on 05-15-2013 2:49 PM
Hi All,
I
am trying to implement SSO from Non SAP system (CAS - Central authentication system) to SAP Portal. I have configured the HTTP Header Login module in the Login Module stack as per the below link.
http://help.sap.com/saphelp_nw73/helpdata/en/4a/47abb3e1f41cd4e10000000a421937/content.htm
I have developed a Test JSP which set's the Header Variable IV_HTTP_USER with Portal login ID and re-directs to SAP Portal. When we test now, the HTTP Header Login module doesnt succeed and Login page comes up.
I have generated trace from NWA-Troubleshooting->Security troubleshooting wizard for authentication type and below the error i see. IV_HTTP_USER variable always show's as null.
Few Questions I have:
1. Do we have to change Authschemes file inculde authschem "Header" as mentioned in the below thread.
http://scn.sap.com/thread/2127692
2. In case yes - I did change the authscheme's file as per above discussion and checked. But when i navigate to NWA->Configuration Management Security Authentication and Single Sign-On, I get and information saying Authscheme file is invalid.
Please help.
Portal Version: NW7.3 SP08
Thanks
Hussain
Dear,
We try to logon CE by headervarible with URL paramater. But userid was not sent to header variable, can you share how to send userid to header variable and J2ee engine.
Below is trace logs.
...thentication.callbackhandler.handle | Handle com.sap.engine.interfaces.security.auth.HeaderVariableCallback@7fbcf227 |
...dler.handle(HeaderVariableCallback) | Getting header by name: username |
...dler.handle(HeaderVariableCallback) | Header retrieved: null |
...thentication.callbackhandler.handle | Exiting method |
...ule.HeaderVariableLoginModule.login | Successfuly handled. |
...ule.HeaderVariableLoginModule.login | header username has value <null> |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Hussain,
Changes to the authschemes file are not required, adding the HeaderVariableLoginModule with the appropriate value for the Header option, to a suitably configured ticket policy configuration should suffice.
Are you sure that the header variable is being populated correctly?. You have captured the issue using the security troubleshooting wizard (authentication incident), if you look at the requests that are logged from location com.sap.engine.services.httpserver.HttpTraceRequest.traceRaw. (you can filter on this location) - do you see the header variable values there?
If not, if you configure ICM to trace the http requests as per Enable HTTP traces from ICM you can see if the IV_HTTP_USER header is populated when it is received by the AS Java system (If you're accessing the portal via https, you may have to set icm/trace_secured_data=1 to get ICM to trace the relevant requests)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
80 | |
9 | |
9 | |
7 | |
7 | |
6 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.