SSO to ECC (without java stack), BI (on NetWeaver), & Portal

Similar Messages

• Web Dynpro without Java stack?

  Hello
  a simple question : Is is possible to deveop and run Web Dynpro applications on a system with no Java stack? It is a ECC 6.0 system.
  Thanks
  A.

  Hi Aleksandra, 
  Yes it is posible to develop and run Web Dynpro applications without Java Stack.
  For Web Dynpro for ABAP :- Java stack not required, you can do with SAP System T-Code - SE80 if Web Dynpro Component available in your sap system.
  For Web Dynpro for Java :- You must require Java Stack.
  Hope this will helps you.
  Thanks
  Arun Jaiswal

• Upgrade from SCM 5.0 to SCM 7.0 without Java Stack

  Hello,
  My query is we have a SCM 5.0 system which has a java stack in it. But now we are going to upgrade it to SCM 7.0. - Is SCM 7.0 has a java stack ?
  If it doesn't have , can we upgrade SCM 5.0 to SCM 7.0 without Java Stack ? Is it posssible to upgrade without Java Stack or not ?
  Is it possible that we can convert Java Stuff into ABAP web dyn pro ? If yes , how shall we can achieve it ? If not, how shall we proceed in an alternate way ?
  Thanks for your help in advance.
  Madhu

  Hi Manoj,
  Yes the system is running okay and I can login without problem. The question I have is that the upgrade program started with default system number 00 loaded, where I don't know how to change it to match our system setting. Our system is currently having system number 01.
  Thanks,
  Eric

• ADD Ecc server Java Stack

  Hi
  Can any one give procedure , how to add my java stack(ABAP+JAVA) of ECC into Solution manager to upgarade ehp4
  Thanks in advance

  Kumar,
  This is the document you can use.
  https://websmp107.sap-ag.de/~sapidb/011000358700000293582009E.PDF
  Section 3.2.5 talks about the java stack definitions, all the information you need will be in this setup document.
  Regards
  Paul

• Java Stack mandatory for a SAP BI system integrated with EP?

  Hi Guru's,
  Currently we are using SAP NetWeaver 2004 s version 7.0 system for our BI.
  This is integrated with the EP. But our BI system does not contain the Java Stack installed.
  When we work on WAD templates and execute  the template, it is automatically directed to EP portal where we can see our reports.
  Here my question is do we need Java Stack for this system to use ADOBE DOCUMENT services or can it work with EP only for the web functionalities.
  Any info on this is of great help.
  Best Regards
  Kumar

  HI Reddy,
  We came to know from our basis team that we do not have the Java Stack installed in our BI 7.x system yet.
  As it is integrated with EP which has Java, our web reports are working.
  1) But my question is still do we ned to install the Java Stack in our BI system as i do not find any Export to PDF option in EP for the reports (eventhough AS Java supports this).
  2) Or can we use the existing configuration without Java STack integrated to EP for the new tools like Report Designer and Integrated Planning?
  Regards
  Kumar

• JAVA Stack installation's method for BI 7.0 (Netweaver 04s)

  Hello!
  We plan to upgrade our BW 3.5 (without java stack) to BI 7.0 which need a java stack installation.
  In this case we have, first, to upgrade the abap stack and then we have to install the  java stack .
  There are 3 possibilities to install the java stack : as java-addin in the same database that the abap stack , or as the recommanded
  SAP 'method i.e. a java installation with its own  database , that means another instance , and I think a new license to buy.
  The third method is a second server to support the java stack with its own database (separate instance).
  I don't understand why the second and third methods are recommanded , rather than the first.
  Is it related to the SAP  Enterprise Portal  ??; (we don't use it at the moment) , or for other reasons?? Thanks..

  In the event of double-stack or shared installations, ABAP and JAVA compete for main memory and CPU resources. Since BI 7.0 is resource intensive, it is advisable to install AS-Java on a different machine.
  Please refer to the following SAP Notes
  1. 927530 - BI Java sizing
  2. 917950 - SAP NetWeaver 2004s: Setting Up BEx Web
  Regards,
  Anirban Kundu

• Web Dynpro ABAP - Java stack required?

