SSO with Logon Ticket to non-SAP Unix based application

Hi all,
Anyone has implemented SSO with Logon Ticket to a Unix box ?
We need to achieve Single Sign On between our EP5.0 SP5 Portal and a third-party web application with a front-end on a Unix AIX machine with Apache.
We achieved SSO with non-SAP applications with Logon Tickets, but one was to an IIS system in another domain (we therefore used the standard Web Filter for IIS and declared it in usermanagement for cross-domain support) and another one running on Windows platform (we used the C libraries provided in the "Logon Ticket Toolkit": NT or Linux only).
From what we understand and found on the web sites, we cannot reuse any standard web filter (none for Unix, am I correct ???) and want to implement custom code using SAP libraries, if possible using Java
-> Are there any Java libraries that are available to both:
. verify the logon ticket with the deployed Portal public key
. decrypt/extract the authenticated username from this ticket ??
I've seen a mention of Java libraries, and Unix, in a SAP EP 6.0 document but I'm not sure where to find them...
Is the SAP Logon Ticket issued the same way in EP 5.0 and EP 6.0 ?
I managed to find something called SAPSSOEXT, for AIX, which contains some partial library and a sample, but it is dated 2000 !! Anyone has more information about this ?
Any hint is very much appreciated.
Thanks a lot
Olivier

Check these links for reference regarding AIX and Apache using X.509 certificates:
http://publib16.boulder.ibm.com/pseries/en_US/aixbman/security/cas_pki.htm
And just using cookies -
http://forums.devshed.com/archive/t-105611 (perl based)
You can also use mod_ssl built into your Apache to facilitate both certificate based authentication as well as encryption.
The mod_ssl route is most secure (because of the encryption), the IBM link is comprehensive but requires extra infrastructure (LDAP).
Nick
Nick

Similar Messages

Not able to activate SSO with logon tickets...

Hi all,
I configured SSO with logon tickets on a new installation of EP 7.0 Nw 2004s SR2.
The target R3 server is in a different domain. But i added the certificate receiver portal server address in the UME service entries.
But when i try to test it, it is showing the password entry login screen.
Is there any changes i need to make to the logon stacks?
Given below are the major steps i completed.
1. Created RFC destination in portal
2. Created RFC destination for portal in R3
3. Exported verify.der certificate to R3.
4. Added necessary entries for R3 sever in the portal security providers list.
5. Restarted portal j2ee instance.
Did I miss out any required steps?
I doubt whether logon tickets are generated from the portal , since it directly shows the normal login screen when i test.
Can anyone help me on this?
Thanks in advance
Shobin

Hi,
Thanks alot for your reply.
I checked sso2. The connection fails there. But long back, we had created another destination in the R3 system to use in a different portal instance. There, SSO works fine. Even this destination also fails when checked through sso2.
I login to portal with administrator rights which has the same user id in R3 also. Please note that both these systems are in different domain. But I have added another host name in ume.service.login property which is already set up for SSO with the target R3 system.
When i test SSO, i am not getting any error messages regarding the certificate or logon ticket. It simply ask me for a user name and password.
Is there any change i have to do in logon stacks to give preference to logon tickets?
Thanks alot
Shobin

SSO with SAP logon tickets to non-SAP web app

I am trying to implement SSO to an oracle portal based web application using SAP logon tickets, but can't seem to find a way for it to work. I thought maybe it would be a web server filter, but am unsure if this would work for oracle portal. Anyone tried similar?
Cindy

Hi Cindy,
If it is EP6 SP2 probably you can checkout the following document.
http://service.sap.com/ep60
Go to Documentation Help>How-To-Guides>Current How To Guides section.
checkout the following how to guide.
Perform Cross Domain SSO with SAP Logon tickets zip file.
If you want the zip file please send an e-mail to
[email protected]
Regards
-Venkat Malempati

SSO fails with logon ticket

Hi all ,
Could some advice on this .I have some issues with SSO with logon tickets .
My landscape consists of
- EP 6.0 SP on WAS J2EE 6.0
- ECC 5.0 SP7 on WAS ABAP 6.0
I am trying to do SSO between portal and ECC , where in portal is the ticket issuer
and my ECC accepts the ticket . Follwing are the steps I have done .
1. From keystore Administrator , I have downloaded the verity.der .
2. From my ECC system , run STRUSTSS02 transaction and done following activities
a. import the verity.der into certificate area ( selecte dfile format as binary )
b. Added certificate into PSE
c. Add to ACL ( here I have selected my portal SID , client
as 000 ( Do is need to give a different client ???...)
d. Saved everything
3. Then I have created a system object for my ECC system , given all the connector parametrs,
user management as logon ticket and created an alias too .
But when I tested is is failure
I have also created a JCO destination under the webdynpro content admin and selected the
logon ticket as the option , there also the test fails
Could any body advice what am I doing wrong ?
THanks
Aneez

