cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

AppIntegrator iview with SAP Logon Ticket.

Former Member

on ‎11-29-2004 4:51 PM

0 Kudos

Hi,

I am trying to build an iview using AppIntegrator component

with SAP Logon Ticket authentication method. I have set

"<System.protocol>://<System.server><System.uri>?<Authentication>"

for URL template and "MYSAPSSO2=<Request.SSO2Ticket>"

for URL template fraction for Single Sign-On (SSO2),

but it still pops up user/password prompt. Did I make

a mistake here or somewhere else? I have used documentation

located on SAPSERVX as per note 442401, it is for EP5,

SAP Support says it's good for EP6 as well, it's not, but

I think I found all the relevant components at EP6.

Anyway, someone has an experince doing it with EP6? Any

up-to-date documentation to share?

Thank you,

Yuri

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

detlev_beutner
Active Contributor
‎11-30-2004 3:12 PM
0 Kudos

Hi Yuri,

you know https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.docs/documents/a1-8-4/the application integrator in ep 6.0 ?!

If not, check against the included PDF.

Anyhow, I have made this several months ago without a problem.

What kind of application are you integrating?

Hope it helps

Detlev

Show replies
Show replies
Former Member
‎11-30-2004 8:47 PM
0 Kudos

Hi Detlev,

Yes, I am familiar with Application Integrator solution,

but when you have to make SSO with external non-SAP web

application (Apache on Linux in my case), there is some

work to be done on that side (as per SAP note 442401),

and I think that provided WebServerFilter.pdf doesn't

fit EP6 (although SAP support says it does), so may be

THERE is my problem, but except this, I wasn't sure I

am setting right that URL Template properties for App

Integrator iview, and I wanted to eliminate possibility

that my mistake is here.

Did you make SSO with AppIntegrator and Logon Ticket?

Against what system? According to what documentation?

Do you think my syntax is correct?

Do you familiar with SAPSSOEXT available at service.sap.com/

patches? I was told by SAP support not to use it, but the

old ones (note 442401). This is what you used? With EP6?

Thanks,

Yuri

detlev_beutner
Active Contributor
‎12-01-2004 9:00 AM
0 Kudos

Hi Yuri,

> Did you make SSO with AppIntegrator and Logon Ticket?

Yes.

> Against what system?

Against an own developed Web Application which was running standalone till then. When integration, authentication check was additionally implemented, using the SSO ticket.

> According to what documentation?

Primarily according to the doc I referred to in my last post.

> Do you think my syntax is correct?

There is no slash between server and uri, maybe you have defined the slash as first letter of your uri, than this is ok so far.

The part "?<Authentication>" seems at least to be superflous when you have "SAPLOGONTICKET" defined as the logon method within your system definition. (At least I haven't it got in my old iView which I just checked, even if I must say that this was not the latest version...).

> Do you familiar with SAPSSOEXT available at

> service.sap.com/patches?

We didn't use webfilters but implemented the authentication check within our application, as mentioned above. For this, we also used SAPSSOEXT, also see

Hope it helps

Detlev

Former Member
‎12-01-2004 9:17 AM
0 Kudos

Hi Detlev,

"There is no slash between server and uri, maybe you have defined the slash as first letter of your uri, than this is ok so far."

The slash is the first char of my uri.

"The part "?<Authentication>" seems at least to be superflous when you have "SAPLOGONTICKET" defined as the logon method within your system definition. (At least I haven't it got in my old iView which I just checked, even if I must say that this was not the latest version...)."

Are you saying that URL Template should not contain the

"?<Authentication>" part? If yes, how I make it pass the

logon ticket? It's enough to define it as logon method for

the system? The tooltip of the "URL template fraction for

Single Sign-On (SSO2)" field says:

"The Single Sign-On template fraction is resolved during runtime and its result is stored in the variable 'Authentication'. The expression <Authentication> can be used inside the URL template to pass the SSO2 ticket to the web application, e.g: the template fraction '<Request.SSO2Ticket>' will fill the variable 'Authentication' with the SSO2 ticket."

It looks to me like I DO have to add the ?<Authentication>

to the URL Template, what do you say?

"We didn't use webfilters but implemented the authentication check within our application..."

So you developed something of your own to receive the ticket?

Thanks,

Yuri

detlev_beutner
Active Contributor
‎12-01-2004 9:37 AM
0 Kudos

Hi Yuri,

> Are you saying that URL Template

> should not contain the "?<Authentication>" part?

Right.

In the last post I just said that I found no "authentication" part in the url template.

To be sure, I just checked this by using HttpWatch (nice tool for such things), and I see that the ticket gets passed! So at least it is superflous (if not creating problems)...

> So you developed something of your own

> to receive the ticket?

Yes, to retrieve, mainly to check the cookie.

Hope it helps

Detlev

Former Member
‎12-01-2004 9:45 AM
0 Kudos

Hi Detlev,

"> Are you saying that URL Template

> should not contain the "?<Authentication>" part?

Right.

In the last post I just said that I found no "authentication" part in the url template.

To be sure, I just checked this by using HttpWatch (nice tool for such things), and I see that the ticket gets passed! So at least it is superflous (if not creating problems)..."

But you do define "MYSAPSSO2=<Request.SSO2Ticket>" for

URL template fraction for Single Sign-On (SSO2)?

Thanks,

Yuri

detlev_beutner
Active Contributor
‎12-01-2004 9:48 AM
0 Kudos

Hi Yuri,

> But you do define "MYSAPSSO2=<Request.SSO2Ticket>"

> for URL template fraction for Single Sign-On (SSO2)?

Yes, for sure. This is the info the AppIntegrator needs to know under which name it passes the cookie.

Hope it helps

Detlev

Former Member
‎12-02-2004 10:19 AM
0 Kudos

Hi Yuri,

maybe note 701205 helps.

Regards, Karsten

Ask a Question