  Hey everyone,
  We are currently planning an upgrade to ECC 6.0 and Netweaver 2004s. A source of debate during this planning has been whether or not to install the Java stack in our upgraded system.
  I'm an ABAP developer, so I'm really looking forward to using Web Dynpro ABAP. Does anyone know if the Java stack is required to effectively use Web Dynpro ABAP? It seems like the two should be independent...but I just want to be sure.
  Thanks in advance!!
  Chad

  No, you do not need the java stack to run WDA applications.  It runs purely on the ABAP stack.  You can develop your WDA app in SE80 and run it.  It will run in a browser from the ABAP stack.  If you have a portal, then you know that this runs on the java stack.  Also, your portal is probably not running on the same box as your backend ERP system.  If you running a portal, I would suggest installing both the java stack as well as the ABAP stack for you portal to run on.  Then you will be able to use WDA to create applications to run in your portal.
  So to sum up,  the portal runs on the java side, if you have both stacks running under your portal you can development WDA and WDJ applications, which both can run on that same engine.  To answer you question, you DON'T need the java stack to develop and run your WDA application, but if you want it to run in a portal, then you need a java stack to run the portal on top of.  This can be a completly separate box and a standalone java stack.   Did I confuse you even more?
  REgards,
  Rich Heilman

• JAVA Stack for consuming and providing Services with ABAP?

  Hi Experts,
  I would like to know if I need to have a Java Stack when I want to build a Web Application with Web Dynpro Abap and consume Enterprise Services from the Enterprise Service Repository. Additional own created services in ABAP should be provided. Is a Java stack necessary for that? Or is an ABAP Stack enough?
  Thanks a lot for your answers?
  Best regards,
  Ingmar

  Hi Ingmar,
  You do not need a Java stack to build or run Web Dynpro ABAP application. Web Dynpro ABAP runs on ABAP stack.
  Just to consume a web or enterprise service from Web Dynpro ABAP application, or any ABAP application for that matter, you do not need Java stack, either. NetWeaver Application Server contains a component called ICM (Internet Communication Manager) that enables the AS to play both as a service provider as well as a consumer.
  The part about consuming Enterprise Services from the ES Repository is more complicated, though.
  ES Repository is only a modeling tool. Services are actually implemented  in the respective backend systems and then registered in central Services Registry. So, if the Enterprise Service you want to consume comes from an application that runs on Java stack, although I do not have any example of that handy, then obviously - Java stack is needed. This is irrelevant, however, if your question only pertains to the consumer part.
  I hope this helps.
  Andrzej

• Adding BI Java on NetWeaver Portal 2004s installation

  Hi All,
  We have NetWeaver Portal 2004s sps 10 installed.
  We would like to know if we can add BI Java on the same instance.
  Thanx
  Jayant

  Hi Yayant,
  Yes, its possible to have BI Java stack added to Netweaver 2004s,
  but from my point of view the version should already been installed with Netweaver 2004s Java stack  as SAP_BW.
  Check this in the System --> Status --> SAP System Data menu of your respective system.
  Assign points if it helps you.
  Regards,
  Sreedhar

• SSO using Windows Active Directory but without EP or Java stack

  Good morning and thank you in advance for your help.
  The question is:
  our environment includes windows domain with Active Directory, ECC 6.0 ABAP (DEV, QAS, PROD), BW 7.0 (DEV, QAS, PROD) only ABAP stack.
  I would like to know if we can enable SSO using only this configuration without introducing EP or Java stack.
  Best regards
  Max