Phani ,
Here is the trace .
M *** BEGIN USER TRACE UID >915< MODE >1< STEP >1< REQID >11685< TIME >053138< DATE >20050805< WP >0< WP_TYPE >DIA< CONV_ID >5028
N dy_signi_ext: SSO TICKET logon (client 110)
N mySAPUnwrapCookie: was called.
N HmskiFindTicketInCache: Trying to find logon ticket in ticket cache.
N HmskiFindTicketInCache: Try to find ticket with cache key: 110:F8906A99658752C18D6007083CC6D4A3 .
N HmskiFindTicketInCache: Couldn't find ticket in ticket cache.
N I don't need to ask RunningCompatibly to know: I'm >= 46C.
N mySAP: Got the following SSF Params:
N DN =CN=DV1
N EncrAlg=DES-CBC
N Format =PKCS7
N Toolkit =SAPSECULIB
N HashAlg =SHA1
N Profile =/usr/sap/DV1/DVEBMGS00/sec/SAPSYS.pse
N PAB =/usr/sap/DV1/DVEBMGS00/sec/SAPSYS.pse
N Got the codepage 4102.
N Got ticket (head) AjExMDAgAA5wb3J0YWw6QUhBTUVFRIgAE2Jhc2lj. Length = 444.
N 00000000 00 41 00 6a 00 45 00 78 00 4d 00 44 00 41 00 67 .A.j.E.x.M.D.A.g
N 00000010 00 41 00 41 00 35 00 77 00 62 00 33 00 4a 00 30 .A.A.5.w.b.3.J.0
N 00000020 00 59 00 57 00 77 00 36 00 51 00 55 00 68 00 42 .Y.W.w.6.Q.U.h.B
N 00000030 00 54 00 55 00 56 00 46 00 52 00 49 00 67 00 41 .T.U.V.F.R.I.g.A
N 00000040 00 45 00 32 00 4a 00 68 00 63 00 32 00 6c 00 6a .E.2.J.h.c.2.l.j
N 00000050 00 59 00 58 00 56 00 30 00 61 00 47 00 56 00 75 .Y.X.V.0.a.G.V.u
N 00000060 00 64 00 47 00 6c 00 6a 00 59 00 58 00 52 00 70 .d.G.l.j.Y.X.R.p
N 00000070 00 62 00 32 00 34 00 42 00 41 00 41 00 41 00 43 .b.2.4.B.A.A.A.C
N 00000080 00 41 00 41 00 4d 00 77 00 4d 00 44 00 41 00 44 .A.A.M.w.M.D.A.D
N 00000090 00 41 00 41 00 4e 00 46 00 55 00 45 00 51 00 45 .A.A.N.F.U.E.Q.E
N 000000A0 00 41 00 41 00 77 00 79 00 4d 00 44 00 41 00 31 .A.A.w.y.M.D.A.1
N 000000B0 00 4d 00 44 00 67 00 77 00 4e 00 54 00 41 00 35 .M.D.g.w.N.T.A.5
N 000000C0 00 4d 00 6a 00 49 00 46 00 41 00 41 00 51 00 41 .M.j.I.F.A.A.Q.A
N 000000D0 00 41 00 41 00 41 00 49 00 43 00 67 00 41 00 41 .A.A.A.I.C.g.A.A
N 000000E0 00 2f 00 77 00 44 00 31 00 4d 00 49 00 48 00 79 ./.w.D.1.M.I.H.y
N 000000F0 00 42 00 67 00 6b 00 71 00 68 00 6b 00 69 00 47 .B.g.k.q.h.k.i.G
N 00000100 00 39 00 77 00 30 00 42 00 42 00 77 00 4b 00 67 .9.w.0.B.B.w.K.g
N 00000110 00 67 00 65 00 51 00 77 00 67 00 65 00 45 00 43 .g.e.Q.w.g.e.E.C
N 00000120 00 41 00 51 00 45 00 78 00 43 00 7a 00 41 00 4a .A.Q.E.x.C.z.A.J
N 00000130 00 42 00 67 00 55 00 72 00 44 00 67 00 4d 00 43 .B.g.U.r.D.g.M.C
N 00000140 00 47 00 67 00 55 00 41 00 4d 00 41 00 73 00 47 .G.g.U.A.M.A.s.G
N 00000150 00 43 00 53 00 71 00 47 00 53 00 49 00 62 00 33 .C.S.q.G.S.I.b.3
N 00000160 00 44 00 51 00 45 00 48 00 41 00 54 00 47 00 42 .D.Q.E.H.A.T.G.B
N 00000170 00 77 00 54 00 43 00 42 00 76 00 67 00 49 00 42 .w.T.C.B.v.g.I.B
N 00000180 00 41 00 54 00 41 00 54 00 4d 00 41 00 34 00 78 .A.T.A.T.M.A.4.x
N 00000190 00 44 00 44 00 41 00 4b 00 42 00 67 00 4e 00 56 .D.D.A.K.B.g.N.V
N 000001A0 00 42 00 41 00 4d 00 54 00 41 00 30 00 56 00 51 .B.A.M.T.A.0.V.Q
N 000001B0 00 52 00 41 00 49 00 42 00 41 00 44 00 41 00 4a .R.A.I.B.A.D.A.J
N 000001C0 00 42 00 67 00 55 00 72 00 44 00 67 00 4d 00 43 .B.g.U.r.D.g.M.C
N 000001D0 00 47 00 67 00 55 00 41 00 6f 00 46 00 30 00 77 .G.g.U.A.o.F.0.w
N 000001E0 00 47 00 41 00 59 00 4a 00 4b 00 6f 00 5a 00 49 .G.A.Y.J.K.o.Z.I
N 000001F0 00 68 00 76 00 63 00 4e 00 41 00 51 00 6b 00 44 .h.v.c.N.A.Q.k.D
N 00000200 00 4d 00 51 00 73 00 47 00 43 00 53 00 71 00 47 .M.Q.s.G.C.S.q.G
N 00000210 00 53 00 49 00 62 00 33 00 44 00 51 00 45 00 48 .S.I.b.3.D.Q.E.H
N 00000220 00 41 00 54 00 41 00 63 00 42 00 67 00 6b 00 71 .A.T.A.c.B.g.k.q
N 00000230 00 68 00 6b 00 69 00 47 00 39 00 77 00 30 00 42 .h.k.i.G.9.w.0.B
N 00000240 00 43 00 51 00 55 00 78 00 44 00 78 00 63 00 4e .C.Q.U.x.D.x.c.N
N 00000250 00 4d 00 44 00 55 00 77 00 4f 00 44 00 41 00 31 .M.D.U.w.O.D.A.1
N 00000260 00 4d 00 44 00 6b 00 79 00 4d 00 6a 00 41 00 31 .M.D.k.y.M.j.A.1
N 00000270 00 57 00 6a 00 41 00 6a 00 42 00 67 00 6b 00 71 .W.j.A.j.B.g.k.q
N 00000280 00 68 00 6b 00 69 00 47 00 39 00 77 00 30 00 42 .h.k.i.G.9.w.0.B
N 00000290 00 43 00 51 00 51 00 78 00 46 00 67 00 51 00 55 .C.Q.Q.x.F.g.Q.U
N 000002A0 00 4e 00 78 00 47 00 53 00 38 00 70 00 65 00 6b .N.x.G.S.8.p.e.k
