08-25-2008 11:02 PM
Hi SDN Security Experts,
I want to use the ABAP secure store to implement a YubiKey authentication server in ABAP. I've already published a [ABAP Class for YubiKey authentication against the Yubico Web Service API|https://www.sdn.sap.com/irj/sdn/weblogs?blog=/pub/wlg/10661] [original link is broken] [original link is broken] [original link is broken];.
Here's my problem:
I can successfully use the secure store using the demo repots SECSTORE01 and SECSTORE02. But when I want to use the secure store in my own report I only get the error message:
Access to the secure store denied
Message no. SECSTORE026
This is caused by a missing entry for my report in the RSECACHK table. But this table does not only needs the report name, it also needs a cryptographic check sum. But I haven't found a documentation how this check sum is created.
Does anybody knows what algorithm is used to calculate this checksum?
Best regards
Gregor
08-26-2008 6:43 AM
Hi Gregor,
please refer to [SAP Note 502422|https://service.sap.com/sap/support/notes/502422] -> explanation for SECSTORE026.
The important lines are:
""Using the secure storage in customer programs is not allowed and
will always return this error. ""
b.rgds, Bernhard
08-26-2008 7:03 AM
Hi Bernhard,
is there a special reason to do so? With WebAS ABAP 7.00 there is a namespace defined which can be used by the application. So I don't get a general access to the secure store.
Best regards
Gregor
08-26-2008 9:32 AM
Hi Everybody,
I've just got an answer from OSS that it is not possible to use the secure store because of German export restrictions. Customers have to use the [Secure Store and Forward (SSF)|http://help.sap.com/saphelp_nw70/helpdata/EN/6c/5b0b37233f7c6fe10000009b38f936/frameset.htm] functionality.
Best regards
Gregor