cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

DestinationException on jcoProperties.getProperty("jco.client.passwd")

Former Member

on ‎07-22-2009 6:44 AM

0 Kudos

hello all,

I'm using web dynpro java, below is error I'm getting for line jcoProperties.getProperty("jco.client.passwd")

com.sap.security.core.server.destinations.api.DestinationException: [com.sap.ASJ.dest.sv0655] Code-based destination service access denied to component sap.com/tcxiccbpm~pilist. Access to security-relevant internal destination properties (e.g. passwords, tickets, etc.) is restricted to few selected engine components and not generally available to any service or application.

sap.com/tcxiccbpm~pilist is my dc name.

Can you please help.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

siarhei_pisarenka3
Active Contributor
‎07-22-2009 7:40 AM
0 Kudos

Hi

Unfortunately you are trying to read user password stored in JCo destination. Such operation is forbidden by security reasons. Passwords are stored in Secure Store and you cannot simply read them. That's why you get such exception.

Maybe in some old 7.0 releases this was possible, but the security hole was closed in 7.1.

In general you cannot read any J2EE user passwords. This is forbidden.

So, rethink of your application scenario. The main question is why do you need to read password?

BR, Sergei

Show replies
Show replies
Former Member
‎07-22-2009 8:04 AM
0 Kudos

hello Sergei,

Thanks for reply.

I need to pass username and password to java mbean, which creates JCO connection.

Java mbean does not accept Properties object directly.

Any workaround?

Atul.

siarhei_pisarenka3
Active Contributor
‎07-22-2009 8:24 AM
0 Kudos

Hi Atul

1) Usually in the case I would ask the end-user to type the password at time of the operation.

2) Also you can try to use J2EE Configuration Service API. It allows to store application configuration properties and the read them. It's possible to mark some property as secure (password, for example). In the case the service will store password in the secure store. Such way will allow you to introduce configuration properties for your application.

3) Also you can consider your own configuration file where you can store password and then read it, but this is not secure, I think.

BR, Sergei

Former Member
‎07-22-2009 8:32 AM
0 Kudos

Hi Sergei,

Here we are trying to use SSO ticket first for user authorizaton; which enrich the properties object.

Rgds,

Atul.

Ask a Question