cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Impersonation

Former Member

on ‎03-06-2006 10:03 AM

0 Kudos

Hi,

From the developers guide, I copied the following quote in the section on Impersonation:

>>> This method enables the portal component to impersonate the user who made the portal request. There are a number of requirements that must be met in order for this technique to work. For more information, see the document "Impersonation and Delegation.doc". Don't forget to call ImpersonateRevert() once processing is complete. <<<

Can anyone tell me where I can find the document "Impersonation and Delegation.doc"?

Thanks,

Geert Maertens

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

Former Member
‎03-08-2006 10:08 AM
0 Kudos

https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/47d0cd90-0201-0010-4c86-f81...

and another resource:

https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/bc72b890-0201-0010-3a8d-e31...

Show replies
Show replies
Former Member
‎03-08-2006 1:29 PM
0 Kudos

Reffael,

Thanks for your reaction. I understand that both documents talk about single sign on, LDAP, Kerberos and all the issues with authentication. However, I didn't see any reference to the <i>ImpersonateCurrentUser()</i> method of the PortalComponent class.

The way I thought that impersonation would work, is that it functions as a wrapper to the corresponding Windows API. Unfortunately, the SDK Help is very useful on this topic. Anyway, all I get right now is an <i>'unable to log on'</i> exception.

Can you guarantee me that impersonation works once SSO has been set up?

Thanks,

Geert Maertens

Former Member
‎03-08-2006 2:33 PM
0 Kudos

once everything is configured the impersonation itself is trivial, but u need everything configured properly in order to use the impersonation. Active Directory 2003 and ISAPI filter installed are prerequisite in order to use SSO. if u can specify what have u done untill now and what is still missing it would be helpfull.

example:


try
{
	ImpersonateCurrentUser();
	// Do things in the context of the impersonated user

	}
}
finally
{
	ImpersonateRevert();
}

Former Member
‎03-08-2006 3:04 PM
0 Kudos

Thank you, we have set up SSO on our production portal. However, as a developer, I am using the development portal. This portal is set up to use account aggregation.

I can accept the explanation that impersonation works only when using SSO.

One question remains to SAP: why doesn't the documentation mentions a basic requirement such as this?

Former Member
‎03-08-2006 3:24 PM
0 Kudos

how can i send u more documentation on this subject?

Former Member
‎03-08-2006 4:41 PM
0 Kudos

Thank you, once again! I don’t think there's much more you can do right now.

I was exploring the possibilities to implement a few things. The limitation that I ran into is that on our .NET server, the Portal Runtime service is configured to run using the local system account. That is why I was hoping that using impersonation would provide me the means to execute my code anyway. Now, at least I know the reason why this feature doesn't work on our development machine. I understand that it should work on our production machine, but it is a little hard to write code that you can't test. I think that I'll try again once I have the services reconfigured using a dedicated account. I hope that there isn't any reason why this approach wouldn't work.

Ask a Question