =
ume.r3.connection.003.userole = false
ume.r3.connection.master.TimeZoneMapping =
ume.r3.connection.master.abap_debug =
ume.r3.connection.master.ashost =
ume.r3.connection.master.client =
ume.r3.connection.master.group =
ume.r3.connection.master.gwhost =
ume.r3.connection.master.gwserv =
ume.r3.connection.master.lang = EN
ume.r3.connection.master.msghost =
ume.r3.connection.master.msserv =
ume.r3.connection.master.passwd = ******
ume.r3.connection.master.poolmaxsize = 10
ume.r3.connection.master.poolmaxwait =
ume.r3.connection.master.r3name =
ume.r3.connection.master.receiverid = master
ume.r3.connection.master.receiverid_guest = master
ume.r3.connection.master.snc_lib =
ume.r3.connection.master.snc_mode =
ume.r3.connection.master.snc_myname =
ume.r3.connection.master.snc_partnername =
ume.r3.connection.master.snc_qop =
ume.r3.connection.master.sysnr =
ume.r3.connection.master.trace =
ume.r3.connection.master.user =
ume.r3.connection.tpd.adapterid = value of ume.r3.connection.tpd.systemid
ume.r3.connection.tpd.systemid = SUS
ume.r3.mastersystem = BWICLNT300
ume.r3.mastersystem.uid.mode = 1
ume.r3.orgunit.adapterid =
ume.r3.sync.sender = SAPMUM
ume.r3.use.role = false
ume.replication.adapters.001.companies =
ume.replication.adapters.001.scope =
ume.replication.adapters.002.companies =
ume.replication.adapters.002.scope =
ume.replication.adapters.003.companies =
ume.replication.adapters.003.scope =
ume.replication.adapters.index_1 =
ume.replication.adapters.index_2 =
ume.replication.adapters.index_3 =
ume.replication.adapters.master.companies =
ume.replication.adapters.master.scope =
ume.replication.crm_sup_register_check = BBP_SUS_BUPA_REGID_CHECK
ume.replication.messaging.active = false
ume.replication.sync.display_all_doc = false
ume.roles.pcd_roles_with_actions =
ume.roles.xml_files = *role.xml
ume.secaudit.get_object_name = false
ume.secaudit.log_actor = true
ume.spml.schema_name = schema.xml
ume.superadmin.activated = false
ume.superadmin.password = ******
ume.supergroups.anonymous_group.description = Built-in Group Anonymous Users
ume.supergroups.anonymous_group.displayname = Anonymous Users
ume.supergroups.anonymous_group.uniquename = Anonymous Users
ume.supergroups.authenticated_group.description = Built-in Group Authenticated Users
ume.supergroups.authenticated_group.displayname = Authenticated Users
ume.supergroups.authenticated_group.uniquename = Authenticated Users
ume.supergroups.everyone.description = Built-in Group Everyone
ume.supergroups.everyone.displayname = Everyone
ume.supergroups.everyone.uniquename = Everyone
ume.testum = false
ume.tpd.classloader =
ume.tpd.companies = 0
ume.tpd.imp.class = com.sap.security.core.tpd.SimpleTPD
ume.tpd.prefix = STPD_
ume.trace.external_trace_class = com.sap.security.core.util.imp.UMTrace_630
ume.usermapping.admin.pwdprotection = true
ume.usermapping.key.protection = TRUE
ume.usermapping.refsys.mapping.type = internal
ume.usermapping.unsecure = false
ume.users.displayname_template = ,
ume.users.email_pattern = ?@?.?*
ume.virtual_groups.description_template = Virtual group
ume.virtual_groups.displayname_template =
ume.virtual_groups.group_names_separator = ;
ume.virtual_groups.name_prefix =
ume.virtual_groups.names =
ume.virtual_groups.trim_group_names = true
ume.virtual_groups.user_attribute =
ume.virtual_groups.user_attribute.multivalue = true
ume.virtual_groups.user_attribute.namespace =
[Info] May 20, 2008 9:12:10 PM TXT
com.sap.engine.config.diagtool.tests.authentication.sso2.SSOTicketIssuerConfigTest
This test verifies the Single Sign-On (SSO) configuration on J2EE Engine.
