Solved: Re: [ICF Handler] Retrieve MYSAPSSO2 cookie

guillaume-hrc · ‎2012 Aug 08

Hi,

I would like to get the SAP Logon Ticket (MYSAPSSO2 cookie) from an ICF handler I am using. This would allow me to generate a SAP shortcut for later use.

I know that the SAP Logon Ticket is embedded in the request that is issued because I can see it with a "javascript:alert(document.cookie):".

Yet, I cannot retrieve it on the ABAP side using this code in my ICF handler:

DATA: lt_cookies TYPE TIHTTPCKI.
server->request->GET_COOKIES( CHANGING cookies = lt_cookies ).

Thanks in advance for your help.

Best regards,

Guillaume

hendrik_brandes · ‎2012 Aug 08

Hello Guillaume,

have you tried to get the ticket from the form fields:

DATA:
  l_sso_header TYPE string.
l_sso_header = server->request->get_form_field( 'mysapsso2' ).

Kind regards,

Hendrik

hendrik_brandes · ‎2012 Aug 08

Hello Guillaume,

have you tried to get the ticket from the form fields:

DATA:
  l_sso_header TYPE string.
l_sso_header = server->request->get_form_field( 'mysapsso2' ).

Kind regards,

Hendrik

guillaume-hrc · ‎2012 Aug 08

Hello Hendrik,

Nope, does not work...

Worse, when you get the raw request using:

DATA: lo_converter   TYPE REF TO cl_abap_conv_in_ce,
         l_request_raw  TYPE xstring,
         l_request_str  TYPE string.
  l_request_raw = server->request->get_raw_message( ).    " le contenu brut a un MYSAPSS02 vide !
  lo_converter = cl_abap_conv_in_ce=>create( input = l_request_raw ).
  lo_converter->read( IMPORTING data = l_request_str ).

well... mysapsso2 is here but it's empty (as if being erased by the standard?)!

Why so many cautions when you can put it simply in an hidden form field on the client side??

Best regards,

Guillaume

hendrik_brandes · ‎2012 Aug 09

Hello Guillaume,

if your mysapsso2 is empty, you should check first you Instance-Parameters if SSO is activated. What are the values of this parameters:

login/create_sso2_ticket
login/accept_sso2_ticket

Kind regards,

Hendrik

guillaume-hrc · ‎2012 Aug 09

Hi,

The SAP Logon TIcket is set, I can see it on the client side using javascript.

Besides, I am even capable of retrieving it if I call a BSP, inject the cookie in a form field and send it back to the backend (thanks Gregor Wolf and its ZAPP_INTEGRATOR tool).

The question is: how should I do the same thing using a 'mere' ICF handler because I do not want to open BSP pages on the client side (irritating fugitive IE screens all over the screen).

I am under the impression that, on the backend side, there is a great deal of effort that is done to prevent customer code to access SAP Logon Ticket...

Thanks.

Best regards,

Guillaume

athavanraja · ‎2013 Mar 02

Hi Guillaume,

Did you succeed in this? I am trying a similar stuff, any pointer would be helpful. Also i am trying to verfiy the signature as well.

Regards

Raja

guillaume-hrc · ‎2013 Mar 04

Hi Raja,

Unfortunately not...

I had to give up... for the time being.

I guess it is deleted for the request object way before your ICF handler is processed.

Best regards,

Guillaume

By Category

Related Content

Activity Groups

Industry Groups

Influence and Feedback Groups

Interest Groups

Location Groups

Customer Only Groups

Forums

Related Resources

Products

Learning and Support

About

My Account

My Account

[ICF Handler] Retrieve MYSAPSSO2 cookie