Skip to Content
author's profile photo Former Member
0
Former Member
Jun 25, 2008 at 05:31 PM

SPNEgo with UME-ABAP.

102 Views

Hi All,

I have configured integrated login with SPNEGO wizard with UME-ABAP.

All the settings seems to be ok, including the cases of service user name and KDC.

I have checked the ticket using 'kerbtray'.

But integrated logon is not functioning. When I am checking the security log, the failure is associated with the J2EE_GUEST user instead of the user name I am trying to logon with.

I have been searching for any link between J2EE_GUEST and the logon procedure without success.

Please find the extract of the log below.

Anyone could please help me..

#1.5 #0018FEFB6245006A0000003100003B780004506C9ACD8563#1214327290750#/System/Security/Authentication#sap.com/irj#com.sap.engine.services.security.authentication.logincontext#J2EE_GUEST#0##n/a##1f9129e1421011dd8aba0018fefb6245#SAPEngine_Application_Thread[impl:3]_7##0#0#Info#1#com.sap.engine.services.security.authentication.logincontext#Plain###LOGIN.FAILED

User: N/A

Authentication Stack: ticket

Login Module Flag Initialize Login Commit Abort Details

1. com.sap.security.core.server.jaas.EvaluateTicketLoginModule SUFFICIENT ok false true

2. com.sap.security.core.server.jaas.SPNegoLoginModule OPTIONAL ok exception true Unable to acquire GSS credentials for at least one Kerberos realm

3. com.sap.security.core.server.jaas.CreateTicketLoginModule SUFFICIENT ok false true

4. com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule REQUISITE ok false false

5. com.sap.security.core.server.jaas.CreateTicketLoginModule REQUISITE ok false true #

#1.5 #0018FEFB624500610000002E00003B780004506C9B3C6EBD#1214327298016#/System/Security/Audit/J2EE#sap.com/irj#com.sap.engine.services.security.roles.SecurityRoleImpl#J2EE_GUEST#118##n/a##04c75d60420f11ddc8080018fefb6245#Thread[Thread-56,5,SAPEngine_Application_Thread[impl:3]_Group]##0#0#Info#1#com.sap.engine.services.security.roles.SecurityRoleImpl#Java###: Authorization check for caller assignment to J2EE security role [ : ].#3#ACCESS.OK#SAP-J2EE-Engine#guests# #1.5 #0018FEFB624500610000002F00003B780004506C9BD50F8E#1214327308032#/System/Security/Audit/J2EE#sap.com/irj#com.sap.engine.services.security.roles.SecurityRoleImpl#J2EE_GUEST#119##n/a##04c75d60420f11ddc8080018fefb6245#Thread[Thread-56,5,SAPEngine_Application_Thread[impl:3]_Group]##0#0#Info#1#com.sap.engine.services.security.roles.SecurityRoleImpl#Java###: Authorization check for caller assignment to J2EE security role [ : ].#3#ACCESS.OK#SAP-J2EE-Engine#guests# #1.5 #0018FEFB624500610000003000003B780004506C9C6DB02C#1214327318032#/System/Security/Audit/J2EE#sap.com/irj#com.sap.engine.services.security.roles.SecurityRoleImpl#J2EE_GUEST#120##n/a##04c75d60420f11ddc8080018fefb6245#Thread[Thread-56,5,SAPEngine_Application_Thread[impl:3]_Group]##0#0#Info#1#com.sap.engine.services.security.roles.SecurityRoleImpl#Java###: Authorization check for caller assignment to J2EE security role [ : ].#3#ACCESS.OK#SAP-J2EE-Engine#guests#

thanks & regards

K. Muhammed Ali