Skip to Content
author's profile photo Former Member
Former Member

Using Web Dynpro authentication for a Web Service call

Hi all,

I want to develop a Web Dynpro that calls a Web Service running on the same Web AS (7.0). The Web Dynpro will be integrated in a Portal. The web service that has to be called is automatically generated when we create a guided procedure :

In my Web Dynpro, I imported the WSDL of this WS and created a model.

The first time I tried to call the WS in my Web Dynpro I got an authentication error :

Service call exception; nested exception is: Invalid Response Code: (401) Unauthorized. The requested URL was:"http://<myHostName>:50100/GPRuntimeFacadeWS/GPProcessExposing?style=document&pid=CA544E9B629A11DB91480017A48D672A&pver=0.5"

So I hard-coded an HTTP authentication :



And the Web Service call now works.

Now the next step is that the WS call is made by the user that runs the Web Dynpro. So I found this documentation :

It would resolve my authentication problem, AND the transport issue : at the moment the Web Service URL is stored in the Logical Port of the WD model, and at transport time, a rebuild of the WD project will be needed.

So I applied what is said in the doc : from the point of view of the Web Service consumer, I just had to add :


(where STARTGP is the name of the destination I created in the Visual Administrator with a "Logon Ticket" authentication.)

before the execute(), and I removed my hardcoded authentication.

Unfortunately, nothing changes... I still get a 401 authentication error.

Does anyone have an idea about this ? Or maybe a workaround ?

Thanks in advance for any suggestion.



Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

3 Answers

  • Best Answer
    author's profile photo Former Member
    Former Member
    Posted on Nov 16, 2006 at 08:46 PM

    Try below steps

    • Add jars

    o security.class

    o tc/sec/destinations/interface

    • Setting WebDynpro project property

    o Project >Properties >Web Dynpro References-->Interface references

    &#61607; Name=tcsecdestinations~interface

    o Project >Properties >Web Dynpro References-->Service reference

    &#61607; Name=webservices

    &#61607; Name=tcsecdestinations~service

    • Dynamically Set httpdestination and Call web service

    final InitialContext ctx = new InitialContext();

    final DestinationService dstService = (DestinationService)ctx.lookup(DestinationService.JNDI_KEY);

    if (dstService== null)

    throw new NamingException ("Destination service not available");

    final Destination destination = dstService.getDestination("HTTP"," DestinationName");

    // getting user name

    Properties destprop = destination.getDestinationProperties();

    String username = destprop.getProperty("USERNAME");

    String password = destprop.getProperty("PASSWORD");

    final HTTPDestination httpDestination = (HTTPDestination) destination;

    HttpURLConnection httpConnection = httpDestination.getURLConnection();

    String httpURL = String.valueOf(httpConnection.getURL());

    Request_AdvLocationVer1ViDocument_getLocation obj=wdContext.currentRequest_AdvLocationVer1ViDocument_getLocationElement().modelObject();

    obj._setHTTPDestinationName("DestinationName ");

    obj._setUser( user );





    Add a comment
    10|10000 characters needed characters exceeded

    • Former Member Former Member

      Hi Julien,

      I have created Basic Authentication but there is a option to create Logon Ticket.

      > I also have an additional question : When we modify a logical destination in the Visual > Administrator, do you know if we have to restart the J2EE engine ?? Or is there a kind of > cache that has to be refreshed ?? It seems that my modifications are not taken into > account...

      you don't need to restart J2EE Engine :).


  • author's profile photo Former Member
    Former Member
    Posted on Nov 17, 2006 at 01:04 PM

    Hi Julien,

    I have replied to this similar topic here Unable to consume secured Web service from a Dynpro application

    This will aviod to get rid of hardcoding in your application.

    Regards, Anilkumar

    Add a comment
    10|10000 characters needed characters exceeded

  • author's profile photo Former Member
    Former Member
    Posted on Jun 17, 2008 at 04:03 PM

    Hello Julien,

    I have a scenario similar to yours. A client webdynpro application accessing a EJB methods exposed as web service. Those EJB's methods calls R3 RFC's. The client requirements' was to allow SSO through all the layers (Webdynpro -> EJB WS -> RFC). The Webdynpro and EJB's are deployed on the same WAS.


    1 - Create a RFC Destination on Visual Administration provide the R3 connection parameters and set the Authentication for "Current User (Logon Ticket)". Save your Destination;

    2 - In your EJB Project open your Web Service Configuration, on the Security page, set:

    Authentication Mechanism: HTTP Authentication

    Basic (username/password)

    Use SAP Logon Ticket

    3 - In your EJB, implement the following code to create JCO Client for the RFC invocations:

    Object obj = ctx.lookup(DestinationService.JNDI_KEY);
        DestinationService dstService = (DestinationService) obj;
        RFCDestination dst = (RFCDestination) dstService.getDestination("RFC", "<YOUR_RFC_DESTINATION_NAME>");
        Properties jcoProperties = dst.getJCoProperties();
        JCO.Client jcoClient = JCO.createClient(jcoProperties);

    4 - In your EAR Project, open your "application-j2ee-engine.xml" and add the References:

    "tc/sec/destinations/service" as Service

    "tc/sec/destinations/interface" as Interface.

    5 - Create your EAR File and Deploy;

    6 - Check if the web service now requires Authentication: go to http://<host>:<port>/index.html and click on Web Services Navigator. Test your Web Service. Your Web Service should requiere you to log in before execute the test;

    7 - Go back to your Visual Administrator and create a HTTP Destination. Provide your WS URL (should be something like "http://<host>:<port>/<WS_NAME>/Config1?style=document"). Choose Authentication: Logon Ticket. Save your Destination;

    8 - Go to your webdynpro project, import your WS Model. (If you have already created it, you have to delete it and import it again, refer to this blog on how to reimport WS Models: /people/bertram.ganz/blog/2005/10/10/how-to-reimport-web-service-models-in-web-dynpro-for-java How To Reimport Web Service Models in Web Dynpro for Java );

    9 - Open your model's Logical Ports node, go to the Security tab, and choose "Use SAP Logon Ticket";

    10 - In your webdynpro code, before you call the ws invocation (should be something like that: <YOUR_NODE_DEFINITION>.modelObject().execute();), include the following line:


    11 - Save All Metadata and deploy your Webdynpro App. Test your results.

    I hope it helps you, as the documentation on how to implement this scenario is scattered through the SDN and all the SAP help portal.

    Best regards,


    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.