cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Does SOAP with HTTPS really work to propagate the user

Go to solution
maruthiramana
Explorer

on ‎02-28-2013 2:45 PM

0 Kudos

Dear Experts,

My Scenario : Application Server (Non-SAP) ---------------> PI 7.31 (AEX) --------> CRM.

Here we are using SOAP webservice for both the sides.

Since, we are looking for more user level authentication, the user information (sender side is non-SAP) would be used to authenticate at receiver side to grant access depending on his role.

Could you please share your thoughts how can i achieve this in our landscape?

Thanks for your immediate replies.

Warm regards,

Ramana

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

smavachee
Active Contributor
‎02-28-2013 3:42 PM
0 Kudos

We can not make it guaranteed solution on user level authentication at receiver end, but i feel authentication can be handled in the Security Provider of J2EE, where it is possible to make a reference to customized Login Module.

Have a look at this link..


Create and Configure a Login Module

Keep updated with outcome.

Regards,

Sunil

Show replies
Show replies
maruthiramana
Explorer
‎02-28-2013 3:51 PM
0 Kudos

Dear Sunil,

Thanks for your reply.

We can achieve the user level authentication at the receiver side by using Principal Propagation since our receiver is an SAP system.

But, we 're more worried about our user propagation using the SOAP adapter from the sender side which is non-SAP system. Here we are using SSO (Single Sign On) method.

Thank you,

Regards,

Ramana.

nabendu_sen
Active Contributor
‎02-28-2013 4:00 PM
0 Kudos

Hi Ramana,

SOAP/Web Services

– Inbound: Any authentication mechanism possible

– Outbound: only SAP assertion ticket possible

Check my 2nd document for more information.

nabendu_sen
Active Contributor
‎02-28-2013 4:08 PM
0 Kudos

If you are below NW04 with SPS19 or NW04s with SPS10, you can go with other solution provided below:

http://scn.sap.com/community/pi-and-soa-middleware/blog/2009/05/26/pixi-pseudo-principal-propagation

maruthiramana
Explorer
‎03-04-2013 10:12 AM
0 Kudos

Hi Nabendu Sen,

Thanks for your updates.

Here can you please elaborate more on sender side how can i achieve this with SAP Assertion Ticket while my sender is non-sap system also we 're used Single-Sign on method.

Regards,

Ramana.

Answers (2)

Answers (2)

nabendu_sen
Active Contributor
‎02-28-2013 3:46 PM
0 Kudos

Hi Ramana,

Check the below blog for Principal Propagation. Not sure whether we have any limitation with HTTPs.

http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/808d3048-638c-2a10-35a6-faa48e50a...

Using Logon Tickets:

Show replies
Show replies
dipaks_patil
Explorer
‎02-28-2013 2:57 PM
0 Kudos

hi

http://scn.sap.com/community/pi-and-soa-middleware/blog/2012/03/07/a-closer-look-at-soap-sender-auth...

http://www.stechno.net/sap-notes.html?view=sapnote&id=891877

Show replies
Show replies
maruthiramana
Explorer
‎02-28-2013 3:44 PM
0 Kudos

Hi Dipak,

Thanks for your blogs, which will definetely helpful for me to proceed further.

But, here we are using SSO (Single-Sign on) from the client side (non-SAP) and we are expecting the SOAP sender adapter to propagate the users for the inbound message to PI.

Appreciate for your help.

Warm regards,

Ramana.

Ask a Question