User authentication through cx module

Similar Messages

• ACS user authenticating through Windows Database

  Hello,
  Please, i need a document/ guideline on how to configure ACS 4.2 user authenticating through Windows Database and the ACS server is running on an appliance.
  Please, help.
  Regards,
  Ethelbert

  Hi,
  If you delete the user in AD, then it would not authenticate the user even if the dynamic mapped user exists in the ACS database, as the password would not be verified from the AD for the user.
  The dynamically mapped user entry would still exist in ACS and would not get deleted if the user is deleted from AD.
  tnx
  somishra

• How to do user authentication through manually access sql user database

  I have a table of user accounnts in sql, by using tomcat jsp, how can I authenticate users by manually accessing user account in sql ??
  Thanks in advance

  What is there to do?
  - Display page asking for username/password
  - retrieve typed in user name password
  - run query on database - something like "select userid from users where username = ? and password = ?"
  - if a record is returned, you have got a user - forward control to the correct jsp. If not, then it is incorrect - go back to the login page with an error message.
  - Normally on successful login you add something into the session (eg a user object) so you can tell if someone is logged in or not by looking for that object.
  Whats hard about any of this?

• Bypass user authentication

  We have setup Proxy 3.6 for user authentication through LDAP (using Directory Server 5.1). We need to bypass authentication for certain URLs. While we have achieved this using regular expressions, there are some sites using images, scripts etc from other external URLs and so we get prompted to enter username/password. Of course we can create new regex for these external URLs also, but the question is: if there is a more elegant way to avoid this i.e. when we visit such a URL to get all the content without bothering about external links etc.
  Thx

  This is not a security leak but a configuration issue. If the client utility and the ACS, ADS database is correctly configured then you will not see any issues.

• Function Module used for user Authentication in B2B webshop

  Hi Gurus,
  Can someone please help me in finding a Function module which is getting called for the user authentication in B2B webshop and where can i find this class file which is getting called in the NWDS?
  Thanks
  Saurabh

  Depending upon if you are coming from Portal (SSO) or B2B logon screen, one of the following function modules is called to authenticate authorize the B2B application usage.
  CRM_ISA_IUSER_LOGIN
  CRM_ISA_LOGIN_CHECKS
  Easwar Ram
  http://www.parxlns.com

• Configure User Authentication on SOAP Receiver Adapter

  Hi,
  I am calling a WebService that is available over the internet.  We are on PI 7.1 and I am using a Soap Receiver Adapter.  The configuration was downloaded from SAP in a partner package.  The development in the package was done on XI3. 
  I need to call the WS with user authentication.  I've selected the "Configure User Authentication" radio button and entered the username and password.  The message fail with "HTTP 401 Unauthorized" and it is because the user details are not being send from the adapter.  If I copy the XML payload to a XML tool, like Stylus Studio, I can call the webservice successfully.  I've read through numerous blogs and messages on this Forum, including adding the adapter module (MessageTransformBean) and changing the Conversion Parameters without any luck. 
  Any suggestions please?
  Thanks

  I am calling a WebService that is available over the internet.
  I copy the XML payload to a XML tool, like Stylus Studio, I can call the webservice successfully.
  normally the webservices that we use (from internet) are freely available...meaning they dont require any username/ password.
  if no credentials are required then do not select Configure User Authentication...uncheck it....if user-details are provided by the Webservice, then use these details (not your XI/ PI user details) in the channel.
  Are you using any user-name/ password while testing from SOAP tools?
  Regards,
  Abhishek.

• Proxy user authentication with BC4J

  On my webapp i have a connections pool and a MyApplicationModule.
  I can obtain a OracleConnection instace by overriding the method prepareSession()
  into the application module.
  I need to associate the OracleConnection with the ApplicationModule object to execute my queries with the application module and the proxy user.
  The application module is created by this code:
  appMod = (MyApplicationModule)Configuration.createRootApplicationModule("xx.xxx.MyApplicationModule", "MyApplicationModuleLocalTest1");
  The prepareSession ovverride is done by this code:
  protected void prepareSession(Session session) {
  Statement st = null;
  try {
  st = getDBTransaction().createPreparedStatement("rollback",0);
  OracleConnection oConn = (OracleConnection)st.getConnection();
  Properties props = new Properties();
  props.put("PROXY_USER_NAME", "USERTEST");
  oConn.openProxySession
  (OracleConnection.PROXYTYPE_USER_NAME,props);
  catch (SQLException s) {
  //ignore
  finally {
  if (st != null) {
  try {
  st.close();
  catch (SQLException s) { }
  super.prepareSession(session);
  Tanks and sorry for my poor english.

  I found the possibility that proxy authentication of both accounts can be enforced:
  SQL> alter user appuser grant connect through personaluser AUTHENTICATION REQUIRED;
  I guess that this is the motivation for implementing the 2-session proxy connection method in SQL Developer.
  Regards,
  Martin

• How to capture userinfo after a partner application is authenticated through SSOSDK?

