cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

RFC destination for LogOn Ticket

Go to solution
Joseph_BERTHE
Active Contributor

on ‎05-23-2006 9:50 AM

0 Kudos

Hi,

My question is about the web dynpro authentication via logon ticket.

I have a WD application which has its sap.authentication set to true. My application calls some BAPIs with RFC connection, using a generic user no-dialog via JCO.

<b>How can I specify to my connection, that the user who wants execute such a BAPI is not the generic one but a specific user with specific permissions (the user of my logon ticket)?</b>

I have found out a tutorial which is about the logon ticket for WebServices application : <a href="http://help.sap.com/saphelp_nw04/helpdata/en/59/e8e95d1eba48dfa86ae91ad8816f5d/content.htm">http://help.sap.com/saphelp_nw04/helpdata/en/59/e8e95d1eba48dfa86ae91ad8816f5d/content.htm</a>

but it doesn't fit my request. Actually, my model is a RFC model, so I can't have access to the methodes 

myModel._setHTTPDestinationName(<namedest>)

Thanks

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎05-23-2006 11:12 AM
0 Kudos

berthe,

Run WebDynpro Content Administrator (http://host:port/webdynpro/dispatcher/sap.com/tcwdtools/Explorer), select necessary JCo destination in "Maintain JCo Destinations" section and, edit it and at step "Security" set "Used Method" to "Ticket". All the rest will be handled by Adaptive RFC / JCo.

VS

Show replies
Show replies
Joseph_BERTHE
Active Contributor
‎05-23-2006 11:29 AM
0 Kudos

Hi Valery,

I didn't realise it was so simple... then very big thanks.

Now I have an other question related to this, how should I configurate my WAS ? do I need to create HTTP Destination (in my J2EE Engine) or a RFC Destination, or should I make nothing (all is automatic)?

Regards,

Former Member
‎05-23-2006 11:38 AM
0 Kudos

berthe,

If you setup SSO between WebAS and R/3 correctly, then all magic happens automatically. Otherwise (invalid SSO setup) you will see errors about ticket verification.

Footnote: ticket authentication is recomended for <b>data</b> destination, <b>meta</b> destination typically uses predefinded user.

VS

Former Member
‎05-23-2006 11:46 AM
0 Kudos

berthe,

Just read the following:

I have a WD application which has its sap.authentication set to true. My application calls some BAPIs with RFC connection, using a generic user no-dialog <b>via JCO</b>.

If you are not using Adaptive RFC Model but rather plain JCo, then in addition to my previous words obtain connection in a way suggested by Satyajit Chakraborty: 

 

JCO.Client client = null;
try
{
  final IWDJCOClientConnection conn 
    =  WDSystemLandscape.getJCOClientConnection("NAME_USED_IN_WD_CONTENT_ADMINISTRATOR");
  client = conn.getClient();
}
catch(final WDSystemLandscapeException e)
{
  /* error handling */
}

Again, here SSO ticket will be applied automatically.

VS

Answers (1)

Answers (1)

Former Member
‎05-23-2006 10:50 AM
0 Kudos

Hi Berthe,

What I don't understand is, why do you need to change the user specifics while executing the BAPI? Since you have sap.authentication set to true, you can login using the user that has SSO set up and the JCo destination for modeldata will be take care of the SSO.

Anyways, you can use this code to change the JCo destination before executing your BAPI/RFC.

Let your model be named "YourModel". And let the JCo connection which has SSO set up be named "WD_MODELDATA_DEST_XYZ".


YourModel modelObject = (YourModel)WDModelFactory.getModelInstance(YourModel.class);
try{
IWDJCOClientConnection con =  WDSystemLandscape.getJCOClientConnection("WD_MODELDATA_DEST_XYZ");
modelObject.setJcoClient(con.getClient());
}
catch(WDSystemLandscapeException e){
}

Still I would like to know why you want to do this.

Regards,

Satyajit.

Show replies
Show replies
Joseph_BERTHE
Active Contributor
‎05-23-2006 11:06 AM
0 Kudos

Hi,

Why ? There is my scenario :

I have an web application which able to create, modify and view order. I have also users with different privileges such as a user which able to read only orders...

So my JCO connection uses a generic user (in my web dynpo content administration), then it has all access to my BAPIS. Therefore, I need to manage my web application behavior according to my user privileges (which is connected).

Am I clear ?

By the way, thanks for your answer

Ask a Question