on 09-08-2009 2:24 PM
Hi All,
I am trying to configure SSO using SAP logon tickets for EP 7.0. I want to test whether login ticket is generated when user logs in to portal . For that i have configured Login module stack such as j2ee engine will create and accept login tickets
I have set following properties for sap-j2ee-engine component
Login Modules Flag
EvaluateTicketLoginModule SUFFICIENT
BasicPasswordLoginModule REQUISITE
CreateTicketLoginModule OPTIONAL
But when i access the portal i am unable to find MYSAPSSO2 cookie generated on my machine under cookies folder.
Where can i see MYSAPSSO2 cookie or am i missing somthing to set up SSo?
Thanks in advance,
Arati.
Hi Arati,
you can alo show the cookie with standard Firefox. Tools -> Options -> Privacy -> Show Cookies. If your Portals hostname is host.domain.com, in the cookies window of Firefox you will find a folder named host.domaincom and a folder named domain.com. You will find the MYSAPSSO2 cookie under domain.com.
Hope it helps,
Christian
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Arati,
You will need to use Http-Watch to verify the cookie is getting generated, because as Tobias pointed out MYSAPSSO2 cookie is browser based (transient) and its not a persistent cookie.
Alternatively to see your cookie in browser try following steps:-
1. Change the ume.logon.httponlycookie parameter to false as mentioned [here |http://help.sap.com/saphelp_nw70/helpdata/en/5e/473d4124b08739e10000000a1550b0/content.htm]
2. Now logon to Portal and preview the required SSO application. Now in address bar of your browser type
javascript:document.cookie;
and it should you all the cookies set the portal such as saplb, jsessionid etc.
Chintan
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Chintan,
Thanks for your reply
Currently i have configured SSO between two enterprise portals using SSO wizard ( Note 1083421). I have created one URL iView in one portal which contains URL of another portal. when i preview this iView i am able to access the second portal without login. But when i tried to see MYSAPSSO2 cookie by entering javascript:document.cookie; in browser address bar i am unable to find MYSAPSSO2 cookie. I am able to see other cookies such as saplb jsessionid etc.
Is this means that sso is not set up correctly? or i am missing any step for SSO using SAP logon tickets
Please guide on same.
Thanks,
Arati
Hi,
the SAP cookie is a "special cookie". To prevent dangerous modifications, the MYSAPSSO2 cookie is created as HTTPonly. Meaning: you can't access the cookie via Javascript to modify, delete, check. Because javascript:document.cookie is Javscript, the MYSAPSSO2 cookie won't be shown.
To verify that you browser really has the MYSAPSSO2 cookie, I recommend that you try to use Firefox with the AnEC Cookie Editor (Add 'n Edit) plugin. This tool will give you full control over the MYSAPSSO2 cookie.
br,
Tobias
Arati,
Since you are able to bring the second Portal without logon, it means that your SSO is working.
And regarding cookie not displayed in browser did you change the setting I mentioned, if not please do that.
Alternative solutions are already shared by Tobias and me.
And what's real reason why do you want to verify the cookie in browser !!
Chintan
Hi,
the SAP Logon Ticket is a session cookie. It will never get written to the filesystem. To check if the logon ticket is created, you'll need a tool that can show you the content of the browser cookies.
"The logon ticket is stored as a non-persistent cookie in the useru2019s Web browser with the name MYSAPSSO2. It is deleted when the user logs off or closes his or her Web browser."
SAP Help: http://help.sap.com/saphelp_nw04/helpdata/en/53/695b3ebd564644e10000000a114084/content.htm
br,
Tobias
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Arati,
you chould also check the logged in users temporary internet files
something like "C:\Documents and Settings\modgil\Cookies"
Hope this helps.
Regards,
Gaurav Modgil
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
86 | |
10 | |
10 | |
9 | |
7 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.