Skip to Content
avatar image
Former Member

SecWinAD authentication using the REST SDK...

Hi,

Trying out the REST sdk (with 4.1) and have hit a problem from the start.  I guess i'm missing some config somewhere but here's the issue...

I create an enterprise user in the CMC in the everyone group...

Using POSTMAN in Chrome I hit the logon service with...

http://server:6405/biprws/logon/long

POST

Accept           application/json

Content-Type  application/json

  
{

     "userName": "testREST",

     "password": "testREST",

     "auth": "SecEnterprise"

}

if works and returns "logonToken"...

I then try as an Active Diretcory user (the one I used to create the test enterprise account who is a member of administrators..me.) CMC logon is fine using AD and the standard /BI logon is configured for SSO and also logs in fine.

so I go with...

{

     "userName": "JBRAKER"

     "password": "myADpassword"

     "auth": "SecWinAD"

}

It returns error "FWM 00006" with Active Diretcory Authentication failed to log you on.

I've tried using @domain and changing server url to FQDN but no joy.

Any ideas what i'm missing?  As mentioned the server is setup for AD SSO but i see nothing to configure for the REST services apart from the URL in the CMC.

Thanks!

Jeremy

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

7 Answers

  • avatar image
    Former Member
    Aug 20, 2014 at 05:58 AM

    Hello,

    Have you tried /logon/adsso ?

    Bernd

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Aug 20, 2014 at 11:51 AM

    Hello Jeremy,

    Did you follow the documentation?

    http://help.sap.com/businessobject/product_guides/sbo41/en/sbo41_bip_rest_ws_en.pdf

    Section 5.3 for the configuration

    Section 6.4 for the logon

    Anthony

    Add comment
    10|10000 characters needed characters exceeded

  • Feb 29, 2016 at 03:38 PM

    Hello, I'm also facing the same issue. Any answers. I can successfully login using WindowsAD using SAP BO Java SDK, but not through RestFul SDK. Please help.

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Feb 29, 2016 at 03:41 PM

    Hi,

    I think that the issue here is that you need to get the logonToken with Enterprise authentication, as stated in the manual,

    Regards,

    Rogerio

    Add comment
    10|10000 characters needed characters exceeded

  • Feb 29, 2016 at 05:57 PM

    Daniel,

    I tried to get /logon/adsso, I got the error "VSJ authentication was not performed for this request". Again, I'm not looking for a solution for password-less SSO login. But,with active directory logon where the user enters the credentials

    Rogerio,

    Our network admin are planning to close port 6400 and provide only LoadBalanced URL with Only port 80 available. So, I want to switch from EnterpriseSession to RestFul WS login method. Hope you got my situation.

    Add comment
    10|10000 characters needed characters exceeded

  • Mar 01, 2016 at 02:08 AM

    HTTP 401 Unauthorized.

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Apr 05, 2016 at 11:16 AM

    Did you configure properly Kerberos on WACS?

    - Active Directory Configuration Settings

    + Krb5.ini File Location:

    + bscLogin.conf File Location:

    For SSO login you have to configure WACS with Kerberos + SSO :

    - Web Services SDK and QaaWS Service

    + Authentication Settings

    Add comment
    10|10000 characters needed characters exceeded