N 000002B0 00 68 00 62 00 5a 00 32 00 6e 00 79 00 6e 00 61 .h.b.Z.2.n.y.n.a
N 000002C0 00 46 00 4c 00 4b 00 54 00 51 00 2f 00 37 00 43 .F.L.K.T.Q./.7.C
N 000002D0 00 42 00 5a 00 6b 00 77 00 43 00 51 00 59 00 48 .B.Z.k.w.C.Q.Y.H
N 000002E0 00 4b 00 6f 00 5a 00 49 00 7a 00 6a 00 67 00 45 .K.o.Z.I.z.j.g.E
N 000002F0 00 41 00 77 00 51 00 76 00 4d 00 43 00 30 00 43 .A.w.Q.v.M.C.0.C
N 00000300 00 46 00 41 00 32 00 53 00 63 00 53 00 6f 00 71 .F.A.2.S.c.S.o.q
N 00000310 00 4d 00 53 00 51 00 41 00 2f 00 75 00 41 00 42 .M.S.Q.A./.u.A.B
N 00000320 00 70 00 43 00 69 00 61 00 6b 00 6f 00 68 00 69 .p.C.i.a.k.o.h.i
N 00000330 00 68 00 75 00 44 00 79 00 41 00 68 00 55 00 41 .h.u.D.y.A.h.U.A
N 00000340 00 36 00 4e 00 56 00 48 00 43 00 53 00 6b 00 50 .6.N.V.H.C.S.k.P
N 00000350 00 58 00 49 00 52 00 6c 00 63 00 57 00 2b 00 32 .X.I.R.l.c.W.+.2
N 00000360 00 6a 00 41 00 45 00 30 00 31 00 37 00 55 00 62 .j.A.E.0.1.7.U.b
N 00000370 00 61 00 63 00 34 00 3d .a.c.4.=
N Dump of InContext (ssoxxapi.c 155)
N 00000000 00 34 00 31 00 30 00 32 0f ff ff ff ff ff 54 e8 .4.1.0.2.ÿÿÿÿÿTè
N 00000010 00 00 00 01 83 37 73 10 0f ff ff ff ff ff 59 98 .....7s..ÿÿÿÿÿY.
N 00000020 00 00 01 bc 00 00 00 00 00 00 00 01 00 93 ee 8c ...¼..........î.
N 00000030
N Copies from InContext->Format: PKCS7 (ssoxxapi.c 162)
N Copies from InContext->pzcsProName: /usr/sap/DV1/DVEBMGS00/sec/SAPSYS.pse (ssoxxapi.c 165)
N DecodeB64Len returns 0. iDecLength=332
N Dump of Decoded ticket: (ssoxxapi.c 187)
N 00000000 02 31 31 30 30 20 00 0e 70 6f 72 74 61 6c 3a 41 .1100 ..portal:A
N 00000010 48 41 4d 45 45 44 88 00 13 62 61 73 69 63 61 75 HAMEED...basicau
N 00000020 74 68 65 6e 74 69 63 61 74 69 6f 6e 01 00 00 02 thentication....
N 00000030 00 03 30 30 30 03 00 03 45 50 44 04 00 0c 32 30 ..000...EPD...20
N 00000040 30 35 30 38 30 35 30 39 32 32 05 00 04 00 00 00 0508050922......
N 00000050 08 0a 00 00 ff 00 f5 30 81 f2 06 09 2a 86 48 86 ....ÿ.õ0.ò..*.H.
N 00000060 f7 0d 01 07 02 a0 81 e4 30 81 e1 02 01 01 31 0b ÷.... .ä0.á...1.
N 00000070 30 09 06 05 2b 0e 03 02 1a 05 00 30 0b 06 09 2a 0...+......0...*
N 00000080 86 48 86 f7 0d 01 07 01 31 81 c1 30 81 be 02 01 .H.÷....1.Á0.¾..
N 00000090 01 30 13 30 0e 31 0c 30 0a 06 03 55 04 03 13 03 .0.0.1.0...U....
N 000000A0 45 50 44 02 01 00 30 09 06 05 2b 0e 03 02 1a 05 EPD...0...+.....
N 000000B0 00 a0 5d 30 18 06 09 2a 86 48 86 f7 0d 01 09 03 . ]0...*.H.÷....
N 000000C0 31 0b 06 09 2a 86 48 86 f7 0d 01 07 01 30 1c 06 1...*.H.÷....0..
N 000000D0 09 2a 86 48 86 f7 0d 01 09 05 31 0f 17 0d 30 35 .*.H.÷....1...05
N 000000E0 30 38 30 35 30 39 32 32 30 35 5a 30 23 06 09 2a 0805092205Z0#..*
N 000000F0 86 48 86 f7 0d 01 09 04 31 16 04 14 37 11 92 f2 .H.÷....1...7..ò
N 00000100 97 a4 85 b6 76 9f 29 da 14 b2 93 43 fe c2 05 99 .¤.¶v.)Ú.².CþÂ..
N 00000110 30 09 06 07 2a 86 48 ce 38 04 03 04 2f 30 2d 02 0...*.HÎ8.../0-.
N 00000120 14 0d 92 71 2a 2a 31 24 00 fe e0 01 a4 28 9a 92 ...q**1$.þà.¤(..
N 00000130 88 62 86 e0 f2 02 15 00 e8 d5 47 09 29 0f 5c 84 .b.àò...èÕG.)..
N 00000140 65 71 6f b6 8c 01 34 d7 b5 1b 69 ce eqo¶..4×µ.iÎ
N Read version.
N Read Codepage.
N Read InfoUnit (0x20).
N Read length (14).
N Read contents.
N Read InfoUnit (0x88).
N Read length (19).
N Read contents.
N Read InfoUnit (0x01).
N Read length (0).
N Read contents.
N Read InfoUnit (0x02).
N Read length (3).
N Read contents.
N Read InfoUnit (0x03).
N Read length (3).
N Read contents.
N Read InfoUnit (0x04).
N Read length (12).
N Read contents.
N Read InfoUnit (0x05).
N Read length (4).
N Read contents.
N Read InfoUnit (0x0A).
N Read length (0).
N Read contents.
N Read InfoUnit (0xFF).
N ParseTicket returns 0. (ssoxxapi.c 199)
N Bytes processed: 85 (ssoxxapi.c 202)
N Argument Dump for ticket verification:
N Content byte stream:
N 00000000 02 31 31 30 30 20 00 0e 70 6f 72 74 61 6c 3a 41 .1100 ..portal:A
N 00000010 48 41 4d 45 45 44 88 00 13 62 61 73 69 63 61 75 HAMEED...basicau
N 00000020 74 68 65 6e 74 69 63 61 74 69 6f 6e 01 00 00 02 thentication....
N 00000030 00 03 30 30 30 03 00 03 45 50 44 04 00 0c 32 30 ..000...EPD...20
N 00000040 30 35 30 38 30 35 30 39 32 32 05 00 04 00 00 00 0508050922......
