Hi I recently upgraded from BW 3.x to NW2004s BI 7.0 SP12. I am trying to set up BEx Web integration. I created a system in the portal that has Authentication Ticket Type = SAP Assertion Ticket, BI Master system set to true , Logon Method = SAPLOGONTICKET and gave it a system alias of SAP_BW. Via The visual admin tool, I created the SAPLogonTicketKeypair and Keypair-cert using a Common Name = ABC. I understand that in a dual stack situation the Portal SID cannot be the same as the ABAP sid. I imported the portal cert into BI Using STRUSTSSO2, added the cert to the certificate list and added it to the ACL. Now, when I try connection tests on my SAP_BW system in the portal it fails. I turned on tracing in SM50 to level 3, security only. This is what I see in the logs of the dialog process:
dy_signi_ext: SSO TICKET logon (client 090)
mySAPUnwrapCookie: was called.
HmskiFindTicketInCache: Trying to find logon ticket in ticket cache.
HmskiFindTicketInCache: Try to find ticket with cache key: 090:90BA87457002F62A1F3317888C62CDEC .
HmskiFindTicketInCache: Couldn't find ticket in ticket cache
<snip>
Got content client = 999.
N Got content sysid = BWP .
N No entry in TWPSSO2ACL for SYS BWP and CLI 999.
N CheckSubject failed (rc=19). Verifying if ticket was issued by me.
N *** ERROR => System ID and client from ticket are not the same than mine. [ssoxxkrn.c 841]
N Data from ticket: sysid=BWP , client=999
N My system data: sysid=BWP , client=090
N *** ERROR => Neither was ticket issued by myself nor can I find issuer in TWPSSO2ACL.
So why is the portal sending sysid=BWP and not the common name ABC? Or is there another parameter where I can change the portal sid?
I asked SAP via an OSS message and they said that the ABAP stack has to be 1 level higher than the Java Stack. Unfortunately, SP13 hasn't been released yet