It checks the prerequisites for issuing SSO logon tickets:
validity of the ticket client
the client is a three-digit string, e.g. 071
validity of the ticket signing private key/certificate
the ticket signing PK location, defined in UME properties,
must be a keypair and the acceptable algorithm is DSA.
[Info] May 20, 2008 9:12:10 PM client string OK
[Info] May 20, 2008 9:12:10 PM keystore view name found in UME: [TicketKeystore]
[Info] May 20, 2008 9:12:10 PM keystore alias name found in UME: [SAPLogonTicketKeypair]
[Info] May 20, 2008 9:12:10 PM
~ getName ~
SAPLogonTicketKeypair
~ isCertificate ~
false
~ isKeypair ~
true
~ getCertificate ~
Version: 3
Serial number: 60679227
Signature algorithm: dsaWithSHA (1.2.840.10040.4.3)
Issuer: CN=EPI,OU=I0020275421,O=SAP Trust Community,C=DE
Valid not before: Tue May 20 20:42:00 CEST 2008
not after: Wed May 20 20:42:00 CEST 2009
Subject: CN=EPI,OU=I0020275421,O=SAP Trust Community,C=DE
DSA public key (1024 bits):
y: 3c01d64c6c4f5459e7a436429d4e3905b5200333847262a730b65c35be02adc436a3962808a0ea1b544507364397075794dd8f11bc8528bd548141aec0a33d4f3c0818217d07484d43823fccc487038dd2aaa42f0d2c0498c853ed3c172902434674a9b3e7ff12dd6f4a2834978d35ca9cf69bdc1becec2c16267ae334f2fdc
p: 827dd49ca2056984e98371b1340d5d71839285b25acaa382d7ac386e9440843f0a467aa875a8c1ca3b70ba6a970712f6b199ed3eec5313f3940a67bbd69f38722961ab023d17a1333c52235d9fb7d10e95e3a55ef9b04fc7c920c572da7ac3d50f240dbb8e54da9ebb702111c53582e535852e9f593979b33250c88683961917
q: fa5079dafa3f3ab1e80a6df5bd16f224d8f8d71b
g: 4fbdf52e3304f051c17ca55c9381b5c17d4c205076853450cfd9fc72b2e1b2b16fa01048b8ff17e7a90ae1e018053e34d9d561df714cc8dc92b151b5df6659706b5e57c319a2d6583b7d32d2e9e1f1663eaaac460dcd4e677036f7f9be0b2e16a05d695d5b8113a903cb3863561abd364a5d6c156617fa10a32099e1d2347713
Certificate Fingerprint (MD5) : 88:FE:7F:24:F7:64:2A:CC:D7:BE:16:70:74:73:96:27
Certificate Fingerprint (SHA-1): DD:56:49:B1:D3:0B:BD:79:A3:03:CF:66:33:86:4C:A0:16:FD:04:8F
Extensions: 1
~ getChain ~
chain [1]
Subject:CN=EPI,OU=I0020275421,O=SAP Trust Community,C=DE
Algorithm:dsaWithSHA(1.2.840.10040.4.3)
~ getClass ~
class com.sap.engine.config.diagtool.lib.keystore.OfflineKeystoreEntry
[Info] May 20, 2008 9:12:10 PM The keystore entry test successful.
[Info] May 20, 2008 9:12:10 PM The keystore entry is a keypair.
[Info] May 20, 2008 9:12:10 PM The SSO private key signing algorithm is [DSA]
[Info] May 20, 2008 9:12:10 PM The private key format is [PKCS#8]
[Info] May 20, 2008 9:12:10 PM The system can issue SSO logon tickets.
[Info] May 20, 2008 9:12:10 PM The tickets will be issued with client [000], system [EPI]
[Info] May 20, 2008 9:12:10 PM TXT
com.sap.engine.config.diagtool.tests.authentication.sso2.SSOTicketVerifierConfigTest
This test verifies the Single Sign-On (SSO) configuration on J2EE Engine.