N 00000050 08 0a 00 00 ....
N
N Signature byte stream:
N 00000000 30 81 f2 06 09 2a 86 48 86 f7 0d 01 07 02 a0 81 0.ò..*.H.÷.... .
N 00000010 e4 30 81 e1 02 01 01 31 0b 30 09 06 05 2b 0e 03 ä0.á...1.0...+..
N 00000020 02 1a 05 00 30 0b 06 09 2a 86 48 86 f7 0d 01 07 ....0...*.H.÷...
N 00000030 01 31 81 c1 30 81 be 02 01 01 30 13 30 0e 31 0c .1.Á0.¾...0.0.1.
N 00000040 30 0a 06 03 55 04 03 13 03 45 50 44 02 01 00 30 0...U....EPD...0
N 00000050 09 06 05 2b 0e 03 02 1a 05 00 a0 5d 30 18 06 09 ...+...... ]0...
N 00000060 2a 86 48 86 f7 0d 01 09 03 31 0b 06 09 2a 86 48 .H.÷....1....H
N 00000070 86 f7 0d 01 07 01 30 1c 06 09 2a 86 48 86 f7 0d .÷....0...*.H.÷.
N 00000080 01 09 05 31 0f 17 0d 30 35 30 38 30 35 30 39 32 ...1...050805092
N 00000090 32 30 35 5a 30 23 06 09 2a 86 48 86 f7 0d 01 09 205Z0#..*.H.÷...
N 000000A0 04 31 16 04 14 37 11 92 f2 97 a4 85 b6 76 9f 29 .1...7..ò.¤.¶v.)
N 000000B0 da 14 b2 93 43 fe c2 05 99 30 09 06 07 2a 86 48 Ú.².CþÂ..0...*.H
N 000000C0 ce 38 04 03 04 2f 30 2d 02 14 0d 92 71 2a 2a 31 Î8.../0-....q**1
N 000000D0 24 00 fe e0 01 a4 28 9a 92 88 62 86 e0 f2 02 15 $.þà.¤(...b.àò..
N 000000E0 00 e8 d5 47 09 29 0f 5c 84 65 71 6f b6 8c 01 34 .èÕG.)..eqo¶..4
N 000000F0 d7 b5 1b 69 ce ×µ.iÎ
N Encoded content byte stream:
N 00000000 30 63 06 09 2a 86 48 86 f7 0d 01 07 01 a0 56 04 0c..*.H.÷.... V.
N 00000010 54 02 31 31 30 30 20 00 0e 70 6f 72 74 61 6c 3a T.1100 ..portal:
N 00000020 41 48 41 4d 45 45 44 88 00 13 62 61 73 69 63 61 AHAMEED...basica
N 00000030 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 01 00 00 uthentication...
N 00000040 02 00 03 30 30 30 03 00 03 45 50 44 04 00 0c 32 ...000...EPD...2
N 00000050 30 30 35 30 38 30 35 30 39 32 32 05 00 04 00 00 00508050922.....
N 00000060 00 08 0a 00 00 .....
N Verify returns 0 (ssoxxsgn.c 189)
N Certificate is:
N 00000000 30 82 02 1d 30 82 02 08 02 01 00 30 09 06 07 2a 0...0......0...*
N 00000010 86 48 ce 38 04 03 30 0e 31 0c 30 0a 06 03 55 04 .HÎ8..0.1.0...U.
N 00000020 03 13 03 45 50 44 30 1e 17 0d 30 35 30 37 30 35 ...EPD0...050705
N 00000030 31 31 34 30 35 30 5a 17 0d 30 37 30 37 30 35 31 114050Z..0707051
N 00000040 31 34 30 35 30 5a 30 0e 31 0c 30 0a 06 03 55 04 14050Z0.1.0...U.
N 00000050 03 13 03 45 50 44 30 82 01 b6 30 82 01 2b 06 07 ...EPD0..¶0..+..
N 00000060 2a 86 48 ce 38 04 01 30 82 01 1e 02 81 81 00 82 *.HÎ8..0........
N 00000070 7d d4 9c a2 05 69 84 e9 83 71 b1 34 0d 5d 71 83 }Ô.¢.i.é.q±4.]q.
N 00000080 92 85 b2 5a ca a3 82 d7 ac 38 6e 94 40 84 3f 0a ..²ZÊ£.×¬8n.@.?.
N 00000090 46 7a a8 75 a8 c1 ca 3b 70 ba 6a 97 07 12 f6 b1 Fz¨u¨ÁÊ;pºj...ö±
N 000000A0 99 ed 3e ec 53 13 f3 94 0a 67 bb d6 9f 38 72 29 .í>ìS.ó..g»Ö.8r)
N 000000B0 61 ab 02 3d 17 a1 33 3c 52 23 5d 9f b7 d1 0e 95 a«.=.¡3<R#].·Ñ..
N 000000C0 e3 a5 5e f9 b0 4f c7 c9 20 c5 72 da 7a c3 d5 0f ã¥^ù°OÇÉ ÅrÚzÃÕ.
N 000000D0 24 0d bb 8e 54 da 9e bb 70 21 11 c5 35 82 e5 35 $.».TÚ.»p!.Å5.å5
N 000000E0 85 2e 9f 59 39 79 b3 32 50 c8 86 83 96 19 17 02 ...Y9y³2PÈ......
N 000000F0 15 00 fa 50 79 da fa 3f 3a b1 e8 0a 6d f5 bd 16 ..úPyÚú?:±è.mõ½.
N 00000100 f2 24 d8 f8 d7 1b 02 81 80 4f bd f5 2e 33 04 f0 ò$Øø×....O½õ.3.ð
N 00000110 51 c1 7c a5 5c 93 81 b5 c1 7d 4c 20 50 76 85 34 QÁ|¥..µÁ}L Pv.4
N 00000120 50 cf d9 fc 72 b2 e1 b2 b1 6f a0 10 48 b8 ff 17 PÏÙür²á²±o .H¸ÿ.
N 00000130 e7 a9 0a e1 e0 18 05 3e 34 d9 d5 61 df 71 4c c8 ç©.áà..>4ÙÕaßqLÈ
N 00000140 dc 92 b1 51 b5 df 66 59 70 6b 5e 57 c3 19 a2 d6 Ü.±QµßfYpk^WÃ.¢Ö
N 00000150 58 3b 7d 32 d2 e9 e1 f1 66 3e aa ac 46 0d cd 4e X;}2Òéáñf>ª¬F.ÍN
N 00000160 67 70 36 f7 f9 be 0b 2e 16 a0 5d 69 5d 5b 81 13 gp6÷ù¾... ]i][..
N 00000170 a9 03 cb 38 63 56 1a bd 36 4a 5d 6c 15 66 17 fa ©.Ë8cV.½6J]l.f.ú
N 00000180 10 a3 20 99 e1 d2 34 77 13 03 81 84 00 02 81 80 .£ .áÒ4w........
N 00000190 6b a6 d4 4e e8 03 f6 f1 35 83 fb 37 01 1f 3c 5c k¦ÔNè.öñ5.û7..<
N 000001A0 8e 75 ad 1f 2d b3 9b 69 4f b3 a3 36 b6 9f 38 07 .u..-³.iO³£6¶.8.
N 000001B0 fe bf f1 0b ca 24 fe 5c a7 33 a1 55 c9 65 c5 4c þ¿ñ.Ê$þ\u00A73¡UÉeÅL
N 000001C0 97 a1 e7 58 d1 47 7f 72 36 47 bf f4 cc 6d 12 14 .¡çXÑG.r6G¿ôÌm..
N 000001D0 cc 61 be 82 b5 50 be 16 7a cc 4d 47 1e 80 2f 6d Ìa¾.µP¾.zÌMG../m
