Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

HTTP client in ABAP with SPNego/Kerberos authentication ?

Former Member

‎03-03-2015 8:55 AM

0 Kudos

Hi All.

Does anybode know if it is possible to write an http client application in ABAP, which supports SPNego/Kerberos authentication ?

We have inspected the CL_HTTP_CLIENT class, but it seems to only support Basic Authentication.

My use case is:

  • In our network we have an IIS server exposing an http service.
  • This service only supports authentication via SPNego/Kerberos.
  • We want to call this service directly from ABAP.
  • We would like to be able to specify username/password before calling the service, get the Kerberos ticket from our AD and then use this ticket to authenticate.

Does anybody know if this is possible ?

Best regards,

Søren Hansen

1 REPLY 1

Former Member

‎03-03-2015 2:49 PM

0 Kudos

That's not how Kerberos works. You have at least 2 options here, either make the client directly authenticate itself against the IIS server or have SAP authenticate the client using the same Kerberos as IIS is using and pass the token to the IIS server. In the latter option SPNEGO for ABAP is required. That said only the client based approach is clean from an architectural point of view. Can you describe the service hosted by the IIS server? Are you trying to implement some kind of "as service user" scenario to access the IIS server? If so, simply define other authentication methods on the IIS server instead of trying to complicate things unnecessarily.