It checks all SSO certificates imported in the SSO trusted key store view
defined in UME properties table. The certificates are verified for validity,
algorithm identifier, and public/private key content. The test checks also
the Access Control Lists configured in evaluate authentication modules.
The ACLs must contain Subjects and Issuers that are available
in the SSO trusted key store view
[Info] May 20, 2008 9:12:10 PM keystore view name found in UME: [TicketKeystore]
[Info] May 20, 2008 9:12:10 PM keystore alias name found in UME: [SAPLogonTicketKeypair]
[Info] May 20, 2008 9:12:10 PM *** checking SSO anchors ***
[Info] May 20, 2008 9:12:10 PM found 2 entries
[Info] May 20, 2008 9:12:10 PM ************ entry #1 [SAPLogonTicketKeypair-cert] **************
[Info] May 20, 2008 9:12:10 PM
~ getName ~
SAPLogonTicketKeypair-cert
~ isCertificate ~
true
~ isKeypair ~
false
~ getCertificate ~
Version: 3
Serial number: 60679227
Signature algorithm: dsaWithSHA (1.2.840.10040.4.3)
Issuer: CN=EPI,OU=I0020275421,O=SAP Trust Community,C=DE
Valid not before: Tue May 20 20:42:00 CEST 2008
not after: Wed May 20 20:42:00 CEST 2009
Subject: CN=EPI,OU=I0020275421,O=SAP Trust Community,C=DE
DSA public key (1024 bits):
y: 3c01d64c6c4f5459e7a436429d4e3905b5200333847262a730b65c35be02adc436a3962808a0ea1b544507364397075794dd8f11bc8528bd548141aec0a33d4f3c0818217d07484d43823fccc487038dd2aaa42f0d2c0498c853ed3c172902434674a9b3e7ff12dd6f4a2834978d35ca9cf69bdc1becec2c16267ae334f2fdc
p: 827dd49ca2056984e98371b1340d5d71839285b25acaa382d7ac386e9440843f0a467aa875a8c1ca3b70ba6a970712f6b199ed3eec5313f3940a67bbd69f38722961ab023d17a1333c52235d9fb7d10e95e3a55ef9b04fc7c920c572da7ac3d50f240dbb8e54da9ebb702111c53582e535852e9f593979b33250c88683961917
q: fa5079dafa3f3ab1e80a6df5bd16f224d8f8d71b
g: 4fbdf52e3304f051c17ca55c9381b5c17d4c205076853450cfd9fc72b2e1b2b16fa01048b8ff17e7a90ae1e018053e34d9d561df714cc8dc92b151b5df6659706b5e57c319a2d6583b7d32d2e9e1f1663eaaac460dcd4e677036f7f9be0b2e16a05d695d5b8113a903cb3863561abd364a5d6c156617fa10a32099e1d2347713
Certificate Fingerprint (MD5) : 88:FE:7F:24:F7:64:2A:CC:D7:BE:16:70:74:73:96:27
Certificate Fingerprint (SHA-1): DD:56:49:B1:D3:0B:BD:79:A3:03:CF:66:33:86:4C:A0:16:FD:04:8F
Extensions: 1
~ getChain ~
chain [1]
Subject:CN=EPI,OU=I0020275421,O=SAP Trust Community,C=DE
Algorithm:dsaWithSHA(1.2.840.10040.4.3)
~ getClass ~
class com.sap.engine.config.diagtool.lib.keystore.OfflineKeystoreEntry
[Info] May 20, 2008 9:12:10 PM The certificate CN=EPI,OU=I0020275421,O=SAP Trust Community,C=DE algorithm OK.