N 000001E0 2e d4 19 69 80 e6 26 13 23 4f 07 0a 9c 87 13 91 .Ô.i.æ&.#O......
N 000001F0 7b 75 57 93 e1 8d 42 5f 28 47 e2 61 27 6d 0c 4c {uW.á.B_(Gâa'm.L
N 00000200 55 99 37 33 cc 92 c0 b9 06 d1 99 68 d0 17 c1 4d U.73Ì.À¹.Ñ.hÐ.ÁM
N 00000210 30 0c 06 08 2a 86 48 86 f7 0d 02 05 05 00 03 01 0...*.H.÷.......
N 00000220 00 .
N ValidateTicket returns 0. (ssoxxapi.c 225)
N MskiValidateTicket returns 0.
N Next node:
N 00000000 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000060 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000090 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000100 00 00 00 00 00 00 00 00 00 00 00 01 84 e7 8a 10 .............ç..
N 00000110 00 00 00 00 00 00 00 00 ........
N Next node:
N 00000000 02 00 30 00 30 00 30 00 00 00 00 00 00 00 00 00 ..0.0.0.........
N 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000060 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000090 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000100 00 00 00 06 00 03 00 00 00 00 00 01 84 e7 95 10 .............ç..
N 00000110 00 00 00 01 84 e4 37 b0 .....ä7°
N Next node:
N 00000000 03 00 45 00 50 00 44 00 00 00 00 00 00 00 00 00 ..E.P.D.........
N 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000060 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000090 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000100 00 00 00 06 00 03 00 00 00 00 00 01 85 0e cd 30 ..............Í0
N 00000110 00 00 00 01 84 e7 8a 10 .....ç..
N Next node:
N 00000000 04 00 32 00 30 00 30 00 35 00 30 00 38 00 30 00 ..2.0.0.5.0.8.0.
N 00000010 35 00 30 00 39 00 32 00 32 00 00 00 00 00 00 00 5.0.9.2.2.......
N 00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000060 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000090 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000100 00 00 00 18 00 0c 00 00 00 00 00 01 85 0e d0 b0 ..............Ð°
N 00000110 00 00 00 01 84 e7 95 10 .....ç..
N Next node:
N 00000000 05 00 00 00 08 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000060 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000090 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000100 00 00 00 04 00 00 00 00 00 00 00 01 85 0f 76 90 ..............v.
N 00000110 00 00 00 01 85 0e cd 30 ......Í0
N Next node:
N 00000000 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000060 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000090 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000100 00 00 00 00 00 00 00 00 00 00 00 01 84 0a a6 30 ..............¦0
N 00000110 00 00 00 01 85 0e d0 b0 ......Ð°
N Next node:
N 00000000 20 70 6f 72 74 61 6c 3a 41 48 41 4d 45 45 44 00 portal:AHAMEED.
N 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000060 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000090 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000100 00 00 00 0e 00 00 00 00 00 00 00 01 84 0b 7a 10 ..............z.
N 00000110 00 00 00 01 85 0f 76 90 ......v.
N Next node:
N 00000000 88 62 61 73 69 63 61 75 74 68 65 6e 74 69 63 61 .basicauthentica
N 00000010 74 69 6f 6e 00 00 00 00 00 00 00 00 00 00 00 00 tion............
N 00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000060 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000090 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 000000F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000100 00 00 00 13 00 00 00 00 00 00 00 00 00 00 00 00 ................
N 00000110 00 00 00 01 84 0a a6 30 ......¦0
N Got content client = 000.
N Got content sysid = EPD .
N No entry in TWPSSO2ACL for SYS EPD and CLI 000.
N CheckSubject failed (rc=19). Verifying if ticket was issued by me.
N *** ERROR => System ID and client from ticket are not the same than mine. (ssoxxkrn.c 798)
N Data from ticket: sysid=EPD , client=000
N My system data: sysid=DV1 , client=110
N *** ERROR => Neither was ticket issued by myself nor can I find issuer in TWPSSO2ACL. (ssoxxkrn.c 804)
N dy_signi_ext: issuer not trusted
M *** END USER TRACE NAME >SAPSYS < UID >915< MODE >1< STEP >1< TIME >053139< DATE >20050805< WP >0< WP_TYPE >DIA<
Thanks
Aneez

