Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

Single Sign On with VB or self developing program

Former Member
0 Kudos

Hi Experts,

Is this possible to do single sign on with NetWeaver from VB or self developing program? For example, a VB windows program opens a NW portal program and then the user does not need to key username/passward. How to achive it

Best Regards

7 REPLIES 7

jurjen_heeck
Active Contributor
0 Kudos

In my opinion it should not matter if an application is triggered by a mouseclick or a VB application......

0 Kudos

However, how to pass logon ticket from VB to NW Portal?

0 Kudos

To be honest, I am no expert on the matter of SSO.

I can not answer your question but was wondering : "If someone opens a portal manually, by double-clicking an icon, how does he/she pass on the ticket?"

My question/doubt is: do you have to take special measures within your application to facilitate the single sign on? Or does this happen in the background anyway?

For the real techniques/technologies I have to pass but there are other experts frequenting this forum so I trust they'll help you.

0 Kudos

To my knowledge, SAP Logon Tickets are intended to be a proprietary mechanism, so only the SAP NW Portal is intended to issue them after the authentication requirements are succesfully passed - which ever those happen to be.

As you can see, I have chosen my wording carefully as I might not be completely correct and I would think that SAP can anyway change the design as they please if they want to keep it proprietary - in which case your VB scripts will all break if they depend on this.

Another option in addition to searching here, is to look around in the [Scripting Languages|/community [original link is broken]; forums as the folks there have faced this issue before.

Cheers,

Julius

Edited by: Julius Bussche on Nov 7, 2008 2:45 PM

tim_alsop
Active Contributor
0 Kudos

Tom,

First you need to configure NW so that the required login module is working when you logon from a web browser. Then, once you have SSO working from web browser at workstation you can code the same functionality that is used by the browser into your VB application - depending on which method of authentication is used, this might be easy or very hard. If you can, I think you shoudl "embed" the browser in your VB application so that NW thinks the browser is being used by a user, but it will instead be the browser invoked and operated by the VB app. I have seen this done before, but using Delphi, so I suspect it is also possible using VB. If you use the browser then SSO2 tickets will be sent to NW by browser and your app will not need to get involved in any propriatory methods.

I hope this helps ?

Thanks,

Tim

Former Member
0 Kudos

There is an excellent document authored between Microsoft and SAP that talks about all of the various SSO options that can be implemented between the two platforms. You can find it at the SAP | Microsoft Alliance webpage (http://www.microsoft.com/isv/sap/technology/interop/ad.aspx), titled "Single Sign-On with Microsoft and SAP".

WolfgangJanzen
Product and Topic Expert
Product and Topic Expert
0 Kudos

>

> Hi Experts,

>

> Is this possible to do single sign on with NetWeaver from VB or self developing program? For example, a VB windows program opens a NW portal program and then the user does not need to key username/passward. How to achive it

>

> Best Regards

From your description it is not clear whether you intend to submit Web Service calls from your VB program (acting as WS Consumer) or whether you intend to implement a browser-like user agent.

Unfortenately you did also not tell us which release your "NW Portal" is based on. Assuming it's a NWAS Java 7.0 you might consider to use Kerberos / SPNEGO for authentication. That would work for both, servlets and web services (using transport-level security).

Using X.509 client certificates would be another option. But most likely you do not have a PKI.