[Info] May 20, 2008 9:12:10 PM ************ entry #2 [BW_BWI_certificate] **************
[Info] May 20, 2008 9:12:10 PM
~ getName ~
BW_BWI_certificate
~ isCertificate ~
true
~ isKeypair ~
false
~ getCertificate ~
Version: 1
Serial number: 0
Signature algorithm: dsaWithSHA (1.2.840.10040.4.3)
Issuer: CN=BWI,OU=I0020275421,OU=SAP Web AS,O=SAP Trust Community,C=DE
Valid not before: Mon May 19 20:39:21 CEST 2008
not after: Fri Jan 01 01:00:01 CET 2038
Subject: CN=BWI,OU=I0020275421,OU=SAP Web AS,O=SAP Trust Community,C=DE
DSA public key (1024 bits):
y: 8c6ac727a5a7048353e1bde69321c38bd99272f2bd771a678532dc0c8f8bb1f9c5d7c6443986345d0a2a2b4dd1c75b929667ebb6cf1412c4f99381b9ac571f8d2c334892db815547c4e418b001b2276e6a49c106c0248f1a8686650a656f33e648cf8d3e54becf5e0bcdcf5034afd94bf1d7f574258f6e75651b983187dd0093
p: ffe26acc911b083ba364f621c222f00778501509d9748e364824daf19f80448ebd439d2077cff772120bebf27319a108959ec959eb80047729c7d794eb73eff5eaa90def10b5b4aaee638e6b16a9e0608da6f489e259eeb0a3be1a7cac431361ab3bccc13967e571596889e6a605ab6721b0d18712acb8d349ced2f8c1e5cc21
q: 90648a4ec3287c602b63a4d44182fb284d790bfd
g: eb309896ee2cae22e23186d98244bd8910dc697c922930d561529d51a9bc72e9e30012e2205f60752c83a9665b3d8a4d9dbdc7a30a7cb118e97cf114f6571589ed037f39f926523fe08fef40e7339066368c7957c8b744441970497f3d09231cc9af95f178d1632a0c42ff603cb294668021e4a6bcb86fc69d15041fd0f554bb
Certificate Fingerprint (MD5) : 47:5D:87:50:89:F5:DD:72:A4:A3:B2:BA:FA:6A:B4:09
Certificate Fingerprint (SHA-1): 3B:CC:58:02:86:47:D2:02:E2:E2:DB:73:84:C1:F1:81:DB:D1:72:F3
~ getChain ~
chain [1]
Subject:CN=BWI,OU=I0020275421,OU=SAP Web AS,O=SAP Trust Community,C=DE
Algorithm:dsaWithSHA(1.2.840.10040.4.3)
~ getClass ~
class com.sap.engine.config.diagtool.lib.keystore.OfflineKeystoreEntry
[Info] May 20, 2008 9:12:10 PM The certificate CN=BWI,OU=I0020275421,OU=SAP Web AS,O=SAP Trust Community,C=DE algorithm OK.
[Info] May 20, 2008 9:12:10 PM *** com.sap.security.core.server.jaas.EvaluateTicketLoginModule ***
[Info] May 20, 2008 9:12:10 PM 28 configurations found.
[Info] May 20, 2008 9:12:10 PM ----
[Info] May 20, 2008 9:12:10 PM | |
[Info] May 20, 2008 9:12:10 PM | Auth stack [sap.com/com.sap.aii.security.ws*KeystoreHelp_client]
[Info] May 20, 2008 9:12:10 PM | |
[Info] May 20, 2008 9:12:10 PM ----
[Info] May 20, 2008 9:12:10 PM {[sap.com/com.sap.aii.security.ws*KeystoreHelp_client]}(size: 4)
1. ( com.sap.security.core.server.jaas.EvaluateTicketLoginModule ) ( SUFFICIENT ) com.sap.security.core.server.jaas.EvaluateTicketLoginModule
2. ( com.sap.security.core.server.jaas.EvaluateAssertionTicketLoginModule ) ( SUFFICIENT ) com.sap.security.core.server.jaas.EvaluateAssertionTicketLoginModule
3. ( com.sap.engine.services.security.server.jaas.ClientCertLoginModule ) ( OPTIONAL ) com.sap.engine.services.security.server.jaas.ClientCertLoginModule
4. ( com.sap.security.core.server.jaas.CreateTicketLoginModule ) ( SUFFICIENT ) com.sap.security.core.server.jaas.CreateTicketLoginModule
authentication properties:
realm_name=Upload Protected Area
policy_domain=/KeystoreHelp/client
auth_method=client-cert
[Warning] May 20, 2008 9:12:10 PM No options defined
[Info] May 20, 2008 9:12:10 PM ----
[Info] May 20, 2008 9:12:10 PM | |
[Info] May 20, 2008 9:12:10 PM | Auth stack [sap.com/com.sap.aii.af.ispeak.app*pip]
[Info] May 20, 2008 9:12:10 PM | |