  Hi Willi,
  It won't be that easy to understand each other... as my english is not that good either
  Most of the points introduced in the SAP help link are automatically performed by sapinst.
  Almost all my customers running on MS are not using an AV, and neither get into troubles...
  but no user ever connect on the SAP server, only admin, for maintenance purpose or SAP admin when needed...
  Internet explorer should not be used on a sever, MS itself says it should be uninstalled...
  Best regards
  SAP on SQL General Update for Customers & Partners April 2014
  10. Do Not Install SAPGUI on SAP Servers
  Windows Servers have the ability to run many desktop PC applications such as SAPGUI and Internet Explorer however it is strongly recommended not to install this software on SAP servers, particularly production servers.
  To improve reliability of an operating system it is recommended to install as few software packages as possible.  This will not only improve reliability and performance, but will also make debugging any issues considerably simpler
  “A server is a server, a PC is a PC”.  Customers are encouraged to restrict access to production servers by implementing Server Hardening Procedure. 
  SAP Servers should not be used as administration consoles and there should be no need to directly connect to a server. Almost all administration can be done remotely
  SAP on SQL General Update for Customers & Partners September 2013
  Internet Explorer (and any other non-essential software) should always be removed from every SAP DB or Application server. 
  The following command line removes IE from Windows 2008 R2, Windows 2012 and Windows 2012 R2:
  Open command prompt as an Administrator ->  dism /online /Disable-Feature /FeatureName:Internet-Explorer-Optional-amd64

• Activate abap proxy withou java stack on ECC side

  Hi gurus,
  Can we activate abap proxy on ECC side if the ECC don't hava java stack? As you know , we need to create two jco RFC provider in Visual Administrator, but without installing java stack, we can't do that.  Any ideas? Thanks in advance.

  Thanks all.
  Solved by using program id of XI system in the RFC of application system.
  But we still face the issue in SPROXY. It gave the error "No connection to Integration Builder ".
  Then I runned connection test, and found SPROX_CHECK_IFR_ADDRESS and SPROX_CHECK_HTTP_COMMUNICATION
  are  right, but SPROX_CHECK_IFR_RESPONSE and SPROX_CHECK_IFR_CONNECTION are giving the error "Integration Builder data not understood". Any ideas?
  Edited by: xinjiang li on Sep 10, 2010 6:40 PM

• Third party application forcing java stack to restart when logged in through SSO

  Hi
  We have APW Third party application installed on Enterprise portal  7.4.
  When we tried to login APW portal through SSO it forces Java stack services to restart.If we use APW directly without SSO it works fine.
  Can you help me tto resolve the issue.

  Hi Manish,
  Please check  the configuration once agian about the third party connection  and  the portal.
  Also provide the "dev_server0" which under in directory /usr/sap/SID/J00/work and default trace which under in “/usr/sap/SID/J00/j2ee/cluster/server0/log" to analyze the issue. There is some other tool as well to check the issue using "httpwatch" log tool. But, mostly issue can be identified in dev_server0 or defalut trace".
  Thanks,
  Brindavan

• Single-Sign-On (SSO) configuration on JAVA Stack through HTTP Header method

  Hello SDN community,
  in the context of a Proof of Concept, we are testing the integration of Microsoft Sharepoint Portal with SAP Backend (addin) systems.
  As the architecture impose use an external scenario (access from the internet), we couldn't use the Kerberos (SPNego) solution and thus we chosed the http header solution which in short uses an intermediary web server (in this case the IIS of the MOSS solution) which will act as authority.
  I miss information on how the workflow works for this http header authentication method. Through the visual administrator of the addin JAVA stack, it is possible to configure each application with a customized authentication (a choice of security modules). But this all that I know.
  My task is to configure SSO. From a sharepoint portal, the user should be able to access Web Dynpros and BSPs. I imagine that the very first call to a webdynpro or bsp (or maybe when we log on the sharepoint portal), the request to the WDP or BSP will first be forwareded by the intermediary server to the JAVA stack (or is it the SAP dispatcher that has to be configured).
  Is there an application to be built on the java stack to deal with the authentication, modify http header?
  What will the Java stack return? a sap long ticket? a token?
  How will the redirect work (to by example a BSP which is in the ABAP stack)?
  SAP preconise to secure with SSL the link between the intermediary web server and the JAVA stack, is IP restriction also a solution?
  A lot of questions about how this SSO http header should work,
  I would be very greatful for any help, or info,
  Kind regards,
  Tanguy Mezzano

