Hi all,
I'm tring to configure SAML for SSO using the documentation on http://help.sap.com/saphelp_erp2005/helpdata/en/2d/d1f1285432da4d8ff121b47363e54d/content.htm.
When I configure the demo application (after Configuration Adapter): http://milds2004:50100/samlssodemo_source/setup I see this exception:
<i>SAML SSO Demo Application Setup
An unexpected situation has occurred
java.lang.Exception: [UMERROR] An exception during a user management operation occurred. Possibly the user management is not writable or, when using an ABAP backend system, the permissions of the backend service user are not sufficient. Origial exception stack trace:
com.sap.security.core.server.userstore.UserstoreException: Could not create user SAML_SOURCE
at com.sap.security.core.server.userstore.UserContextUME.engineCreateUser(UserContextUME.java:301)
at com.sap.engine.services.security.userstore.context.UserContext.createUser(UserContext.java:121)
at com.sap.security.core.server.saml.service.SAMLServiceImpl.createUser(SAMLServiceImpl.java:3201)
at com.sap.security.core.server.saml.service.SAMLServiceImpl.createSAMLSSOConfiguration(SAMLServiceImpl.java:1908)
at com.sap.security.core.server.saml.app.ssotest.source.SetupServlet.doGet(SetupServlet.java:722)
at com.sap.security.core.server.saml.app.ssotest.source.SetupServlet.doPost(SetupServlet.java:809)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:390)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:264)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:347)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:325)
at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:887)
at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:241)
at com.sap.engine.services.httpserver.server.Client.handle(Client.java:92)
at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:148)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:95)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:159)
Caused by: com.sap.security.core.persistence.datasource.PersistenceException: The UME/ABAP user management connector is set to read-only mode and therefore rejects the creation request for user SAML_SOURCE
at com.sap.security.core.persistence.datasource.imp.R3Persistence.getPrivateIDPart(R3Persistence.java:2442)
at com.sap.security.core.persistence.datasource.imp.DataSourceBaseImplementation.bindNewPrincipalDatabag(DataSourceBaseImplementation.java:323)
at com.sap.security.core.persistence.datasource.imp.R3Persistence$R3PersistenceTransaction.bindNewPrincipalDatabag(R3Persistence.java:8342)
at com.sap.security.core.persistence.imp.DistributedTransaction.doBindings(DistributedTransaction.java:883)
at com.sap.security.core.persistence.imp.DistributedTransaction.commit(DistributedTransaction.java:2339)
at com.sap.security.core.imp.UserFactory.commitUser(UserFactory.java:1452)
at com.sap.security.core.server.userstore.UserContextUME.engineCreateUser(UserContextUME.java:296)
... 21 more
at com.sap.security.core.server.saml.service.SAMLServiceImpl.createSAMLSSOConfiguration(SAMLServiceImpl.java:1944)
at com.sap.security.core.server.saml.app.ssotest.source.SetupServlet.doGet(SetupServlet.java:722)
at com.sap.security.core.server.saml.app.ssotest.source.SetupServlet.doPost(SetupServlet.java:809)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:390)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:264)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:347)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:325)
at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:887)
at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:241)
at com.sap.engine.services.httpserver.server.Client.handle(Client.java:92)
at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:148)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:95)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:159)
(c) SAP AG, 2003</i>
Could you please help me?
Thanks,
Vito Palasciano
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.