[Info] May 20, 2008 9:12:10 PM ----
[Info] May 20, 2008 9:12:10 PM {[sap.com/com.sap.aii.af.ispeak.app*pip]}(size: 3)
1. ( com.sap.security.core.server.jaas.EvaluateTicketLoginModule ) ( SUFFICIENT ) com.sap.security.core.server.jaas.EvaluateTicketLoginModule
#1 ume.configuration.active = true
2. ( com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule ) ( REQUISITE ) com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule
3. ( com.sap.security.core.server.jaas.CreateTicketLoginModule ) ( OPTIONAL ) com.sap.security.core.server.jaas.CreateTicketLoginModule
#1 ume.configuration.active = true
authentication properties:
realm_name=ISPEAK
policy_domain=/RWB
auth_method=basic
[Info] May 20, 2008 9:12:10 PM ----
[Info] May 20, 2008 9:12:10 PM | |
[Info] May 20, 2008 9:12:10 PM | Auth stack [sap.com/tcslmslmapp*slmSolManServices_Config1]
[Info] May 20, 2008 9:12:10 PM | |
[Info] May 20, 2008 9:12:10 PM ----
[Info] May 20, 2008 9:12:10 PM {[sap.com/tcslmslmapp*slmSolManServices_Config1]}(size: 4)
1. ( com.sap.security.core.server.jaas.EvaluateTicketLoginModule ) ( SUFFICIENT ) com.sap.security.core.server.jaas.EvaluateTicketLoginModule
2. ( com.sap.security.core.server.jaas.EvaluateAssertionTicketLoginModule ) ( SUFFICIENT ) com.sap.security.core.server.jaas.EvaluateAssertionTicketLoginModule
3. ( com.sap.engine.services.security.server.jaas.ClientCertLoginModule ) ( OPTIONAL ) com.sap.engine.services.security.server.jaas.ClientCertLoginModule
4. ( com.sap.security.core.server.jaas.CreateTicketLoginModule ) ( SUFFICIENT ) com.sap.security.core.server.jaas.CreateTicketLoginModule
authentication properties:
realm_name=Upload Protected Area
policy_domain=/slmSolManServices/Config1
auth_method=client-cert
[Warning] May 20, 2008 9:12:10 PM No options defined
[Info] May 20, 2008 9:12:10 PM ----
[Info] May 20, 2008 9:12:10 PM | |
[Info] May 20, 2008 9:12:10 PM | Auth stack [sap.com/cafruntimeear*CAFDataService_Config]
[Info] May 20, 2008 9:12:10 PM | |
[Info] May 20, 2008 9:12:10 PM ----
[Info] May 20, 2008 9:12:10 PM {[sap.com/cafruntimeear*CAFDataService_Config]}(size: 4)
1. ( com.sap.security.core.server.jaas.EvaluateTicketLoginModule ) ( SUFFICIENT ) com.sap.security.core.server.jaas.EvaluateTicketLoginModule
2. ( com.sap.security.core.server.jaas.EvaluateAssertionTicketLoginModule ) ( SUFFICIENT ) com.sap.security.core.server.jaas.EvaluateAssertionTicketLoginModule
3. ( com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule ) ( OPTIONAL ) com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule
4. ( com.sap.security.core.server.jaas.CreateTicketLoginModule ) ( SUFFICIENT ) com.sap.security.core.server.jaas.CreateTicketLoginModule
authentication properties:
realm_name=Upload Protected Area
policy_domain=/CAFDataService/Config
auth_method=basic
[Warning] May 20, 2008 9:12:10 PM No options defined
[Info] May 20, 2008 9:12:10 PM ----
[Info] May 20, 2008 9:12:10 PM | |
[Info] May 20, 2008 9:12:10 PM | Auth stack [sap.com/com.sap.aii.af.service.trex.ws*TrexProcessor_basic]
[Info] May 20, 2008 9:12:10 PM | |
[Info] May 20, 2008 9:12:10 PM ----
[Info] May 20, 2008 9:12:10 PM {[sap.com/com.sap.aii.af.service.trex.ws*TrexProcessor_basic]}(size: 4)
1. ( com.sap.security.core.server.jaas.EvaluateTicketLoginModule ) ( SUFFICIENT ) com.sap.security.core.server.jaas.EvaluateTicketLoginModule
