cancel
Showing results for 
Search instead for 
Did you mean: 

How to implement SSO between Portal, Webdypro and ABAP system?

Former Member
0 Kudos

Hi all,

Here is our scenario: We have a portal which has integrated a Webdynpro Java application. Both of them running on the same SAP Web application server. The Webdynpro application reads data from an ABAP system using direct JCo Call (e.g. JCO.addClientPool(...)). Now we want to use the UME configured on the Portal server to implement SSO with Logon Tickets between Portal, Webdynpro and ABAP System.

So is this possible?

Best regards

Deyang

Accepted Solutions (1)

Accepted Solutions (1)

former_member182372
Active Contributor
0 Kudos

Hi,

look at . Similar problem was discussed.

Regards, Maxim R.

Former Member
0 Kudos

Hi Maxim,

Thanks for your quick answer!

I found some code in the thread attached documents:

[code]

private void connectToJCODestination(String urlDestination)

{

String ssoString = getSSOString();//Getting SSO ticket

//Pay attention that $MYSAPSSO2$ is the username and password

is ssoString

Client client =

JCO.createClient(clientNumber, "$MYSAPSSO2$", ssoString,

language, host, systemNumber);

client.connect();

.

.

.

}

[/code]

I am not very clear which value will returned by getSSOString() method. Could you give me some explanation about here?

Thanks a lot!

Best regards.

deyang

former_member182372
Active Contributor
0 Kudos

Hi,

getSSOString returns sso ticket which can be used in JCO.createClient if you pass $MYSAPSSO2$ as user name. This value is generated (or extracted from request if for example user navigates from portal to dynpro application) be appropiate loginModule and stored in cookies while user logs in. So, you can extract this cookie from HTTPDestination and use it in "core" JCo without using destinations (which requires RFC adaptive model). More about SSO you can read here http://help.sap.com/saphelp_nw04/helpdata/en/8c/f03541c6afd92be10000000a1550b0/frameset.htm

Regards, Maxim R.

Former Member
0 Kudos

Hi Maksim,

Thanks for your reply!

But here I want to know how to implement the getSSOString(). I will write these code in a webdynpro project. I am not very sure how to "extract this cookie from HTTPDestination ".

Looking forward for your answers

Best regards

Deyang

former_member182372
Active Contributor
0 Kudos

Hi,

implementation can looks like

private static String getSSOString()
{
	// a dummy destination is going to be created to retrieve a sso2 ticket for the currently logged in user
	HTTPDestination dst = null;
	final InitialContext ctx = new InitialContext();
	Thread.currentThread().setContextClassLoader(this.getClass().getClassLoader());
	final Object obj = ctx.lookup(DestinationService.JNDI_KEY);
	final DestinationService dstService = (DestinationService)obj; 
	if(dstService.getDestinationNames("HTTP").contains("com.sap.my.SSO"))
	{
		dst = (HTTPDestination)dstService.getDestination("HTTP","com.sap.my.SSO");
	}
	else 
	{
		dst = (HTTPDestination)dstService.createDestination("HTTP");
		dst.setName("com.sap.my.SSO");
		dst.setSSO2Authentication();
		dstService.storeDestination("HTTP", dst);
		dst = (HTTPDestination)dstService.getDestination("HTTP","com.sap.my.SSO"); 
	}	
		
	final Properties prop=dst.getDestinationProperties();
	final String sso2 = prop.getProperty("SSO2");

	return sso2
}

regards, Maxim R.

p.s.

don`t forget about points to indicate whether posts helped to solve your problem to prevent multiple topcs on forum regarding same problems.

Former Member
0 Kudos

Hi,

That's ok!

I will try it now:)

Regards

Deyang

Answers (3)

Answers (3)

Former Member
0 Kudos

Hi, Maksim:

I have tried this way

the classes required can be accessed now

but another error occured when i was trying to build the dc:

"The project was not built since its build path is incomplete. Cannot find the class file for com.sap.security.core.server.util0.IDException. Fix the build path then try building this project LocalDevelopmentssosap.com"

It seems some class file was missed in the lib.

Former Member
0 Kudos

Hi Kevin,

I added the needed DC "tc/sec/destinations/interface" and also made the entry in the project for "service reference" as described by Maksim. However, I now get exactly the build error you described ("... Cannot find the class file for com.sap.security.core.server.util0.IDException. Fix the build path ...").

Could you please explain how you got rid of it?

Regards,

Daniel

Former Member
0 Kudos

Hi,

I found the solution in this thread: (Page 2!)


Add these three DCs:
o  tc/sec/destinations/interface
o  security.class
o  com.sap.exception

Then right click on the dynpro project, navigate to
  Properties-->Web Dynpro References.
  o  On tab "Interface references" add an entry:
      o  tc~sec~destinations~interface

  o  On tab "Service reference" add entries
      o  tc~sec~destinations~service
      o  webservices

This procedure solved the problem -- at least in my case.

Regards,

Daniel

Former Member
0 Kudos

Hi, Maksim Rashchynski

How can i get the package including classes "HTTPDestination", "DestinationService" and so on.

I think it is not in the webdynpro framework.

former_member182372
Active Contributor
0 Kudos

Hi,

there should be DC in your configuration (in my case it is "tc/sec/destinations/interface" under "sap.com_SAP-JEE_1") containing package "com.sap.security.core.server.destinations.api" and also you have to specify service reference to destination service for your dynpro project (properties->web dynpro references->service references) as "tcsecdestinations~service".

hope it will help.

Regards, Maxim R.

martijndeboer
Advisor
Advisor
0 Kudos

Hi Maksim,

Starting with SP12, the destination service directly supports RFC destinations. This includes logon ticket and SNC support.

You can then make an RFC call using the code below without relying on HTTP destinations.


RFCDestination dst = (RFCDestination) dstService.getDestination("RFC", "myDst");
		int maxPoolSize = dst.getMaxPoolSize();
		long maxWaitTime = dst.getMaxWaitTime();
		Properties jcoProperties = dst.getJCoProperties();

		/**
		 * Single connection
		 */
		JCO.Client client = JCO.createClient(jcoProperties);
		client.connect();
		client.ping();
		client.disconnect();
		/**
		 * Pooled connection
		 */
		try {
			JCO.removeClientPool("myPool");
		} catch (Throwable ex) {
		}
		try {

			JCO.addClientPool("myPool", maxPoolSize, jcoProperties);
			JCO.PoolManager poolManager = JCO.PoolManager.singleton();
			poolManager.getPool("myPool").setMaxWaitTime(maxWaitTime);
			client = JCO.getClient("myPool");
			client.connect();
			client.ping();
		} finally {
			JCO.removeClientPool("myPool");
		}

Best Regards,

Martijn

Former Member
0 Kudos

HI Deyang ,

I am wondering why you creating the client in your code !!

Why can't you create Jco client through content administrator and i feel you can set the SSO details in the Jco connection wizard.

Regards,VIP

Former Member
0 Kudos

Hi Vippagunta,

Do you mean maintain JCo Destinations in the content administrator? We have test this approach, but failed because we use a very new version server. Later we will use other model to connect backend. So we create a webdynpro dc and put all creating client code in this DC.

Best regards

Deyang