cancel
Showing results for 
Search instead for 
Did you mean: 

Login using WAM External Web Acess Management

holger_stumm2
Active Contributor
0 Kudos

I need to implement into an existing SAP EP 6.0 system an additional access method.

The regular one is uid/pw in the intranet.

On top of it, when a user logs on from home, he comes through an external system (juniper), that authenticates the user and passes on a header variable. This should be matched against the LDAP and an EP ticket should be issured.

While reading through the documentation

"SAP Enterprise Portal Security Guide (Ver 3.3 EP 6.0 SP2)

and the associated help:

<a href="http://help.sap.com/saphelp_nw04/helpdata/en/ef/fc2441509fa831e10000000a1550b0/frameset.htm">SAP Help</a>

they look a little bit contradictionary to me.

My assumption is: I add a new auth_scheme line like:

<authscheme name="header">

<loginmodule>

<loginModuleName><b>????? What goes here?</b></loginModuleName>

<controlFlag>SUFFICIENT</controlFlag>

<options>Header=VAR_USER</options>

</loginmodule>

<priority>5</priority>

<frontendtype>2</frontendtype>

<frontendtarget>com.sap.portal.runtime.logon.header</fr

ontendtarget>

</authscheme>

and put this BEFORE the auth_scheme for uid/pw?

Is this correct?

Or am I on the wrong track?

thanks hs

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
0 Kudos

Edit the authschemes.xml.bak file.

First identify the variable name in which the user id will be passed in the header.

then change the variable name in.

<scheme name="header"> tag..look for

<options>Header=remot-user</options>

chage the "remote-user" to applicable variable name depending upon the external system.

then make the default authentication as header.

find the tag..

<scheme-ref name="default">

change the tag..for accepting header variables from uidpwdlogon" to "header".like below

<authscheme>header</authscheme>

Thats it pretty much..save as authschemes.xml and restart the server..

if you are using 6.20 J2EE you dont have much options..but in 6.40 you can also configure more in the logon module.

http://help.sap.com/saphelp_nw04/helpdata/en/90/52c43dac1bcf51e10000000a114084/frameset.htm

-Krishna

Answers (2)

Answers (2)

Former Member
0 Kudos

Hi Holger,

Can you expand a little bit about your Juniper solution and did you implement it.

I need to find a solution for external access to the portal for any employee around the world.

Many thanks,

Eli

former_member81750
Active Participant
0 Kudos

In the past I have been able to configure sign-on with Netegrity by following the SP2 Security guide page 24 and 25.

- Pankaj

holger_stumm2
Active Contributor
0 Kudos

Can you elaborate a little more on this answer?

Can you post the snippet from the <authscheme-refs> section?

Thanks

Message was edited by: Holger Stumm

former_member81750
Active Participant
0 Kudos

I did this at an earlier client and don't have the file with me. I will ask the present portal admin over there to respond to this. Let us see what he says

- Pankaj