Problem about SSO using logon ticket with user mapping

Hi everyone ,
I had done SSO with Portal , BW and R/3 system.
I use logon ticket with user mapping .
When user name is same in Portal as in R/3 system, or user name is same in Portal as in BW , user can access R/3 transactions and BW report without logon.
There are some Portal users name which are different with R/3 user and BW user. And I done the user mapping for these user.
But some user mapping works fine,but most of them can't work,means that most of them need to enter mapped user ID and password.
What's the reason?
When SSO using logon ticket with user mapping, the Portal user which is different with R/3 user and BW user, can they access R/3 transaction iview and BW report iview without logon?

Hi Chen,
What you have done is correct. But the problem lies here.
Since you are using the same system object for accessing the iview, where the ticket method is set to SAPLOGONTICKET in the user Management property of the system object.
To avoid this create another system object like the previous one but set the logon method to UIDPW and select admin, user from the drop down box. Also create a system alias for this system.
Now create another iview like the previous one but link this iview to the new system. Now do the user mapping for the users which are different in portal compared with R/3. Now you should be able to login without any problems.
Another important point is login to portal with Fully qualified domain name. In the ITS property of the system object also give the FQDN.
Hope this helps
Regards
Arun

ABAP to FTP connect to non SAP UNIX system

Greetings~
I'm looking for a way (via function modules and/or BAPI) to transfer data in flat files from an SAP UNIX system to a non-SAP UNIX system using an ABAP program. I see FM's FTP_CONNECT and FTP_COMMAND however these seem to only work with UNIX systems running SAP as they require RFC_DESTINATION information. Anybody know which (if any) FM's can be used without the necessity of the target system running SAP/RFC?
Thanks!

Hi Joseph,
Please refer the below program.
REPORT ZHR_T777A_FEED.
tables: t777a. "Building Addresses
Internal Table for Building table.
data: begin of it_t777a occurs 0,
 build like t777a-build, "Building
 stext like t777a-stext, "Object Name
 cname like t777a-cname, "Address Supplement (c/o)
 ort01 like t777a-ort01, "City
 pstlz like t777a-pstlz, "Postal Code
 regio like t777a-regio, "Region (State, Province, County)
 end of it_t777a.
Internal Table for taking all fields of the above table in one line
separated by |(pipe).
data: begin of it_text occurs 0,
 text(131),
 end of it_text.
Constants: c_key type i value 26101957,
 c_dest type rfcdes-rfcdest value 'SAPFTPA'.
data: g_dhdl type i, "Handle
 g_dlen type i, "pass word length
 g_dpwd(30). "For storing password
Selection Screen Starts
SELECTION-SCREEN BEGIN OF BLOCK blk1 WITH FRAME TITLE TEXT-001.
parameters: p_user(30) default 'XXXXXXX' obligatory,
 p_pwd(30) default 'XXXXXXX' obligatory,
 p_host(64) default 'XXX.XXX.XX.XXX' obligatory.
SELECTION-SCREEN END OF BLOCK blk1.
SELECTION-SCREEN BEGIN OF BLOCK blk2 WITH FRAME TITLE TEXT-002.
parameters: p_file like rlgrap-filename default 't777a_feed.txt'.
SELECTION-SCREEN END OF BLOCK blk2.
Password not visible.
at Selection-screen output.
loop at screen.
 if screen-name = 'P_PWD'.
 screen-invisible = '1'.
 modify screen.
 endif.
endloop.
g_dpwd = p_pwd.
Start of selection
start-of-selection.
To fetch the data records from the table T777A.
select build stext cname ort01 pstlz regio
 from t777a
 into table it_t777a.
Sort the internal table by build.
if not it_t777a[] is initial.
 sort it_t777a by build.
endif.
Concatenate all the fields of above internal table records in one line
separated by |(pipe).
loop at it_t777a.
 concatenate it_t777a-build it_t777a-stext it_t777a-cname
 it_t777a-ort01 it_t777a-pstlz it_t777a-regio
 into it_text-text separated by '|'.
 append it_text.
 clear it_text.
endloop.
To get the length of the password.
g_dlen = strlen( g_dpwd ).
Below Function module is used to Encrypt the Password.
CALL FUNCTION 'HTTP_SCRAMBLE'
 EXPORTING
 SOURCE = g_dpwd "Actual password
 SOURCELEN = g_dlen
 KEY = c_key
 IMPORTING
 DESTINATION = g_dpwd. "Encyrpted Password
*Connects to the FTP Server as specified by user.
Call function 'SAPGUI_PROGRESS_INDICATOR'
 EXPORTING
 text = 'Connecting to FTP Server'.
Below function module is used to connect the FTP Server.
It Accepts only Encrypted Passwords.
This Function module will provide a handle to perform different
operations on the FTP Server via FTP Commands.
call function 'FTP_CONNECT'
 EXPORTING
 user = p_user
 password = g_dpwd
 host = p_host
 rfc_destination = c_dest
 IMPORTING
 handle = g_dhdl
 EXCEPTIONS
 NOT_CONNECTED.
if sy-subrc ne 0.
 format color col_negative.
 write:/ 'Error in Connection'.
else.
 write:/ 'FTP Connection is opened '.
endif.
**Transferring the data from internal table to FTP Server.
CALL FUNCTION 'FTP_R3_TO_SERVER'
 EXPORTING
 HANDLE = g_dhdl
 FNAME = p_file
 CHARACTER_MODE = 'X'
 TABLES
 TEXT = it_text
 EXCEPTIONS
 TCPIP_ERROR = 1
 COMMAND_ERROR = 2
 DATA_ERROR = 3
 OTHERS = 4.
IF SY-SUBRC <> 0.
 MESSAGE ID SY-MSGID TYPE SY-MSGTY NUMBER SY-MSGNO
 WITH SY-MSGV1 SY-MSGV2 SY-MSGV3 SY-MSGV4.
ELSE.
 write:/ 'File has created on FTP Server'.
ENDIF.
Call function 'SAPGUI_PROGRESS_INDICATOR'
 EXPORTING
 text = 'File has created on FTP Server'.
To Disconnect the FTP Server.
CALL FUNCTION 'FTP_DISCONNECT'
 EXPORTING
 HANDLE = g_dhdl.
To Disconnect the Destination.
CALL FUNCTION 'RFC_CONNECTION_CLOSE'
 EXPORTING
 destination = c_dest
 EXCEPTIONS
 others = 1.
Regards,
Kumar Bandanadham.

Utilities and SDK for Subsystem for UNIX-based Applications in Windows 8 doesn't install

Trying to install the package and well into the process I get an error message saying that my processor isn't supported and to contact my vendor.. I have a Lenovo U 410 LT with Win 8 Pro. It has an Intel Core i7 processor. I also tried the AMD version thinking they may have been swapped but it also does not install. How to get it installed? I really need the NFS in it.

