cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Retreive SAP Logon Ticket from WebService

Go to solution
Former Member

on ‎05-24-2006 2:29 AM

0 Kudos

Hi all,

I have created a Webservice inside the NetWeaver which again calls other Webservices on different Machines and also calls RFC Function modules in an SAP Backend System. I now want to make use of the SAP Logon Ticket. As I want to pass the logon Ticket around when calling the other Webservices and the RFCs within my Webservice I wanted to know if there is a way to retrieve the SSO Ticket of the current user within my Webservice.

A small coding example would be great.

Thanks for you help.

regards Ingo

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎05-25-2006 2:32 AM
0 Kudos

Hi ,

first of all thanks for the quick reply. I have set up a Webservice real quick in which i wanted to test the code my exposed method is

public String getLogonCredentials() {

String logonTicket = "No logon ticket";

try {

IUserFactory ufactory = UMFactory.getUserFactory();

IUser user =

ufactory.getUserByLogonID("Administrator");

// IUser user =

UMFactory.getAuthenticator().getLoggedInUser();

IUserMapping umapping = UMFactory.getUserMapping();

IUserMappingData mappingData =

umapping.getUserMappingData(null, user);

Properties jcoProperties = new Properties();

mappingData.enrich(jcoProperties);

logonTicket = user.getUniqueID();

logonTicket += " " + user.getUniqueName() + " ";

logonTicket += jcoProperties.getProperty

(IUserMappingData.UMAP_JCO_PASSWORD);

} catch (UMException ue) {

}

return logonTicket;

}

but when I do run this I only get the "No logon Ticket" back. So I am kind of stuck when it comes to retrieving the currently loged on user. As you can see I have also tried the UMFactory.getAuthenticator().getLoggedInUser()

but unfortunately it returned the same results.

So my questions would be.

1. Is the use of the UMFactory to retreive the User correct?

2. Do I have to configure something in Order to get the user and the Ticket back?

Thank's for any further help you can provide.

regards Ingo

Show replies
Show replies
former_member182372
Active Contributor
‎05-25-2006 2:30 PM
0 Kudos

Hi Ingo,

In case you are running WS over EJB you can access sessionContext. So, try following:


final String callerPrincipalName = sessionContext.getCallerPrincipal().getName();
final IUserFactory userFactory = UMFactory.getUserFactory();
IUser sapUser = userFactory.getUserByLogonID( callerPrincipalName );

Best regards, Maksim Rashchynski.

former_member182372
Active Contributor
‎05-25-2006 3:11 PM
0 Kudos

One more thing. You should initialize jcoProperties:


Properties jcoProperties = new Properties();
jcoProperties.put("jco.client.client", "001");
jcoProperties.put("jco.client.ashost", "hostname");
jcoProperties.put("jco.client.sysnr", "00");
mappingData.enrich(jcoProperties);

Answers (2)

Answers (2)

Former Member
‎05-25-2006 9:45 PM
0 Kudos

Hi Maksim,

thanks for the explanation on EJB SessionBeans. Here you can see how good of a EJB developer I am :(.

Anyway I tried it out and whenever I run the code a exception is thrown with the message.

"com.sap.security.api.umap.NoLogonDataAvailableException: Can't provide the user's SAP logon ticket because there is no existing logon ticket. Is it possible that the user has not been authenticated?"

so whatever they do in the J2EE WebServices it seems to be the SAP Logon Ticket is not used at all for some reason. At least its not in the mappingdata.

I traced the whole thing with HTTPWatch and the SAP Logon Ticket is actually passed around in my browser.

Any ideas on that?

Show replies
Show replies
former_member182372
Active Contributor
‎05-24-2006 9:13 AM
0 Kudos

Hi Ingo,

Check https://media.sdn.sap.com/javadocs/NW04/SPS15/um/com/sap/security/api/umap/IUserMappingData.html

Solution found by <a href="https://forums.sdn.sap.com/profile.jspa?userID=9151">Valert Silaev</a> duiring one of recent projects:

a) In EJB environment you have access to id of currently logged user

b) You can obtain current IUser via following sequence:

com.sap.security.api.IUserFactory ufactory

= com.sap.security.api.UMFactory.getUserFactory();

com.sap.security.api.IUser user

= ufactory.getUserByLogonID(<CURRENT_USER_ID>);

c) Next you have to get access to mapping data:

com.sap.security.api.umap.IUserMapping umapping

= com.sap.security.api.UMFactory.getUserMapping();

com.sap.security.api.umap.IUserMappingData mappingData

= umapping.getUserMappingData

(

null /no system object, just ticket operations assumed/,

user /current user/

);

d) add logon credentials to a JCo properties object (enrich(Properties)), a SOAP message (enrich(SOAPMessage)) or an HTTP request (enrich(HttpURLConnection)). The actual type of credentials (e.g. user ID and password, SAP logon ticket, ...) depends on the logon method that is configured for the backend system.

retrieve all logon data that has been saved for the selected principal and backend system (as cleartext, i.e. as it has been saved). This may be relevant if, for some reason, you don't want to retrieve logon method specific credentials. See enrich(Map).

Best regards, Maksim Rashchynski.

Show replies
Show replies
Ask a Question