- SAP Community
- Groups
- Interest Groups
- Application Development
- Discussions
- SM59-HTTP Connection to External Server / NTLM Aut...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
SM59-HTTP Connection to External Server / NTLM Authentication
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-11-2009 6:20 PM
I'm trying to make an connection between SAP and a Web Service with SM59 ( = HTTP Connection to External Server). But I always receive this error message:
'You do not have permission to view this directory or page using the credentials that you supplied because your Web browser is sending a WWW-Authenticate header field that the Web server is not configured to accept. '
The web service is created on Sharepoint. But Sharepoint does not allowed an Basic Authentication ( SM59- Logon & Security), only NTLM and Kerberos.
I there anybody who can help me?
Thanks!
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-12-2009 3:37 AM
Hi,
I doubt that SAP supports NTLM authentication. I would try to use proxy as a workaround. I would run proxy which would accept connections only from SAP application servers and forward those connections to Sharepoint. The proxy would perform NTLM authentication. I found [this|http://ntlmaps.sourceforge.net] written in python. There is even [version for Windows|http://tredosoft.com/ntlm_proxy_server]. I know it's not an enterprise solution but it should help.
Cheers
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-12-2009 3:37 AM
Hi,
I doubt that SAP supports NTLM authentication. I would try to use proxy as a workaround. I would run proxy which would accept connections only from SAP application servers and forward those connections to Sharepoint. The proxy would perform NTLM authentication. I found [this|http://ntlmaps.sourceforge.net] written in python. There is even [version for Windows|http://tredosoft.com/ntlm_proxy_server]. I know it's not an enterprise solution but it should help.
Cheers
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-17-2009 11:54 AM
Hi Martin,
Thank you very much for your response. It could be a solution for my problem, but unfortunately it is nicht very secure.
Cheers
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-17-2009 12:10 PM
Why not? Just curious. Or what do you mean by "very secure".
Thanks,
Martin
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-18-2009 12:18 PM
Hi!
Unfortunately I can not tell much more. My colleague told me, that it is okay but not very secure, because the login info (username und password) is not really protected.
Thanks.
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-18-2009 4:44 PM
As posted previously: there are alternatives to using password-based authentication.
Notice: it's preferrable to use solutions based on standards for communication between components of different vendors. Web Service Security offers more than just "username tokens".
Regards, Wolfgang
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-21-2009 8:40 PM
Hi
I'm sorry, I haven't seen yours links. They are very, very interesting.
Regards,
Chiara
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-05-2011 10:59 AM
Hi Chiara,
Do you have any solution? Do you mind to share that? We are also trying to extract data from Sharepoint via web service into SAP BI, but with no avail.
Kindly advise.
Thank you.
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-12-2009 7:45 PM
Hi,
Sharepoint supports Integrated Windows Authentication, which uses Kerberos by default, but if it is not possible to use Kerberos it will use NTLM and accept an NTLM token. I think you will find it is easier to find a solution using Kerberos, since this is more easily available on non-Windows operating systems (I assume your SAP system is on UNIX/Linux).
Thanks,
Tim
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-13-2009 1:19 PM
Sorry, but an NWAS ABAP does not support Kerbeors authentication, so far.
Thus, you cannot use Kerberos / "Windows Integrated Authentication" / SPNEGO when using the NWAS ABAP in the role of an Web Service consumer, as described in your posting.
What you need is an STS (Security Token Service) which is capable of converting one token (supported / provided by the NWAS ABAP) into another token (supported / accepted by the Sharepoint server). This is the way the standard is handling such situations (where WS consumer and WS provider do not support a common set of tokens).
[Microsoft 'Geneva'|http://blogs.msdn.com/card/archive/2008/11/04/microsoft-geneva-framework.aspx] might be of interest for you.
See also: [Wiki topic 'Single Sign on for Web Services'|http://wiki.sdn.sap.com/wiki/display/Security/SingleSignonforWeb+Services]
Edited by: Wolfgang Janzen on Sep 17, 2009 1:33 PM
- SAP Managed Tags:
- Security
