cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SSO ISSUE in production server

Former Member

on ‎2010 Oct 12 10:55 AM

0 Kudos
125

hi all

i have configured sso in dev quality those are working fine. now i have done it in Production .

while maintaing the jco destinations created the model data jco using logon ticket and meta data jco using uidpw.

for some time model data jco is working fine but some other time i am getting the error

com.sap.mw.jco.JCO$Exception: (103) RFC_ERROR_LOGON_FAILURE: This system rejects all logons using SSO tickets .

we maintained technical systems in Central SLD(solution Manager).

No problem with Meta Data jco.

Why happenin like this......i have maintained Login accepet and create values properly in RZ10 in R3.

plz let me know why its happening like?

thankyou

swapma

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

Former Member
‎2010 Oct 12 11:07 AM
0 Kudos

Hello,

Please check the proper Object Like S_RFC and S_Service has having Authorization for the user which you have used in model meta or model data jco destination.

Thanks

Chittya Bej

Edited by: Chittya Bej on Oct 12, 2010 3:37 PM

Show replies
Show replies
Former Member
‎2010 Oct 12 11:13 AM
0 Kudos

can you tell me clearly ,

i didnt understand what you told .

user have SAP_NEW and SAP_ALL profiles.....sap_essuser and sap_essuser_erp roles and mol,scl,ugr parameters the user had.

Thankyou

swapna

dao_ha
Active Contributor
‎2010 Oct 12 2:23 PM
0 Kudos

Hi Swapna,

Please see if SAP Note 1166904 would solve your issue.

Hope it helps.

Regards,

Dao

Former Member
‎2010 Oct 12 2:34 PM
0 Kudos

hi deo

thank for your reply.

but i am getting that error while testing the jco's for ess applications.

sometimes its working ........and coming the same error......what would be the exact problem.

sso logon ticket i am using right now.

can you guide me in this ......

in dev and quality i didn't get.....production i am getting.

Thankyou in advance

swapna

dao_ha
Active Contributor
‎2010 Oct 12 2:57 PM
0 Kudos

Hi Swapna,

Basically, the note suggests that you should use Assertion ticket for WD Java JCO destination (as opposed to SSO ticket) because you might have problems with the SSO ticket expiration. You don't get the same error in Dev/QA because they are not being used as much as in Prod; this would be 1 probable explaination.

Try to change the authentication method and see if you still have the same problem.

Regards,

Dao

Former Member
‎2010 Oct 12 3:06 PM
0 Kudos

Hi Swapna ,

I would suggest you to make use of id/pwd as authentication for both metadata , modeldata . You would just need a dummy id in your ABAP system with SAP_ALL assigned to it . That should not give you any issues .

Regards

Mayank

Former Member
‎2010 Oct 12 3:10 PM
0 Kudos

hi dao

i have checked with by giving assertion ticket in place of logon ticket in jco destination connection still got the same error.

if i go for ping..... i am getting the ping successful.....while testing getting the same Error.

i have been to sso2 in r3........checked sso with logon ticket thats fine......where i am failing exactly not getting.

in visual admin tool i have changed the logon expiretime to 24 hours .....that is also not worked in my case......

we are maintaing the sld with solution manager........

i think that note not suit for us.

plz let me know something related to this....

Thankyou

swapna

Former Member
‎2010 Oct 12 3:16 PM
0 Kudos

hi

really it will not give any issue mayak?

but i have read some where that we should go for logon ticket for model data jco destinations.....uidpw for Meta data jco destinations.

plz let me know some thing reg this?

because i need to give project for go live very soon.

Thankyou

swapna

dao_ha
Active Contributor
‎2010 Oct 12 3:40 PM
0 Kudos

Hi Swapna,

Please refer to SAP Note 947376 for JCO troubleshootings (#3 for SSO ticket is expired ..)

Mayank's suggestion would also work; you can use the same UID/pwd as that in the metadata JCO destination.

Regards,

Dao

Former Member
‎2010 Oct 13 5:55 AM
0 Kudos

Yes , according to me that should not be a problem . I myself make use of the same mechanism for both metadata , modeldata and so far they have not given me any issues .

Regards

Mayank

Former Member
‎2010 Oct 13 6:29 AM
0 Kudos

Swapna,

After having set your profile parameters in RZ10, have you restarted your system? If you havent yet, then restart your ECC system and it might help resolve the issue.

Regards,

Sandeep Tudumu

Former Member
‎2010 Oct 13 6:41 AM
0 Kudos

ok i will try the two destinations with uidpw mechanism......

thankyou

swapna

Former Member
‎2010 Oct 13 6:46 AM
0 Kudos

hi sandeep

i have restarted the production r3 server..........some times its working but with in very few min error is coming again.

like what i thought after some time the Ep server not accepting tickets.......i foung some notes related Logon ticket expirtation.

can i use those notes......

any idea

let me know.

thankyou

swapna

Former Member
‎2010 Oct 13 11:30 AM
0 Kudos

hi mehta

i have asssigned the user in pa30 to my portal userid .

while opening the personal information i am getting this error.

i have used uidpw method for both jco destinations.

in dev and quality i never get like this.

While processing the current request, an exception occured which could not be handled by the application or the framework.

If the information contained on this page doesn't help you to find and correct the cause of the problem, please contact your system administrator. To facilitate analysis of the problem, keep a copy of this error page. Hint: Most browsers allow to select all content, copy it and then paste it into an empty document (e.g. email or simple text file).

can you help me to solve.

thankyou

swapna

sandeep_kumar60
Participant
‎2010 Dec 08 10:31 AM
0 Kudos

The required certificate for a trusted relationship between the Java and ABAP systems is missing.

sandeep_kumar60
Participant
‎2010 Dec 08 12:12 PM
0 Kudos

check ur logon groups

p330068
Active Contributor
‎2010 Dec 09 11:16 AM
0 Kudos

Hi Swapna,

Please check the logon group properties for SAP system in t-code SMLG. If there is any issue with logon group then it might cause for this issue.

Refer to [Click here|https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.docs/library/user-interface-technology/wd%20java/7.0/portal%20integration/how%20to%20configure%20the%20jco%20destination%20settings.pdf]

Hope it will helps

Regards, Arun Jaiswal

Former Member
‎2011 Mar 24 3:42 PM
0 Kudos

Hello,

Were you able to solve this? We have exactly the same issue with initial access fine but subsequent browser sessions failing because of session/jco issues. I can have an initial browser session open with a functioning WebDynpro application hitting ERP and a second going to exacly the same application and ERP system failing.

We have not used assertion tickets yet and can try that but our QA environment does not have this issue with the same versions/settings.

Any help is appreciated.

Thanks,

Doug

Ask a Question