cancel
Showing results for 
Search instead for 
Did you mean: 

Generating Logon Tickets

SandipAgarwalla
Active Contributor
0 Kudos

Hi All,

Need some help on how to generate/Accept Logon Tickets from web dynpro applications.

well, what i am trying is ,when ever i will try to access a WD application , it should ask for an authentication & on success,it should generate a Logon Ticket for that User ID..

In the help , its written that you have to modify the login modules for that particular app..But the problem is i am not able to find that WD application inside <b><i>Policy Configuration Tab</i></b> under <b><i>Security Provider service</i></b>..Where to find it?

Also, i would like to know, do i have to create the User IDs in the UME who will have valid access to that application ?

How about accepting a logon ticket from WD application?

Please help me on this.

Regards,

Sandip

View Entire Topic
Former Member
0 Kudos

Hi sandip

If you are using WebDynpro to issue logon tickets then ensure the following are done.

1. Users are maintained in the User store of the J2EE.

2. The SAP system is configured to accept logon tickets. Maintain profile parameters in SAP.

3. The Model data in JCO connection is configured to use Tickets. The metadata will be a username/password.

Note : the users should be valid users in R/3 for tickets to work.

Once it is done, when you log in to Webdynpro through a user say "developer" a ticket is issued by the J2ee to R/3 which checks if developer is a valid user and generates a ticket.

Let me know if you require more information.

regards

Ravi

SandipAgarwalla
Active Contributor
0 Kudos

HI Ravi.

Thankx for your reply.

Would like to know some more details on the points you made.

1) Reg: User Store Of J2EE

Do the same user say "developer" has to be created in the UME ? Any roles that need to be assigned ?

2) What are profile parameters of SAP.How to do it?

One major issue that i am facing is how to modify the login module (CreateLoginTicketModule) for the Web Dynpro application.Its written that it has to be done in the Security Provider Tab. But the problem is i am not getting the application under the policy configuration tab.

Please help me in finding that.

Regards,

sandip

former_member182372
Active Contributor
0 Kudos

Hello,

very useful docs:

http://help.sap.com/saphelp_nw04/helpdata/en/8c/f03541c6afd92be10000000a1550b0/frameset.htm

https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.docs/library/unkown/how to configure sso in a complex system landscape.pdf

first one gives the answer for second question:

<i>Set the profile parameter login/accept_sso2_ticket = 1. Set login/create_sso2_ticket = 0 unless the server should also be able to issue tickets. (Use DEFAULT.PFL.)

</i>

To "enjoy" default SSO between webdynpro and r/3 you should use adaptive RFC model which is not always acceptable. The second document explains how to obtain sso ticket (from HTTPDestination) which can be passed to JCO.createClient.

Regards, Maxim R.