on 07-31-2009 11:50 AM
Hi
A mail is sent to the approver for approving the request. When user clicks a webdynpro application called up and RFC is executed which approves the request. We are using SSO based JCOs for the same.
Now my question is what will happen
1) if the backend user is locked
2) if the password for the user is deactivated
Will my SSO jcos work or will it thorw an error?
Abhinav
HI Abhinav,
The SSO you are using should be a Logon Ticket SSO. Here, only the user id is encrypted (as a cookie) from EP and sent to ECC for validation. Password is not sent. There is already a trust which is established between EP and ECC, hence password is irrelevant.
Hope this answers your question
Srini
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Abhinav,
If the backend user is locked or deactivated or expired you will get exception. But by seeing the message you can understand the problem that user is locked or password expired or incorrect password in JCO
e.g. the exception is like this if user is locked:
Caused by: com.sap.mw.jco.JCO$Exception: (103) RFC_ERROR_LOGON_FAILURE: User is locked. Please notify the person responsible
Regards,
Siva
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
The SSO is working fine even your password is deactivated because in SSO it will check with the user id mapping in portal and R/3 system but it has nothing to do with the password.
In this case it will check wether the user id of both portal and R/3 system are unique or not.
Hope this gives you some idea..
Regards,
Saleem
Hi,
Check the parameter login/password_change_for_SSO value in RZ11 of R/3.
And below documentation:
http://help.sap.com/erp2005_ehp_04/helpdata/EN/6a/3faf42ede3b911e10000000a1550b0/content.htm
Regards,
Charan
hi
SSO still work,even if you deactivate password if you use SSO with Logon Ticket.
There are basically two types in SSO.
SSO with SAP Logon Ticket
SSO with User ID and password (User Mapping)
For Logon Ticket ..
Users need to have same userids but not passwords.
Logon ticket contains following properties.
Highest Authentication Scheme
Validity
Issuing System
Digital Signature
One Mapped ABAP User ID
User ID
It doesn't contain the password
Regards
sowmya
Hi Abhinav,
I think in your first case i,e
1) If the backend user is locked
Yes in this case SSO will not work and Obvioiusly the JCO destination will not work. We faced this problem in my project.
2) I dont have idea on your second case but i think SSO will work, and if SSO works JCO destination should work
if the password for the user is deactivated.
You can test wether the SSO configuration is working or not in both the cases by running a sap transaction in System Administration -- > System configuration --> Support --> SAP appplication
This is just as per my thinking....
Regards,
Saleem
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
89 | |
10 | |
10 | |
9 | |
6 | |
6 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.