Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Extracting userId from SAP Logon ticket

Go to solution
Former Member

‎07-17-2007 8:48 PM

0 Kudos

We are getting a validated SAP Logon ticket genearted by SAP Netweaver engine.

Our J2EE application which is deployed on the same Netweaver APP server and the SAP Logon ticket is passed in the http request.

Question: Is there a way to extract the user ID from the ticket? We need not validate the ticket again, but only need to extract the user id. Any sample code or pseudo code will be helpful.

Thanks,

- Shankar

1 ACCEPTED SOLUTION

Go to solution
WolfgangJanzen
Product and Topic Expert
Product and Topic Expert

‎07-20-2007 4:36 PM

0 Kudos

Sorry, but that's the wrong way: you definetly need to validate a security token (here: SAP Logon Ticket) before you should grant trust.

But anyway: that's the job of the framework. Applications can simply request to obtain the name of the authenticated / "current" user (aka "principal").

I'm not an NWAS Java expert. But I'm pretty sure that there are many here in the forum who can easily tell the exact method name.

PS: for outbound communication I'd strongly recommend to make use of the Destination Service. That service will then also provide security tokens which are requested by the recipient system - again: that's a framework task, not an application task.

2 REPLIES 2

Go to solution
WolfgangJanzen
Product and Topic Expert
Product and Topic Expert

‎07-20-2007 4:36 PM

0 Kudos

Sorry, but that's the wrong way: you definetly need to validate a security token (here: SAP Logon Ticket) before you should grant trust.

But anyway: that's the job of the framework. Applications can simply request to obtain the name of the authenticated / "current" user (aka "principal").

I'm not an NWAS Java expert. But I'm pretty sure that there are many here in the forum who can easily tell the exact method name.

PS: for outbound communication I'd strongly recommend to make use of the Destination Service. That service will then also provide security tokens which are requested by the recipient system - again: that's a framework task, not an application task.

Go to solution
yonko_yonchev
Active Participant

‎07-20-2007 5:20 PM

0 Kudos

Hi Shankar,

As Wolfgang pointed out you shouldn't directly extract the user ID from the ticket but let the security framework do that for you and then access the user id with the APIs.

To get the user for authorization purposes the document here should answer your question:

http://help.sap.com/saphelp_nw70/helpdata/en/80/45da9619d24b61bb869c31ef3b780a/frameset.htm

If you don't use the UME, the method would be getUserPrincipal for the HTTPServletRequest.

Regards,

Yonko