  Hi Tanguy,
  to tell you the truth I'm really unsure about what you are trying to achieve. When I started posting to your thread I thought all you wanted was trying to access your J2EE engine via Browser and authenticate against the engine using HTTP Header Variables. Nevermind:
  Here are some answers to your question:
  in fact I did succeed, the problem was that even after domain-relaxation done by the J2EE, I had to change the domain of th SAP cookie to the bbbb.domain.com to be understood (I would have thought that all hosts in/under domain .domain would have accepted such a cookie but it seems that no...).
  The server does not care about the domain because Cookies in an HTTP Request do not contain any domain information. The domain is just important when the Cookie is set by the server so your Client (Browser) will know in which cases the Cookie may be sent or not. So if your domain is xxx.yyy.domain.com and your cookie is issued to .domain.com then your Browser will definitely sent it to all hosts under .domain.com (This includes xxx.yyy.domain.com etc.)
  My current scenario is: in a first request get a SAP Logon Ticket from the Java Stack, then change its domain and then directly call the backend with it.
  You can do that but there is no Client involved in this scenario. So this is useful if you just want to test the functionality (e.g. authentication to J2EE using Header Variables (This works finally!!!) and then use the fetched Logon Ticket to test SSO against any trusted Backend!!)
  So everything's is in a Java Client application without using any redirection.
  If I understand you, you're solution is from the Browser call a servlet (which is deployed on the Java Stack and has no authentication schema) by passing to it our http header.
  No, you should initially authenticate somewhere! I thought that maybe you had some resource you access before accessing the Java Stack. This could be any application (e.g. deployed on a Tomcat or JBOSS or other server or if you like even SAP J2EE). After authenticating there you are aware of the username and could use it to  procceed (e.g. Authenticate against the J2EE using the same user and HTTP Header authentication for that particular user!)
  That servlet will transfer the http header (with the HttpClient app) in order to get from the Java Stack a SAP Logon ticket, and then to redirect to the resource and by sending back the cookie in client browser. Am I correct?
  This was just a suggestion because I realized that there was no Client ever involved in any of your testing (looked strange to me!). I was just thinking that it would be easier for you to just get the Cookie into your Browser so your Browser would do the rest for you (in your case finally send the Logon Ticket Cookie to your Backend to test SSO using Logon Tickets!).
  The AuthenticatorServlet somehow serves as a Proxy to your client because your client is not able to set the Header Variable. That's why I initially suggested to use a Proxy (e.g. Apache) for that purpose. The problem is just that if you use a Proxy you will have to tell it somehow which username it should set in the Header Variable (e.g. using a URL Parameter or using a personalized client certificate and fetch the username (e.g. cn=<username> from the certificate!)
  This way of doing would simplify the calls for sso for each new application needing authentication, instead of having all code each time in it...
  I'm stuck again! Do you want to authenticate an End User or do you want to authenticate an application that needs to call any resources in your Backend that requires authentication?
  So my problem now, is how to call the servlet from the client browser:
  I'm trying to call my servlet from the browser but I don't succeed. I am able to understand how to reach a jsp from the Java Stack, but not to reach a servlet. I don't find the path to my servlet:
  <FORM method="POST" action="SSORedirect2" >
  A JSP is a servlet too. There is just no JAVA Class involved!
  You do not need any POST Request to invoke a Servlet.
  I see that my servlet is deployed, but I don't how what path to give to my form to invoke the servlet, here follows my web.xml
    <?xml version="1.0" encoding="UTF-8" ?>
    <!DOCTYPE web-app (View Source for full doctype...)>
  - <web-app>
    <display-name>WEB APP</display-name>
    <description>WEB APP description</description>
  - <servlet>
    <servlet-name>SSOredirect2</servlet-name>
    <servlet-class>com.atosorigin.examples.AuthenticatorServlet</servlet-class>
    </servlet>
  - <servlet>
    <servlet-name>SSORedirect2.jsp</servlet-name>
    <jsp-file>/SSORedirect2.jsp</jsp-file>
    </servlet>
  - <security-constraint>
    <display-name>SecurityConstraint</display-name>
  - <web-resource-collection>
    <web-resource-name>WebResource</web-resource-name>
    <url-pattern>/*</url-pattern>
    <http-method>GET</http-method>
    <http-method>POST</http-method>
    </web-resource-collection>
  - <auth-constraint>
    <role-name>DefaultSecurityRole</role-name>
    </auth-constraint>
    </security-constraint>
  - <security-role>
    <role-name>DefaultSecurityRole</role-name>
    </security-role>
    </web-app>
  If you have an AuthenticatorServlet Class all you need is to add the Servlet Mapping in your web.xml file
  e.g.
  <servlet>
    <description>
    </description>
    <display-name>AuthenticatorServlet</display-name>
    <servlet-name>AuthenticatorServlet</servlet-name>
    <servlet-class>com.atosorigin.examples.AuthenticatorServlet</servlet-class>
  </servlet>
  <servlet-mapping>
    <servlet-name>AuthenticatorServlet</servlet-name>
    <url-pattern>/AuthenticatorServlet</url-pattern>
  </servlet-mapping>
  You can directly call the Servlet in your Browser by calling the URL provided in the url-pattern of your Servlet mapping ( in this case /AuthenticatorServlet). The engine will invoke the Class "com.atosorigin.examples.AuthenticatorServlet" in the background and do whatever you defined there!
  I have also to pass my http header and the redirectUrl in the GET request.
  If you like! I just suggested this for testing purposes. As I stated before you need a way to tell your proxy (or in your case AuthenticatorServlet) which user should be set when calling the Engine in order to authenticate using HTTP Header. You could use the URL Paramater to define the user you actually want to use when you set the Header Variable.
  I just introduced the redirectURL because you were talking about redirects all the time. So if you finally want to call the Backend you could define the Backend URL in the redirectURL Parameter and the Servlet will make sure that you are redirected to this location after the whole process!
  Thx for your input very helpful,
  But again 0 points
  Cheers

