cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

MYSAPSSO2 cookie for SAP logon tickets

Go to solution
Former Member

on ‎09-08-2009 2:24 PM

0 Kudos

Hi All,

I am trying to configure SSO using SAP logon tickets for EP 7.0. I want to test whether login ticket is generated when user logs in to portal . For that i have configured Login module stack such as j2ee engine will create and accept login tickets

I have set following properties for sap-j2ee-engine component

Login Modules Flag

EvaluateTicketLoginModule SUFFICIENT

BasicPasswordLoginModule REQUISITE

CreateTicketLoginModule OPTIONAL

But when i access the portal i am unable to find MYSAPSSO2 cookie generated on my machine under cookies folder.

Where can i see MYSAPSSO2 cookie or am i missing somthing to set up SSo?

Thanks in advance,

Arati.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

christiansche
Active Participant
‎09-09-2009 2:51 PM
0 Kudos

Hi Arati,

you can alo show the cookie with standard Firefox. Tools -> Options -> Privacy -> Show Cookies. If your Portals hostname is host.domain.com, in the cookies window of Firefox you will find a folder named host.domaincom and a folder named domain.com. You will find the MYSAPSSO2 cookie under domain.com.

Hope it helps,

Christian

Show replies
Show replies
Former Member
‎09-19-2014 6:49 AM
0 Kudos

Thank you for the information. It was helpful

Answers (3)

Answers (3)

chintan_virani
Active Contributor
‎09-09-2009 5:40 AM
0 Kudos

Arati,

You will need to use Http-Watch to verify the cookie is getting generated, because as Tobias pointed out MYSAPSSO2 cookie is browser based (transient) and its not a persistent cookie.

Alternatively to see your cookie in browser try following steps:-

1. Change the ume.logon.httponlycookie parameter to false as mentioned [here |http://help.sap.com/saphelp_nw70/helpdata/en/5e/473d4124b08739e10000000a1550b0/content.htm]

2. Now logon to Portal and preview the required SSO application. Now in address bar of your browser type 

javascript:document.cookie;

and it should you all the cookies set the portal such as saplb, jsessionid etc.

Chintan

Show replies
Show replies
Former Member
‎09-09-2009 11:56 AM
0 Kudos

Hi Chintan,

Thanks for your reply

Currently i have configured SSO between two enterprise portals using SSO wizard ( Note 1083421). I have created one URL iView in one portal which contains URL of another portal. when i preview this iView i am able to access the second portal without login. But when i tried to see MYSAPSSO2 cookie by entering javascript:document.cookie; in browser address bar i am unable to find MYSAPSSO2 cookie. I am able to see other cookies such as saplb jsessionid etc.

Is this means that sso is not set up correctly? or i am missing any step for SSO using SAP logon tickets

Please guide on same.

Thanks,

Arati

hofmann
Active Contributor
‎09-09-2009 1:46 PM
0 Kudos

Hi,

the SAP cookie is a "special cookie". To prevent dangerous modifications, the MYSAPSSO2 cookie is created as HTTPonly. Meaning: you can't access the cookie via Javascript to modify, delete, check. Because javascript:document.cookie is Javscript, the MYSAPSSO2 cookie won't be shown.

To verify that you browser really has the MYSAPSSO2 cookie, I recommend that you try to use Firefox with the AnEC Cookie Editor (Add 'n Edit) plugin. This tool will give you full control over the MYSAPSSO2 cookie.

br,

Tobias

chintan_virani
Active Contributor
‎09-09-2009 3:53 PM
0 Kudos

Arati,

Since you are able to bring the second Portal without logon, it means that your SSO is working.

And regarding cookie not displayed in browser did you change the setting I mentioned, if not please do that.

Alternative solutions are already shared by Tobias and me.

And what's real reason why do you want to verify the cookie in browser !!

Chintan

hofmann
Active Contributor
‎09-08-2009 6:19 PM
0 Kudos

Hi,

the SAP Logon Ticket is a session cookie. It will never get written to the filesystem. To check if the logon ticket is created, you'll need a tool that can show you the content of the browser cookies.

"The logon ticket is stored as a non-persistent cookie in the useru2019s Web browser with the name MYSAPSSO2. It is deleted when the user logs off or closes his or her Web browser."

SAP Help: http://help.sap.com/saphelp_nw04/helpdata/en/53/695b3ebd564644e10000000a114084/content.htm

br,

Tobias

Show replies
Show replies
gaurav_modgil
Participant
‎09-08-2009 3:33 PM
0 Kudos

Hello Arati,

you chould also check the logged in users temporary internet files

something like "C:\Documents and Settings\modgil\Cookies"

Hope this helps.

Regards,

Gaurav Modgil

Show replies
Show replies
Ask a Question