Hi stewartmcadoo,
Welcome back to Lenovo Community Forums!
I’m sorry to hear that there is an error message displayed in your U410 Laptop while installing “Utilities and SDK for Subsystem for UNIX-based Applications in Windows 8”, make sure you are installing this application as an Administrator User, if the issue is same even in this user account, I suggest you to download the package again and right click in the downloaded file select “Run as administrator” to get it installed in administrator mode, below is the link to download the SDK package:
Utilities and SDK for Subsystem for UNIX-based Applications in Windows 8
Hope this helps!!!
Do post us back if the issue still persists.
Best Regards
Shiva Kumar
Did someone help you today? Press the star on the left to thank them with a Kudo!
If you find a post helpful and it answers your question, please mark it as an "Accepted Solution"! This will help the rest of the Community with similar issues identify the verified solution and benefit from it.
Follow @LenovoForums on Twitter!

SSO to SAP R3 thru ITS 6.20 with Logon tickets

Hi All,
I am trying to configure SSO to R3 thru ITS with the Logon Tickets.
I have configured R3 to accept the tickets using STRUSTSSO2.
Downloaded the verify.der file from Portal and imported to R3
And tried to test the System connection.
If I use SAP GUI for Windows,the logon ticket is passed and SSO happens
with out any problem.
But If I use SAP GUI for html,then ITS Logon screen appears and once I
enter the user id and password it logs in.
In ITS global.srvc file I have added the following parameter
~mysapcomusesso2cookie 1
I also have the following parameters in the global.srvc file
~login <space>
~password <space>
Do I need to configure any thing more in ITS.
Where am I going wrong.
I have read regarding Pluggable Authentication Service(PAS).Is this mandatory for SSO thru ITS
Please let me know
I am working on EP6 SP14
Any help is really appreciated
Thanks in advance
Regards,
Santhosh

Hi,
IWithin System definition of R/3 System, you've to give the FQDN of ITS just same as Portal system. For example if your Portal system's FQDN is below:
http://portal.hedehode.com:50000/irj
then the ITS Server definition (parameter ITS Hostname) must be:
itsserver.hedehode.com:port
for portal to resolve itsserver.hedehode.com host, you may need to enter its IP address into hosts (c:\windows\system32\drivers\etc\hosts) file of portal system.
<ip> itsserver.hedehode.com

Problem with logon ticket on a cluster J2EE environment.

Hi Experts,
We have a Portal system with one J2EE node running which issues logon ticket to do SSO into our R/3 4.6 system.
After we added another node into the J2EE cluster on another machine, we have problem SSO into our R/3 system if you login to that new node, but everything works fine if user login into the original node directly.
I checked the keystore in EP on both nodes and they look exactly the same.
do we need to do anything for this to work? any help much appreciated!
Thanks
Jerry.

Interesting, can you see the system landscape def from both nodes? If so, are the connection test results the same from both nodes?
Regards,
Patrick

BW Report iview and SSO w/Logon Tickets

I have some BW Report iviews configured which work great for me however I can't get them to work for any other endusers. I have administrator access and they do not. The error they get is;
Unable to lookup System 'aBWP100'. Please check the system object and the alias..
aBWP100 is our BW server name. I searched for OSS notes but didn't find anything. Any suggestions?

You need to make sure that the other users have access to BW system and also since you are using SSO w/Logon Tickes, they must have same userids and passwords in portal and bw system.
Thanks and Best regards,
Firasath Riyaz.

Integration of SAP Cloud for Customer with third party / legacy / non-sap system using SAP Netweaver PI

Hello,
has anyone experience with the Integration of a 3rd Party System with SAP C4C using SAP Netweaver Process Integration?
Is this a process of days, weeks or months?
Any documentation on this?
I am thankful for every Input!
BR, Roman

Roman,
Please read through the integration guides available on the SAP service marketplace as they address this specific topic in great detail.
http://service.sap.com/cloud4customer
The time duration of the project depends on the business process complexity being resolved and the level of integration desired between the different enterprise solutions in the landscape.
Thank you.

SOAP to SOAP principal propagation with logon tickets

I have configured a scenario using soap sender to soap receiver with an integrated configuration on PI 7.1. It is synchronous CE 7.11<->PI 7.10<->ECC 6.0. The scenario works with basic authentication. If I enable principal propagation on the sender side it still works fine. Now I have activated principal propagation on the receiver side and I get the following error in the message audit log:

<pre>
2010-05-07 09:01:50 Information MP: entering1
2010-05-07 09:01:50 Information MP: processing local module localejbs/sap.com/com.sap.aii.af.soapadapter/XISOAPAdapterBean
2010-05-07 09:01:50 Information SOAP: request message entering the adapter with user DAMZOG.JOCHE 
2010-05-07 09:01:50 Information SOAP: request message leaving the adapter (call)
2010-05-07 09:01:50 Information The application tries to send an XI message synchronously using connection SOAP_http://sap.com/xi/XI/System.
2010-05-07 09:01:50 Information Trying to put the message into the call queue.
2010-05-07 09:01:50 Information Message successfully put into the queue.
2010-05-07 09:01:50 Information The message was successfully retrieved from the call queue.
2010-05-07 09:01:50 Information The message status was set to DLNG.
2010-05-07 09:01:50 Information Delivering to channel: SOAP_MRByID_In5_R
2010-05-07 09:01:50 Information SOAP: request message entering the adapter with user J2EE_GUEST
2010-05-07 09:01:50 Fehler SOAP: call failed: java.io.IOException: unable to get URLConnection: com.sap.security.core.server.destinations.api.ConfigurationException: [destination_0004] Unable to create URLConnection:No logged in user found.
2010-05-07 09:01:50 Fehler SOAP: error occured: com.sap.engine.interfaces.messaging.api.exception.MessagingException: java.io.IOException: unable to get URLConnection: com.sap.security.core.server.destinations.api.ConfigurationException: [destination_0004] Unable to create URLConnection:No logged in user found.
2010-05-07 09:01:50 Fehler Adapter Framework caught exception: java.io.IOException: unable to get URLConnection: com.sap.security.core.server.destinations.api.ConfigurationException: [destination_0004] Unable to create URLConnection:No logged in user found.
2010-05-07 09:01:50 Fehler The message was successfully transmitted to endpoint com.sap.engine.interfaces.messaging.api.exception.MessagingException: java.io.IOException: unable to get URLConnection: com.sap.security.core.server.destinations.api.ConfigurationException: [destination_0004] Unable to create URLConnection:No logged in user found. using connection SOAP_http://sap.com/xi/XI/System.
2010-05-07 09:01:50 Fehler The message status was set to FAIL.
</pre>

Any ideas what could be wrong?
Edited by: Jochen Damzog on May 7, 2010 9:02 AM
Edited by: Jochen Damzog on May 7, 2010 9:06 AM
Edited by: Jochen Damzog on May 7, 2010 9:22 AM

The problem was due to the channels being not in the most recent state. A simple restart of the soap sender channel did the job.

