cancel
Showing results for 
Search instead for 
Did you mean: 

How do you stop BSPs on WebSEAL for asking for user-credentials?

Former Member
0 Kudos
936

Hi

We are currently having an issue with BSP Pages. When we test the BSP pages on the R/3 system they work OK. When we test them directly on the Portal then they too also work. The problem is that they are not working properly on our Intranet.

The intranet that we use is an IBM Tivoli product (also known as WebSEAL). We currently have WebSEAL SSO to our SAP Portal. This is working OK. When we use WebSEAL to access the portal we are prompted to enter our user-id and password so that the BSP page can be displayed. This should not be happening and it defeats the purpose of SSO. I have attached a screen shot document to demonstate this.

Some time ago we had a similar issue where the transactions on the portal (when executed from WebSEAL) were giving us a Webdynpro time-out error. I later determined that the cookie information was not being passed to WebSEAL. To fix this, I went to the Visual Administrator and went to server >> services >> web container and for the web container "sap.com/irj" I went to the cookie configuration to add a session cookie. By doing this I fixed my previous problem.

Coming back to my problem, I had a junction created in WebSEAL to point to the bsp directory (sap/bc/sap/bsp/*) on the host concerned. I had both a SSL and TCP junction created both resulted in error messages - stating that the client (SAP) is asking for user credentials.

Hoping that I have provided enough information above my question is as follows:

(1) How can I get the BSP messages to work on WebSEAL such that it will not ask for user credentials to be entered? Would this involve making a further change to a Web Container? If so - which container also needs a session cookie to be generated?

Thanks

Kind Regards

Rajdeep Kumar

View Entire Topic
Former Member
0 Kudos

Hi Rajdeep,

I recommend that you open a PMR with IBM.

It sounds to me that one or more of the following conditions is true:

1. SAP Login Ticket authentication is not configured among the SAP servers;

2. The SAP Login Ticket is not being passed from the issuing SAP system to the accepting SAP system, i.e. the R/3; or,

3. The accepting SAP system, the R/3, is not configured for Login Ticket authentication.

IBM support should be able to assist with condition 2. The other conditions are covered in SAP documentation.

Regards,

Peter Tuton.