  I have successfully installed and deployed the Partner application for Portal using SSOSDK. My question is, once the user is authenticated through SSOPartnerServlet.java and gets thrown back to the partner app(PAPP), how do we get the user info(i.e. username) from the PAPP?
  Is there an API?
  I have already asked this question from oracle tech and they told me to post it
  Thanks,
  Hamid

  Pass the name of a subrotine to handle your user commands to the fm parameter.
  I_CALLBACK_USER_COMMAND = 'USER_COMMAND'.
  Then code for the user command function,
  form user_command using r_ucomm type sy-ucomm.
  case r_ucomm.
  when '<FCODE of your button>'.
  Code your logic....
  endcase.
  endform.
  To add your button using your own pf-status, you should copy a standard gui status and modify it.
  To trigger this pf-status you should pass routine name to I_CALLBACK_PF_STATUS_SET.(I_CALLBACK_PF_STATUS_SET = 'SET_PF_STATUS..)
  form set_pf_status.
  set pf-status 'ZSTAT'.  "THis ZSTAT must be created by copying a STANDARD pf-status of say some std program like SAPLKKBL. and then modifying it.
  endform.

• Printing ALV Report output through Function Modules

  Hi All,
  I want to print my ALV Grid output through function modules/statement (not through print option in menu).
  This is because, i am generating a PDF from spool when user clicks on a button. If any changes happened in the ALV output layout, they will be captured in spool through printing it.
  So can you please tell me how to print the ALV Output through FMs or sending the ALV output to spool.
  Thanks & Regards,
  Senthil.
  Edited by: senthil nathan on May 17, 2010 2:49 PM

  Hi Dev,
  Thanks for the reply.
  I want to print the ALV when the user clicks on a button in toolbar. Lets say the user has made some changes to the layout, (E.g hiding a field) and when i print that output it should use the changed layout, If i use the FM suggested by you, i cant acheive this.
  If you try to print this manually, the system uses the changed layout and not the original. Thats why i want to know FMs/statement to print.
  Regards,
  Senthil.

• End-to-End user authentication with XI

  Dear community,
  we sit in a situation where the customer wants to have an end-to-end-authentication throughout an integration process.
  The setup is as follows: a dialog-user in a legacy system uses an application that triggers an integration process through XI into SAP ERP. The dialog-user in the legacy system must be used for authentication in XI as well as SAP ERP.
  To avoid having to re-create all users in XI and SAP ERP, ideally an LDAP instance would be used for authentication.
  Based on my knowledge, the above scenario is not possible with XI and there is a 2 year old thread discussing the same without any positive outcome:
  XI and user authentication VS R/3 systems
  Nevertheless I consider this requirement as a pretty standard one. Has there been any development in this area - or how have similar customer requirements been met ?
  Thanks a lot in advance !
  Jochen

  Hi Jochen,
  i've heard rumours saying that credential forwarding will be incorporated in the next XI release as it is a rather frequent requirement by customers and will make live much easier.
  Maybe you can get a statement through your clients SAP account representative on the release date and the planned feature.
  Regards
  Christine

• GRC AC 10.0 - CUP User Authentication

  Hi All
  We have installed GRC AC 10.0 as a part of ramp up implementation. We will soon start with the configuration steps. For user interfacing we have 2 options (1) NWBC (2) Portal. Architecture of GRC AC 10.0 is based on webdynpro ABAP.
  Now we had a question wherein if we choose NWBC as a front end, then how do we integrate the LDAP for CUP user authentication.
  If we need to integrate LDAP as a authentication source for users in CUP, do we have the only option of going with Portal as a user interface.
  Please advise.
  Thank you.
  Anjan pandey

  > That feature in AC 10.0 is called End User Login and will have it's own URL to access via browser.
  Thanks Frank for your response. I did go through the RKT documents and seems that there is a link through which the end users will create request. we have also planned to setup a LDAP connectivity for user authentication.
  Thanks.
  Anjan Pandey

• SAP User Authentication via Windows Active Directory

  The non-profit company I work for as an SAP Security Admin has been using SAP since 1999.  We are currently running ECC 6.0, BI 7.0, and CRM 7.0.  With fewer than 300 SAP users, we have not implemented CUA, so each of our multiple clients in these systems is managed independently. 
  The company recently licensed and implemented some non-SAP software to be used by all of our employees (~1200) in keeping track of & catagorizing their work time; a very handy feature of this software is that it depends upon Windows Active Directory for user authentication.  Therefore, each employee logs into this time-keeping package by entering his/her standard PC userID & password.  If you can log onto your PC, you can log into the time-keeping software. 
  That got me thinking & researching, because our SAP users - especially those who have access to three or more SAP clients - must maintain their passwords independently in each SAP client that they hope to access in the future.  I'm certainly not the first person who has thought of how nice it would be to permit SAP users to log into all SAP clients across the landscape in which they have defined userIDs, using the same password that they are using to log into their PCs (i.e., the password that is stored & maintained in Windows Active Directory).  My quest has led me to find presentations on this topic that typically involve modules we aren't using & very complicated configurations that we really lack the time & resources to employ; or, to third-party solution providers who claim to be certified SAP partners who would love to sell us more software to provide this convenience, usually irelated to single sign-on, LDAP, etc.  The lowest pricing tier for such software usually would cover many times the number of SAP users we have to serve here - and it feels like trying to push in a tack using a sledgehammer.  It is true that we have not used the same userID for our PCs that we have defined in SAP, so there would need to be some way to translate from one to the other, but our PC password rules are consistent with those we have configured in SAP clients, so it seems to me it should be very simple.   Can anyone lead me to a more straightforward solution?  If not, can you articulate why this has to be so complicated using SAP software when it seems so simple using relatively inexpensive timekeeping sotware?