• Advantages of JAVA stack on ECC 6.0

  Hi There
  Can any one please make me clear about the adavantages of  JAVA stack on ECC6.0, how does it helps our business, as tehre are no JAVA relaetd components in our environment , now we are on ECC6.0 ABAP stack, if this is the case how to  go ahead with JAVA stack, I mean to ask the of make my ECC6.0 as a dual stack , must i choose JAVA system as an Add-on to existing ECC ABAP stack or  must i go for another stand akone JAVA box, which option is the correct one.
  Now we are on BW3.0
  got a plan to upgrade to BI 7.0 , is JAVA system required for that or BI 7.0 only runs on ABAP stack?please let me know how to implemnt the JAVA stack for the existing system.Thanks in advanse.

  HI
  Kakani
  Can you go thorough dis link
  http://wiki.sdn.sap.com/wiki/display/WDJava/WelcometoWebDynproJava!
  Tanks
  Rafi Shaik

• How to configure SSO for WAS Java stack

  Hi all,
  I want to configure our WAS server with java stack as a SAP ticket issuing system. This system does not have Portal installed on it.
  I want to know weather it is possible or not. if possible how it can be done.
  actually ABAP stack their are transaction like SSO2,SSO to do the task. but what about WAS with Java stack?
  Thank all.

  HI Kumar
  Follow this link.
  http://help.sap.com/saphelp_nw04/helpdata/en/53/695b3ebd564644e10000000a114084/frameset.htm
  Hope this helped you
  Reagrds,
  RK