cancel
Showing results for 
Search instead for 
Did you mean: 

Problems known with NW2004s SP11 and Ticket Toolkit?

Former Member
0 Kudos

Hello,

I have upgraded my NetWeaver2004s-Portal-Installation from SP10 to SP11. After the successfull upgrade I tested all the portal test applications that I developed. Everything seems to work fine except the ticket toolkit application. Since the upgrade to SP11 the application produces the following error message:

[TicketException: MYSAP_INVALID]

SAP.Web.Security.MySapSso2Ticket..ctor(String pseFile, String ticketString) +159

SAP.Web.Security.MySapSso2AuthenticationModule.OnAuthenticate(HttpContext context) +165

SAP.Web.Security.MySapSso2AuthenticationModule.OnEnter(Object sender, EventArgs e) +60

System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +92

System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +64

I checked all the application settings and all the dll files and I created a new pse file but I couldn't find a problem.

I also implemented SSO between the portal and a test sap system by passing the SAP-Logon-Ticket-Cookie through the SAP.Net-Connector. This still works as does the ITS-Single-Sign-On. So the Cookie itself seems to be ok.

Has anyone upgraded to SP11 yet and checked the ticket toolkit? Or has anyone an idea what's wrong with my system?

Accepted Solutions (0)

Answers (1)

Answers (1)

Former Member
0 Kudos

The problem still persists. But I found out that in some cases the Ticket Toolkit works. Without changing something the Toolkit works in one minute and fails in another wheras it fails more often.

I implemented an ASP.Net application that displays the value of the ticket and I noticed that in cases of failure the ticket value always contains an exclamation mark. But when it works the ticket value does not contain an exclamation mark.

Maybe this is an codepage or conversion problem in the ticket toolkit.

Former Member
0 Kudos

I found a solution ...

I read out the cookie value, convert it and write it back to the cookie. Then I can use Ticket-Toolkit without any problems.

Former Member
0 Kudos

I may have the same problem .... can you be a bit more explicit about what you mean by "Convert"?

Cheers,

-Sheldon

Former Member
0 Kudos

Figured out what you ment ... just to confirm:

this.Request.Cookies["MYSAPSSO2"].Value = HttpUtility.UrlDecode(this.Request.Cookies["MYSAPSSO2"].Value);

-Sheldon

Former Member
0 Kudos

Hello.

Well, ¿work this method?

Thanks.

Former Member
0 Kudos

I found good info from Wikipedia's article on [Base64 encoding|http://en.wikipedia.org/wiki/Base64#URL_applications] and this tidbit from a [Microsoft security article|http://technet.microsoft.com/en-us/library/bb676128.aspx]:

> DRM encoding is a simple variation of base64 encoding where the slash mark (/) is replaced with an asterisk (*), and the plus sign () is replaced with an exclamation point (!). In addition, DRM decoding works on base64-encoded strings. Windows Media Packager uses base64 encoding, but all other components of Windows Media Rights Manager use DRM encoding and DRM decoding. The primary reason for using DRM encoding is that base64-encoded strings cannot be passed as parameters in a URL because the plus sign () and slash mark (/) can be interpreted.

For my VB.NET application, I simply use the following:

Dim tokenWithoutSpecialCharacters = token.Replace("*", "/").Replace("!", "+")

Edited by: riceweb on Mar 22, 2010 10:44 PM

Added code snippet