cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Webi report through sso

Former Member

on ‎03-11-2018 3:11 PM

0 Kudos

Hi experts,

I have configured sso bobj 4.1 to sap BW followed by wiki scn. Seems when we tried

run report webi with option sso got error failed to connect to the olap source.I checked several scn discussion everthing i followed config as per given. seeking your advice.Thanks.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (4)

Answers (4)

Former Member
‎03-16-2018 6:10 AM
0 Kudos

Hi Tim,

I found in the APS log :

getSAPAssertionTicket|APP01:5152:273913.691165:1|CuNBWUmlr0HYj6g5ucwLadk48f|||||||||com.businessobjects.pjs.services.sts.SAPTokenImpl||STS: got systemID DEV |4C4B090BF9F741A589744352D899CA8Baebf13|2018 03 16 10:57:20.549|+0800|Information| |==| | |aps_APP01.APS| 5152|273913|Transport:Shared-394/34| |112|0|4|1|BIlaunchpad.WebApp|APP01:8328:89.1169:1|.doIt|PREPESOBO-APP01:5152:273904.691154:1|.getSAPAssertionTicket| QAAPP01:5152:273913.691165:1|CuNBWUmlr0HYj6g5ucwLadk48f|||||||||com.businessobjects.pjs.services.sts.SAPTokenImpl||STS: got private key and certificate for alias DEV getSAPAssertionTicket|APP01:5152:273913.691165:1|CuNBWUmlr0HYj6g5ucwLadk48f|||||||||com.businessobjects.pjs.services.sts.SAPTokenImpl||STS: found SAP user DEV~300/USER1 getSAPAssertionTicket|APP01:5152:273913.691165:1|CuNBWUmlr0HYj6g5ucwLadk48f|||||||||com.businessobjects.pjs.services.sts.ServiceHelper||STS: verified logon token for user DEV~300/USER1

The above message showed sso working fine?.

Thanks for your prompt reply.

Show replies
Show replies
BasicTek
Advisor
Advisor
‎03-19-2018 1:19 PM
0 Kudos

This only shows that BI found the SAP user fine and that there STS configuration in the SAP plugin was found. If you look at the tracing KBA the red highlights tell you some of the more important things to find. The next thing to look for was SecurityTokenService2Stub.getSAPAssertionTicket this will show a request and hopefully response from the APS to get a token

Finally the Connection property shows the actual connection to BW. To note if you see SNC in the STS logs then encryption is enabled so there are some variances from my baseline. Turning off SNC can easily tell you if STS is working but the SNC encryption is failing.

Then if we receive any errors from BW they will hopefully show up in the log, some examples were shows at the end of possibly failures. If you see BI is sending the token properly then the foxus needs to be shifted to the BW site and the dev_ logs. It usually means a setting in BW was not done properly https://apps.support.sap.com/sap/support/knowledge/preview/en/1976414

-Tim

BasicTek
Advisor
Advisor
‎03-15-2018 7:31 PM
0 Kudos

try tracing the APS with STS to get a better error https://apps.support.sap.com/sap/support/knowledge/preview/en/2578098

and the issue could be with the BW config so https://apps.support.sap.com/sap/support/knowledge/preview/en/1976414 may be needed as well

If you log it don't paste the whole log out here but you can post the error message that is better than the generic olap source failure

-Tim

Show replies
Show replies
Former Member
‎03-12-2018 7:48 AM
0 Kudos

Hi,

Thanks your reply .i m configured STS and not touched any setting of snc. Note provide is reference for snc type.

##Step i followed

E:\SAPBusinessObjects\SAP BusinessObjects Enterprise XI 4.0\win64_x64\sapjvm\bin>
java -jar "E:\SAPBOBJ_BOR01\SAP BusinessObjects Enterprise XI 4.0\java\lib\PKCS12Tool.jar" -alias DEV –storepass password -dname CN=BOBJDEV

E:\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\win64_x64\sapjvm\bin>keytool -exportcert -keystore keystore.p12 -storetype pkcs12 -file cert.der -alias DEV

login to BW sytem 000 client strusst02 import certificate

add to acl input i followed :system: DEV ,Certificate owner:BOBJDEV

https://wiki.scn.sap.com/wiki/display/BOBJ/Import+SAP+BO+BI4.0+certificate+into+SAP+BW

-Cmc i enable sso service ,system id put DEV,keystore file upload previoulsy upload,password assign created during keystore..

private key alias:DEV

Show replies
Show replies
amitrathi239
Active Contributor
‎03-12-2018 9:18 AM
0 Kudos

what is the error message in OLAP connection?

Former Member
‎03-12-2018 10:25 AM
0 Kudos

failed to connect to the olap source

ivanyin
Advisor
Advisor
‎03-12-2018 5:18 AM
0 Kudos

Hi,

There are several reasons that may cause your BI and BW SSO not working.

First of all, please confirm whether you are trying to configure STS or SNC.

This troubleshooting KBA can be helpful for most of the cases. 1500150 - Troubleshooting SAP SSO issues from BI to BW, in XI 3.x and BI 4.x products

If it still doesn't work after going through this KBA, please take screenshots of every steps to configure SSO and upload them here if possible.

Regards,

Ivan

Show replies
Show replies
Ask a Question