2. ( com.sap.security.core.server.jaas.EvaluateAssertionTicketLoginModule ) ( SUFFICIENT ) com.sap.security.core.server.jaas.EvaluateAssertionTicketLoginModule
3. ( com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule ) ( OPTIONAL ) com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule
4. ( com.sap.security.core.server.jaas.CreateTicketLoginModule ) ( SUFFICIENT ) com.sap.security.core.server.jaas.CreateTicketLoginModule
authentication properties:
realm_name=Upload Protected Area
policy_domain=/TrexProcessor/basic
auth_method=basic
[Warning] May 20, 2008 9:12:10 PM No options defined
[Info] May 20, 2008 9:12:10 PM ----
[Info] May 20, 2008 9:12:10 PM | |
[Info] May 20, 2008 9:12:10 PM | Auth stack [sap.com/tcsecwssec~app*wssproc_plain]
[Info] May 20, 2008 9:12:10 PM | |
[Info] May 20, 2008 9:12:10 PM ----
[Info] May 20, 2008 9:12:10 PM {[sap.com/tcsecwssec~app*wssproc_plain]}(size: 4)
1. ( com.sap.security.core.server.jaas.EvaluateTicketLoginModule ) ( SUFFICIENT ) com.sap.security.core.server.jaas.EvaluateTicketLoginModule
2. ( com.sap.security.core.server.jaas.EvaluateAssertionTicketLoginModule ) ( SUFFICIENT ) com.sap.security.core.server.jaas.EvaluateAssertionTicketLoginModule
3. ( com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule ) ( OPTIONAL ) com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule
4. ( com.sap.security.core.server.jaas.CreateTicketLoginModule ) ( SUFFICIENT ) com.sap.security.core.server.jaas.CreateTicketLoginModule
authentication properties:
realm_name=Upload Protected Area
policy_domain=/wssproc/plain
auth_method=basic
[Warning] May 20, 2008 9:12:10 PM No options defined
[Info] May 20, 2008 9:12:10 PM ----
[Info] May 20, 2008 9:12:10 PM | |
[Info] May 20, 2008 9:12:10 PM | Auth stack [sap.com/tckmcbc.rf.wsrfwsear*RepositoryFrameworkWS_Config1]
[Info] May 20, 2008 9:12:10 PM | |
[Info] May 20, 2008 9:12:10 PM ----
[Info] May 20, 2008 9:12:10 PM {[sap.com/tckmcbc.rf.wsrfwsear*RepositoryFrameworkWS_Config1]}(size: 4)
1. ( com.sap.security.core.server.jaas.EvaluateTicketLoginModule ) ( SUFFICIENT ) com.sap.security.core.server.jaas.EvaluateTicketLoginModule
2. ( com.sap.security.core.server.jaas.EvaluateAssertionTicketLoginModule ) ( SUFFICIENT ) com.sap.security.core.server.jaas.EvaluateAssertionTicketLoginModule
3. ( com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule ) ( OPTIONAL ) com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule
4. ( com.sap.security.core.server.jaas.CreateTicketLoginModule ) ( SUFFICIENT ) com.sap.security.core.server.jaas.CreateTicketLoginModule
authentication properties:
realm_name=Upload Protected Area
policy_domain=/RepositoryFrameworkWS/Config1
auth_method=basic
[Warning] May 20, 2008 9:12:10 PM No options defined
[Info] May 20, 2008 9:12:10 PM ----
[Info] May 20, 2008 9:12:10 PM | |
[Info] May 20, 2008 9:12:10 PM | Auth stack [sap.com/com.sap.xi.mdt*AdapterMessageMonitoring_basic]
[Info] May 20, 2008 9:12:10 PM | |
[Info] May 20, 2008 9:12:10 PM ----
[Info] May 20, 2008 9:12:10 PM {[sap.com/com.sap.xi.mdt*AdapterMessageMonitoring_basic]}(size: 4)
1. ( com.sap.security.core.server.jaas.EvaluateTicketLoginModule ) ( SUFFICIENT ) com.sap.security.core.server.jaas.EvaluateTicketLoginModule
2. ( com.sap.security.core.server.jaas.EvaluateAssertionTicketLoginModule ) ( SUFFICIENT ) com.sap.security.core.server.jaas.EvaluateAssertionTicketLoginModule
