Hi SDN friends,
We are implementing SSO with the following ...
IBM TAM 5.1
SAP Portal 6.0 SP13,
Internet Transaction Server 6.20 SP19
SAP 4.7 Backend
This is for an ESS application. The problem we are encountering is that when a manager accesses the workflow inbox service (ITS service), and they click on the approval button for a given approval request, we get an 'Access is denied' screen returned.
The problem is definitely on the ITS side (ie. Portal is not the cause of this problem). If I execute the transaction through WebSEAL directly through ITS (ie. avoiding Portal) I encounter the same error.
at runtime is sent out like the following ...
location.href="/scripts/wgate/ze000009657d04/~flN ... etc ...etc confirm_url=/scripts/wgate/bwwf_wi_deci/ ... etc ...etc";
... and this code passes through WebSEAL unchanged. Of course, what should occur is that the WebSEAL junction should have been appended at the beginning of the /scripts/wgate instances.
My WebSEAL consultant tells me it is not possible for WebSEAL to capture this scenario. Has anyone else seen this and managed to overcome the problem?
Any thoughts would be appreciated and rewarded.