cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

BSP with LDAP Authetication

Former Member

on ‎03-31-2005 2:58 PM

0 Kudos

Hi,

In our BSP application the user needs to be authenticated by a LDAp directory. (Lets say ADS). This because this directory contains all users and there actual passwords. The user-accounts in the LDAP Directory are the same as in the Web AS. (This is garanted by a periodical export from Web AS and import to the LDAP direcory) The passwords can be different in LDAP and Web AS.

Well our idea is to build a public BSP Application to ask for Username and Password. After that we establish a bind to the LDAP directory and try to authenticate this user. (So far it works well ...CALL FUNCTION 'LDAP_COMMONBIND'...). Now we would like to create a SAP Logon Ticket, so that the user is also autenticated against Web AS (private BSP Application).

Does anybody know how to create a SAP Logon Ticket with BSP?

Thanks for any help.

Regards,

Beat

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

WolfgangJanzen
Product and Topic Expert
Product and Topic Expert
‎04-16-2005 5:48 PM
0 Kudos

I'm sorry to tell you that the SAP Web Application Server (ABAP stack) does not provide pluggability for authentication. So, you cannot implement your own user authentication and integrate it.

BSP applications are embedded into the ICF (Internet Connectivity Framework); user authentication is done in that framework (ICF) - including the creation of SAP logon tickets.

The situation is different for the J2EE part of SAP NetWeaver 2004 (also known as WebAS 6.40 Java): there you implement your own JAAS modules.

Regards,

Wolfgang

Show replies
Show replies
Former Member
‎10-12-2005 10:32 AM
0 Kudos

Well Wolfgang, any suggestions on how to accomplish this?

Former Member
‎10-12-2005 11:27 AM
0 Kudos

If you are ok with the system prompt ,

SICF->defaulthost->sap->bc->bsp->sap->Your BSP Application name will come,

double clk that , there u can provide adefault user idd and password ...So that all can access.

If u want to authenticate , just create one BSP Application with a login page and left the user id and pwd field that blank in the above path.

-

If u need cutomized login screen ,

just chh the BSP Application SYSTEM / login.htm

Regads,

j

Do Award pts for helpul answers

Message was edited by: Jothi venkatachalam

Former Member
‎10-12-2005 12:35 PM
0 Kudos

The question is not about standard login and authentification the question is in concern to using LDAP and login authentification without the user being in the SAP system only in the LDAP server.

thomas_jung
Developer Advocate
Developer Advocate
‎10-12-2005 3:05 PM
0 Kudos

I am afraid that Wolfgang is incorrect. The JAAS can be used for authentication into the ABAP stack as well. Have a look at OSS note 858138 for details. It has the links to SDN articles and Help documents for the setup of the JAAS. It also has the following very important statement:

<i>JAAS is supported by the SAP J2EE Engine and can also be used to authenticate ABAP-based services.</i>

Former Member
‎10-13-2005 11:58 AM
0 Kudos

Thank you Thomas!

Some guys in Bangalore were asking about this and I couldn't remember the info and I wasn't sure how up-to-date this thread was!

Former Member
‎03-31-2005 6:53 PM
0 Kudos

Have you thought about just linking your Users in WEB directly to the LDAP, use the LDAP as your User base for the WAS itself?

Show replies
Show replies
Former Member
‎04-01-2005 12:24 PM
0 Kudos

Hi Craig

There are not all users to be authenticated by the LDAP. So we need kind of a mixed form of user base. Only a few users are exported to LDAP and for those users LDAP is the master.

Best Regards,

Beat

Former Member
‎04-01-2005 1:39 PM
0 Kudos

Interesting. I've not done the manual creation but I'm sure there is a way.

Former Member
‎04-04-2005 10:01 AM
0 Kudos

Jep It's interesting. I'am also sure that there is a way. I found a function: HTTP_SET_SSO2_COOKIE. Unfortunatelly I can't figure out the parameters and how it realy works.

Ask a Question