3. ( com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule ) ( OPTIONAL ) com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule
4. ( com.sap.security.core.server.jaas.CreateTicketLoginModule ) ( SUFFICIENT ) com.sap.security.core.server.jaas.CreateTicketLoginModule
authentication properties:
realm_name=Upload Protected Area
policy_domain=/AdapterMessageMonitoring/basic
auth_method=basic
[Warning] May 20, 2008 9:12:10 PM No options defined
[Info] May 20, 2008 9:12:10 PM ----
[Info] May 20, 2008 9:12:10 PM | |
[Info] May 20, 2008 9:12:10 PM | Auth stack [sap.com/com.sap.aii.af.ms.app*MessagingSystem]
[Info] May 20, 2008 9:12:10 PM | |
[Info] May 20, 2008 9:12:10 PM ----
[Info] May 20, 2008 9:12:10 PM {[sap.com/com.sap.aii.af.ms.app*MessagingSystem]}(size: 2)
1. ( com.sap.security.core.server.jaas.EvaluateTicketLoginModule ) ( SUFFICIENT ) com.sap.security.core.server.jaas.EvaluateTicketLoginModule
#1 ume.configuration.active = true
2. ( com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule ) ( REQUISITE ) com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule
authentication properties:
realm_name=Message Display Tool
policy_domain=/RWB
auth_method=basic
[Info] May 20, 2008 9:12:10 PM ----
[Info] May 20, 2008 9:12:10 PM | |
[Info] May 20, 2008 9:12:10 PM | Auth stack [sap.com/tcslmslmapp*slmServices_config]
[Info] May 20, 2008 9:12:10 PM | |
[Info] May 20, 2008 9:12:10 PM ----
[Info] May 20, 2008 9:12:10 PM {[sap.com/tcslmslmapp*slmServices_config]}(size: 4)
1. ( com.sap.security.core.server.jaas.EvaluateTicketLoginModule ) ( SUFFICIENT ) com.sap.security.core.server.jaas.EvaluateTicketLoginModule
2. ( com.sap.security.core.server.jaas.EvaluateAssertionTicketLoginModule ) ( SUFFICIENT ) com.sap.security.core.server.jaas.EvaluateAssertionTicketLoginModule
3. ( com.sap.engine.services.security.server.jaas.ClientCertLoginModule ) ( OPTIONAL ) com.sap.engine.services.security.server.jaas.ClientCertLoginModule
4. ( com.sap.security.core.server.jaas.CreateTicketLoginModule ) ( SUFFICIENT ) com.sap.security.core.server.jaas.CreateTicketLoginModule
authentication properties:
realm_name=Upload Protected Area
policy_domain=/slmServices/config
auth_method=client-cert
[Warning] May 20, 2008 9:12:10 PM No options defined
[Info] May 20, 2008 9:12:10 PM ----
[Info] May 20, 2008 9:12:10 PM | |
[Info] May 20, 2008 9:12:10 PM | Auth stack [sap.com/com.sap.lcr*sld]
[Info] May 20, 2008 9:12:10 PM |When I execute RSPOR_SETUP report from SE38 to check the configuration between BW and Protal, the system shows the following message:
http://img58.imageshack.us/img58/1910/j2eegw5.png
http://img53.imageshack.us/img53/4158/step7vf1.png
This is my configuration:
http://img58.imageshack.us/img58/5937/strustry9.png
http://img142.imageshack.us/img142/9721/keystorageyt6.png
http://img53.imageshack.us/img53/6971/ticketbl2.png
http://img53.imageshack.us/img53/2689/evaluatemr0.png
http://img177.imageshack.us/img177/1271/umeyz5.png
http://img53.imageshack.us/img53/9763/slddf1.png
Entry in dev_jrfc.trc
Message : java.lang.RuntimeException: call FM RSWR_RFC_SERVICE_TEST to ProgId SAPIA64BW_PORTAL_EPI on host SAPIA64BW with SSO not authorized: Missing Password
Datasource : 11197950:J:\usr\sap\EPI\JC01\j2ee\cluster\server0\dev_jrfc.trc
Could you please help me??