  >
  Gagan Deep Kaushal wrote:
  > Hi Tim,
  >
  > Its nice to see video.
  >
  > Is that mean using different username on OS and SAP level still we can achieve SSO.
  >
  > Correct if if am wrong.
  > The only thing we need to maintain SNC name.
  Once installed, yes. This is all you need to maintain when users are added. You can even use LDAP if you like to sync all user info between SAP and MS AD domain, but this cannot sync the password, so using SNC authentication instead of using SAP passwords is ideal.
  >
  > So for user test1 i can manage name as p:test2.....  ??
  Yes, that is correct. The mapping is maintained using standard SAP user management, such as su01. The user in AD domain might have long account name, e.g. "firstname.verylonglastname" which is too big for use as a SAP username so you can map this long AD account name onto a SAP user called FIRSTLAST in one or more SAP clients.
  >
  > I think that is what Ronald is also looking, user name need not to be same.
  >
  > Regards,
  > Gagan Deep Kaushal

• Not Authorized HTTP Error 401. The requested resource requires user authentication.

  Hi All,
  I have MDS web application on one server and MDS DB on another, both in same domain .
  MDS web application is created as new website on same IIS with SharePoint and have their own port assign
  In IIS Windows Authentication is added and enabled.
  Users do have function permission and module enabled.
  MDS is accessible only on server where web application is.
  When it is accessed from any computer within domain error is
  Not Authorized
  HTTP Error 401. The requested resource requires user authentication.
  Can anyone offer any suggestions?
  Thanks
  Zorko

  Hi Zorko,
  The issue may happen in case:
  1. The Master Data Service(MDS) web application is running under a domain user account
  2. You didn't register a Service Principal Name(SPN) for the account
  3. You are using fully qualified domain name(FQDN) or host name to access the MDS
  4. You are able to access the MDS by IP address(http://<ip address>)
  If I am right, it is because of the browser choose to use Kerberos authentication to connect to the MDS.
  So then, to fix the issue, please:
  Register SPN for the application pool account. Enable the delegation.
  Or, please force the web site to use NTLM authentication only.
  For more information, please see:
  How to use SPNs when you configure Web applications that are hosted on Internet Information Services:
  http://support.microsoft.com/kb/929650
  Forcing NTLM Authentication (IIS 6.0):
  http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/7258232a-5e16-4a83-b76e-11e07c3f2615.mspx?mfr=true
  Thanks,
  Jinchun Chen
  Jinchun Chen(JC)
  TechNet Community Support

• Using Proxy User Authentication in Sql Developer

  Hi!
  Is it possible to use proxy user authentication in SQL Developer? I'm thinking that if I'm clever enough, I can craft a custom jdbc URL that will allow my users to proxy authenticate into my Oracle 10gR2 database while using SQL Developer.
  Unfortunately, I'm not feeling all that clever. ;)
  Can anybody help me out here? Is it even in the realm of possibility?
  Thanks!
  Kevin Ferlazzo
  DBA
  VA Department of Juvenile Justice

  I found the possibility that proxy authentication of both accounts can be enforced:
  SQL> alter user appuser grant connect through personaluser AUTHENTICATION REQUIRED;
  I guess that this is the motivation for implementing the 2-session proxy connection method in SQL Developer.
  Regards,
  Martin

• Proxy User Authentication with SQL Developer

  Hello,
  I realized that there are 2 methods for configuring SQL Developer to user Proxy User Authentication.
  1) one-session method with Syntax:
  personaluser[appuser]
  2) two session-method with dialog "Proxy Connection"
  For me it is unclear, why anybody would want to use the two-session-method.
  a. you need username/password for both user acocunts (personaluser and appuser)
  b. it is unclear which operations in SQL Developer are using the personaluser account. It seems that the SQL Window is only using appuser account.
  What was the motivation to implement Two Session Method?
  Best regards,
  Martin

  I found the possibility that proxy authentication of both accounts can be enforced:
  SQL> alter user appuser grant connect through personaluser AUTHENTICATION REQUIRED;
  I guess that this is the motivation for implementing the 2-session proxy connection method in SQL Developer.
  Regards,
  Martin