cancel
Showing results for 
Search instead for 
Did you mean: 

Link inside BSP application requires new login

Former Member
0 Kudos

Hello,

I am having a problem with a link to another controller inside my BSP application. Everytime I call this controller I get the login screen again. What makes the WAS refer to authorization again?

I am running a stateful application, the link I am having a problem with is a relative link to the controller in question (i.e. something like "test2.do?par1=1&par2=2...").

The link itself is completed by the framework. So when I check the link in the browser, it looks exactly like the original application url - inluding the mangling code. Just the page/controller and the parameters are different.

The original app session is not closed either.

Any hint on this? Where do I find information on when the WAS calls for a new authorization /new session?

There is a FQDN in the server profile (xx.yyyyy.de).

TIA

Peter

Accepted Solutions (1)

Accepted Solutions (1)

rainer_liebisch
Contributor
0 Kudos

Hi Peter,

I would recommend to install a HTTP trace tool on your computer and create a trace of your application. There you can see for which object you get the code 401 (which reqires authentication). For details please read:

/people/brian.mckellar/blog/2003/10/01/bsp-trouble-shooting-http-logging

/people/brian.mckellar/blog/2003/10/12/bsp-trouble-shooting-http-browser-traces

Maybe you load an image or another object which requires authentcation.

Regards,

Rainer

Former Member
0 Kudos

Hi Rainer,

while I do know that I get code 401, I have yet to discover why! I will double-check the blogs again though.

I once stumble across some details about when the BSP framework requests new authorization, but cannot find it anymore. Maybe anyone else does have some hints.

Regards

Peter

athavanraja
Active Contributor
0 Kudos

check whether SSO is enabled by running the following BSP

=>Application - SYSTEM

=>page - sso2test.htm

Regards

Raja

thomasalexander_ritter
Active Contributor
0 Kudos

Hi Peter,

I have a similar problem. One question regarding your scenario. Do you open the other controller in a new window?

regards

Thomas

Carola1
Product and Topic Expert
Product and Topic Expert
0 Kudos

Hello,

we had the same problems within a stateless application where we had links to documention opened in a separate window. We completed the link 'http://service.sap.com/~sapidb/002006825000100189942000'.

by the server name as following.


concatenate i_link '?smpsrv=http://' sy-host '.wdf.sap.corp:1080'

This solved the problem with repeated login.

Kind regards.

Carola

Former Member
0 Kudos

Hi Thomas,

yes, I do open a new window. I did check the HTTP log using the info in the blogs Rainer provided a few lines further up.

The URL of the new window does match the old application, yet it gets a 401.

SSO should not be of any importance as I have logged onto the app in the first place. I just don't want a second login for another page in the same application....

I know I will get a new login for a different URL, but the URL in question is exactly identical up to the controller part (path, mangling code etc..).

IMHO I should not get a new login - even in a new window (?).

TIA

Peter

Former Member
0 Kudos

Hello Carola,

we are running a single server environment here - so your hint should not apply (?).

Thanks

Peter

athavanraja
Active Contributor
0 Kudos

> SSO should not be of any importance as I have logged

> onto the app in the first place. I just don't want a

> second login for another page in the same

> application....

In my understanding it is required for the popup windows to work .

please check OSS 517860

if you had looked at the test application i have given the following lines are mentioned there.

"<i>If SSO2 is correctly configured, the server will set a SSO2 cookie with the response that is transmitted back to the browser.</i> "

only if the SSO2 cookie is transmitted back to the browser then the further windows will authenticate automatically.

Regards

Raja

Note: Initially i was also under the impression that for this kind of scenario SSO is not required.

Message was edited by: Durairaj Athavan Raja

thomasalexander_ritter
Active Contributor
0 Kudos

Hi,

I am not sure if the sso configuration is really the problem. Our SSO was configured and tested successfully using the OSS note. My application works without any problems when used outside of SAP. But when I open it in the sapgui using the gui component cl_gui_custom_container I will get the authentication window whenever I click on a link which opens a new window. All the other links work just fine.

regards

Thomas

athavanraja
Active Contributor
0 Kudos

Hi Thomas ,

To make it work when called within the HTML_VIEWER control in SAP GUI check out the weblog by Thomas Jung at the following link. you need little bit more code in your ABAP.

after creating the HTML control you need to call the following method.

call method <html_control>->enable_sapsso

exporting

enabled = 'x'.