SSO to non SAP Application using SAP Logon Ticket

Hi Experts,
I Have EP 7 SP 15 using SPNego Wizard to SSO with Active Directory and SSO between EP and ECC using SAP Certificates.
Now I have a demand to SSO some JAVA based applications (non SAP) to my portal using the SAP Logon Ticket.
I Have followed some blogs that directed me to use SAPSSOEXT (some libs) to read the MYSAPSSO2 cookie. The problem is that I didn't found this cookie, I even executed the command javascript:document to look for this cookie but the browser just show me the JSESSIONID info.
Does anybody knows where I can find this cookie or if there's a better way to set up this SSO? It´s necessary to say that I cannot SSO these application to the kerberos protocol because some security reasons on my company.
Thanks
Armando

Hi,
I dont have much info related but i can giv u hint
refer OSS Notes 442401 and 723896.
When using SAP logon tickets for non-SAP applications, two different implementation options are available. The difference lies in where the ticket verification takes place.
In the first case, the SAP logon ticket is submitted to the web server filter located on the web server. The web server filter verifies the portal serveru2019s public key
certificate using its local Personal Security Environment (PSE) and then populates the HTTP header field with the user ID for SSO to the non-sap web application.
In the second case, the SAP logon ticket is sent to the non-SAP application, which then verifies it using the ticket verification DLL and submits the user ID to the application for SSO.
You can refer following link :-
http://help.sap.com/saphelp_nw70/helpdata/EN/89/6eb8deaf2f11d5993700508b6b8b11/frameset.htm
user authentication and SSO
http://help.sap.com/saphelp_nw70/helpdata/EN/8f/ae29411ab3db2be10000000a1550b0/frameset.htm
Authentication Using a Directory with SSO Integration Using Logon Tickets
http://help.sap.com/saphelp_nw70/helpdata/EN/f8/3b514ca29011d5bdeb006094191908/frameset.htm
SSO
SAP Logon Ticket-based Single Sign-On
http://help.sap.com/saphelp_nwce10/helpdata/en/45/b6af743753003ae10000000a11466f/frameset.htm

SSO to Non-SAP using login-tickets

Hi all,
I'd like to set up an SSO connection to a non-SAP HTTP system by using the SSO web filter (iis_sso.dll) on IIS 5.0.
I've created an iView (using the application integrator) with the URL template : http://<ip-address-host>:82/reqvars.asp?<Authentication> in which <Authentication> is MYSAPSSO2=<Request.SSO2Ticket>. The reqvar.asp page comes with the web filter as an example and displays all HTTP header fields. That way you can check whether the user-ID has been extracted successfully from the SAP logon ticket. However, I fail to get any value into the REMOTE_USER variable. The ISAPI filter (iss_sso) has been installed (global) successfully.
I'm using the following settings in the verify.properties files:
remote_user_alias = REMOTE_USER
pse_file = C:\SSOFilter\verify.pse
application = portal
log_file = C:\SSOFilter\filter.log
log_level = 3
Remark: in the original example the remote_user_alias is set to REMOTE-USER: However, I feel this is wrong since the actual variable is REMOTE_USER. Also I have seen this one in another forum post as being a working properties file. Or should I use original value?
No entries are being written to the log so I believe nothing is happening at all.
The SSOFilter folder contains the following files:
iis_sso.dll
sapsecu.dll
sapsecu.lib
verify.properties
verify.pse
mfc71.dll, mfc71u.dll, msvcp71.dll, msvcr71.dll and sapsecin.exe
This folder also has been added to the environmental PATH variable.
Any suggestions would be highly appreciated (and rewarded ,
Frodo

Hi,
I dont have much info related but i can giv u hint
refer OSS Notes 442401 and 723896.
When using SAP logon tickets for non-SAP applications, two different implementation options are available. The difference lies in where the ticket verification takes place.
In the first case, the SAP logon ticket is submitted to the web server filter located on the web server. The web server filter verifies the portal serveru2019s public key
certificate using its local Personal Security Environment (PSE) and then populates the HTTP header field with the user ID for SSO to the non-sap web application.
In the second case, the SAP logon ticket is sent to the non-SAP application, which then verifies it using the ticket verification DLL and submits the user ID to the application for SSO.
You can refer following link :-
http://help.sap.com/saphelp_nw70/helpdata/EN/89/6eb8deaf2f11d5993700508b6b8b11/frameset.htm
user authentication and SSO
http://help.sap.com/saphelp_nw70/helpdata/EN/8f/ae29411ab3db2be10000000a1550b0/frameset.htm
Authentication Using a Directory with SSO Integration Using Logon Tickets
http://help.sap.com/saphelp_nw70/helpdata/EN/f8/3b514ca29011d5bdeb006094191908/frameset.htm
SSO
SAP Logon Ticket-based Single Sign-On
http://help.sap.com/saphelp_nwce10/helpdata/en/45/b6af743753003ae10000000a11466f/frameset.htm

SSO-Logon from mobile device - create logon ticket from WebDynpro for Java

Hi Experts,
I'm developing WebDynpro-JAVA application for some warehouse stuff (runs on a portal system, clients are mobile barcode-scanners with Windows mobile 5.0). JCOs from the portal system to the R/3-backend are confirgured for SSO with Logon-tickets and portal uses LDAP for authentication against a Windows-ADS.
This works so far ... but my problem is the standard Logon-screen, which is nearly unusable on the mobile device (screen size, layout, etc.). Is there any solution to create logon-tickets directly from the WebDynpro application (using something from com.sap.engine.interfaces.security.auth or similar ?) or any chance to have a special logon screen for mobile devices (parameter sap-wd-client=Pie03Client is ignored for the logon screen).
Thanks in advance.
regards,
Hendrik

Hi Henrik,
Did you find the solution to your problem ?
I'm facing the same issue, so I'd be pleased to know the solution!
Regards
Stekam

SSO with Logon Ticket to non-SAP Unix based application

Similar Messages

Maybe you are looking for