cancel
Showing results for 
Search instead for 
Did you mean: 

Portal Login screen from Ui5 application

Former Member
0 Kudos

Hi,

I am trying to validate the user login credentials given by the user in my SAPUi5 desktop application. For validating the credentials, I would like to use our SAP EP portal to see if the user has valid authorizations and then get the SSO token back - to further access the Gateway and ERP systems.

For this I am trying to see how we can pass the username and password enterd by the user on the UI5 application and get them validate them on the SAP EP portal and get the SSO token back to the application. Can someone help me guide to achieve this. Any code references would be of great help.

Thanks!

Shyam

Accepted Solutions (0)

Answers (2)

Answers (2)

former_member182650
Contributor
0 Kudos

Hi!

If it's java, you could deploy your SAPUI5 app into a SAP NW Java SC. Then you must force authentication in your app. Any resource require logon first.

If it's abap, you could embed your app throught URL iView or SAPUI5 iview and configure SSO between your ABAP & JAVA stacks.

Kind regards

Former Member
0 Kudos

Hi,

Agnel, thank you for your time on this.

1. We are not planning on deploying it on the NW Java Stack. But seems to be an interesting thought which I can give a try. Can you please provide any reference on how we can map the user credentials to the login screen credetnails in the portal for this scenario.

2. I tried this but we do not want the application to be embeded with-in the Java stack. All we want from the Java stack is the authentication token and then render the application from the ABAP stack (where theapplication is being deployed). Any thoughts around this?

former_member182650
Contributor
0 Kudos

Ok, in this case you could use SAML2 SSO protocol. You must configure your Java stack as IP - Identity Provider and configure SSO throught SAML2 in both systems.

If you try to access to your ABAP SAPUI5 app you will be redirected to your IP to log on and redirected after logon to your SAPUI5 app.

You must analyze if your ABAP and Java stacks & SP levels are compliant with SAML2.

Kind regards!

kammaje_cis
Active Contributor
0 Kudos

This link might help to achieve what Angel suggested

Configuring Single Sign-On (SSO) - Portal - SAP Library

Former Member
0 Kudos

Thank you all for the insights. This info really helped. We took the SAML approach.

kammaje_cis
Active Contributor
0 Kudos

Hey Shyam,

Where is your UI5 desktop application hosted?

When you access the application, it(hosting server) would ask for credentials. After the authentication, it would provide the application along with the SSO token.

I have hosted it on a 740 ABAP server and this is how it works.

Thanks

Krishna

Former Member
0 Kudos

Hi Krishna,

As always, thanks for taking a look at it.

Right now my application is hosted on the 7.31 ABAP AS. And yes the server prompts me for the credentials with which I am able to test my application succesfully. But to producionize the application, we would want the user to enter the login credentials upfront(which should be similar to his current Portal login credentials) and with this we would like to hit the Portal Java server and validate the user and get back the SSO token to further navigate to the ERP system.

Note: The end user is not given the password details of the ABAP AS system. Instead he will be only having the login ID and password for the portal system. hence the need to first authenticate the user in the EP portal and then get the token to further branch into additional systems.


kammaje_cis
Active Contributor
0 Kudos

You need to setup single sign on between portal and ABAP server (on which you have hosted your application).

The meaning of above sentence is that, the SSO token issued by the portal server(when you login to portal) is considered valid by the ABAP server (when you make request for the application and by OData services).

Former Member
0 Kudos

Krishna/Angel,

I see that the SSO has already been set-up between the Portal system and the ABAP system.But I am not sure how I can pass the user credentials to the Portal and get them authenticated there along with the token back. Is implementing the SAML 2.0 is the only option that we are left with to accomplish his authentication solution?

Regards

Shyam

former_member182650
Contributor
0 Kudos

Hi again,

If you want to be redirected from ABAP SAPUI5 app I think that is the best solution:

Using SAML Browser Artifacts - Configuring Authentication and Single Sign-On - SAP Library

Other solutions must implement some kind of redirect to portal. SAML2 enables you redirecting to Identity Provider by default and redirection to source site after logon:

Configuring Single Sign-On (SSO) - Portal - SAP Library

It is possible to enable SSO with SAP Logon Tickets but first you must redirect to your portal to authenticate. After logon, you must redirect to your SAPUI5 ABAP app. It could be very complex if you don't publish your app throught an ABAP SAPUI5 iview.

Kind regards