/people/thomas.jung3/blog/2004/08/26/updated-calling-a-bsp-application-from-a-sapgui-transaction

Regards

Raja

thomas_jung
Developer Advocate
Developer Advocate
0 Kudos

Let me see if I understand. You are opening a new window from a BSP application that is running from within the SAPGui HTML Control. I assume that you probably used the SSO ability of the HTML control to begin with.

My experience is that windows spawned out of the SAPGui HTML control no longer have access to the SSO ability that comes from the HTML control. I assume that once the other window is opened you are now in standard browser and outside the scope of the HTML control and whatever special things it is doing to grant SSO capabilities.

The SSO abilities of the HTML control are not the same as those of EP, or the ITS PAS. They only work for the same system that your GUI session is connected to. In other words if I have a R/3 system and a standalone webAS, the SAPGui HTML control running on R/3 can't open a SSO connection to a BSP application running on the standalone WebAS.

Former Member
0 Kudos

Hi guys,

to come back to the original problem:

I am running this app in a browser (IE 6.0) - so no SAP GUI involved.

All the other controllers embedded in the pages and called via "bsp:call ...." work fine.

Just this one called via a link requires the new login.

The link is given to the BSP element "htmlb:link" as relative link inside the app (i.e. something like "test.do?par1=...").

Does anyone know of the whereabouts of the documentation describing the parameter changes in a URL that trigger a new login? I saw something once, but cannot find it anymore....

TIA

Peter

thomasalexander_ritter
Active Contributor
0 Kudos

Hi,

I started the development after I red Thomas weblog and everything works as expected when not opening a controller in a separate window.

Sorry Peter it was never my intention to hijack your thread. I just wanted to point out that we both have the same problem when opening a new window. Please concentrate on Peters scenario not on mine, thanks.

regards

Thomas

Former Member
0 Kudos

HI,

no worries with hijacking, Thomas ) - I just didn't want to get totally lost..

I tried to check opening the link in the same window but this causes the app to logoff. I am using a page with a buffered frame as startup and this page changes the url. The next call to the same window then calls the exit routine as the url had been changed....

Now I ran a quick test without the buffered frame: It seems to work fine for the moment.

But: Does that mean that I get a new login on every new window I do open in a BSP application?

Sounds too strange to be true! SSO is installed and works fine by the way.

TIA

Peter

thomas_jung
Developer Advocate
Developer Advocate
0 Kudos

Sounds like the buffered frame might have logic to delete your SSO cookie as well as your backend session.

I assuming you are using the buffered frame examples for BSP application system. Have a look for code like the following:

 <%IF do_not_delete_sso2_cookie IS NOT INITIAL. %>
        url+="&bsp_do_not_delete_sso2_cookie=X";
        <%ENDIF. %>

thomas_jung
Developer Advocate
Developer Advocate
0 Kudos

Another chunk of code to look for is the following JavaScript:

// Delete the cookie with the specified name.
function DelSso2Cookie(sName,sPath)
{
    var sso2Domain = location.hostname;
    if (location.hostname.indexOf(".")>0)
        sso2Domain = location.hostname.substr(location.hostname.indexOf(".")+1);
    p="";
    if(sPath)p=" path="+sPath+";";
        document.cookie = sName+"=0; expires=Fri, 31 Dec 1999 23:59:59 GMT;"+p + "domain="+sso2Domain+";";
}

Former Member
0 Kudos

Hi Thomas,

nothing like that....

But: Could domain relaxing cause a problem??

It might confuse the cookies content..??

TIA

Peter

thomas_jung
Developer Advocate
Developer Advocate
0 Kudos

I have used domain relaxing and haven't experienced this. Perhaps you should post the code in your buffered frame page. There have been several different example versions that SAP has had. I will load it in my system and see if I can recreate the problem.

Former Member
0 Kudos

Hello,

after a good night of sleep I might see things a bit more clearly:

- I AM using a HTML viewer! Just didn't notice anymore after all the tests... :-((

- I have a link in a page displayed inside a HTML viewer. The link references another page in the same BSP app opening a new window (target = _blank).

- I cannot use 'enable_sapsso' as I am running this HTML viewer in 4.6xx. This functionality is only available from 6.20 on.

- I did check note 612670. It seems that browser sessions spawned from within a HTML viewer control never manage to re-use the SSO functionality - even with 'enable_sapsso' applied! This complies with Thomas' notes on spawning new windows a bit further up.

So this seems to be a 'feature' I am bound to live with :-(( ??

Answers (0)