Thanks in advance
Edited by: Juan de la Cruz Arellano Royo on May 21, 2008 11:17 AM -
SSO to non SAP Application using SAP Logon Ticket
Hi Experts,
I Have EP 7 SP 15 using SPNego Wizard to SSO with Active Directory and SSO between EP and ECC using SAP Certificates.
Now I have a demand to SSO some JAVA based applications (non SAP) to my portal using the SAP Logon Ticket.
I Have followed some blogs that directed me to use SAPSSOEXT (some libs) to read the MYSAPSSO2 cookie. The problem is that I didn't found this cookie, I even executed the command javascript:document to look for this cookie but the browser just show me the JSESSIONID info.
Does anybody knows where I can find this cookie or if there's a better way to set up this SSO? It´s necessary to say that I cannot SSO these application to the kerberos protocol because some security reasons on my company.
Thanks
ArmandoHi,
I dont have much info related but i can giv u hint
refer OSS Notes 442401 and 723896.
When using SAP logon tickets for non-SAP applications, two different implementation options are available. The difference lies in where the ticket verification takes place.
In the first case, the SAP logon ticket is submitted to the web server filter located on the web server. The web server filter verifies the portal serveru2019s public key
certificate using its local Personal Security Environment (PSE) and then populates the HTTP header field with the user ID for SSO to the non-sap web application.
In the second case, the SAP logon ticket is sent to the non-SAP application, which then verifies it using the ticket verification DLL and submits the user ID to the application for SSO.
You can refer following link :-
http://help.sap.com/saphelp_nw70/helpdata/EN/89/6eb8deaf2f11d5993700508b6b8b11/frameset.htm
user authentication and SSO
http://help.sap.com/saphelp_nw70/helpdata/EN/8f/ae29411ab3db2be10000000a1550b0/frameset.htm
Authentication Using a Directory with SSO Integration Using Logon Tickets
http://help.sap.com/saphelp_nw70/helpdata/EN/f8/3b514ca29011d5bdeb006094191908/frameset.htm
SSO
SAP Logon Ticket-based Single Sign-On
http://help.sap.com/saphelp_nwce10/helpdata/en/45/b6af743753003ae10000000a11466f/frameset.htm
Maybe you are looking for
-
The movie I bought didn't download, but my money was still taken. What do I do to get my movie to show, or to get my money back?
-
Singleton vs static - which is better?
Of the two approaches - a class which can be used by accessing its ONLY instance(singleton) or a class which has a set of static methods which can be invoked on the class itself which is better and why? Or are these just two 'styles' of programming?
-
Consignment and Configurable mate.
Hi Gurus, My doubt is Is it advisable to follow consignment processing with configurable material? If yes what would be item category determination for this/ if no why couldn't it possible to use configurable material in consignment? Ple share your v
-
I do not know my security questions and would like to get new ones how do I do that?!
Someone please help
-
Mac Mini won't sleep after upgrading to Mountain Lion
Upgraded to Mountain Lion (including the server upgrade) and now it won't sleep. More info... macmini:~ doug$ pmset -g Active Profiles: UPS Power -1 AC Power -1* Currently in use: hibernatemode 0 womp