on 02-10-2006 10:08 AM
Hi folks,
I'd need some help with a Single Sign On (SSO) scenario.
We run a tomcat at server A, e.g. www.mytomcat.com
and a SAP BW at server B, e.g. www.mybw.com.
I want a user logon on tomcat but provide also a login to BW (WebQuery).
The tomcat application knows the user's credentials for the BW.
What I have tried is:
A) Tomcat server login to BW and fetching the cookie.
B) Sending the cookie to the browser.
C) Redirecting the browser to the BW.
Problem:
The credential cookie is not sent back to BW, because its domain (realm) is www.mytomcat.com
The browser's security features prevent creating a cookie for locations unlike the sending domain.
I post this in the ABAP group on purpose, because I hope there might be some tricky programming which can
help me solving the problem.
Any idea how I can solve this?
Thanks for any hint.
I have never tried this but You could try to encode the login information in url of webquery.
As in BSP application we can logon by specifying :
http://.....?sap-sessioncmd=open&sap-user =username&sap-password=passsword&sap-client=100.
just encode the above values and try to decode them on BW system.
Thanks & Regards,
Ankur
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
Please note that if you use this method together with unencrypted http the username/password is sent in clear text over the network and therefore is a severe security risk (doesn't matter if you use http get or http post).
If you use this method, make sure the BW system is called over https so the traffic is encrypted (still you have the unwanted situation that the url is present in various web server logs, but this is not as critical).
Regards
Dagfinn
User | Count |
---|---|
88 | |
10 | |
10 | |
9 | |
6 | |
6 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.