cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Single sign on between EP and BI

Former Member

on ‎11-12-2009 11:06 PM

0 Kudos

Hi Experts.

Here i have problem with SSO between EP and BW 7.0.

We have implemented BI-IP templete installer while ago it worked fine but now it is giving error message saying.SYSTEM RECEIVED AN EXPIRED SSO TICKET.

I checked all the certificate in portal and visual admin they have long period to expire.Even i reimported all the certificates between portal and Bi system and tested the connection.

I am getting the same error mesage.

Do i need to do any setting in system landscape of SAP BI system like coneection,logon tickets type and any other properties related SSO

When i am doing test in BW system using RSPOR_SETUP program.

Status 12: Maintain User Assignment in Portal System failure during call of function module RSWR_RFC_SERVICE_TES

This is the message i am getting.I tested all the RFC connection between portal and BI .Everything is looks fine.

Could anyone answer for this question that would be great help.we need to do it this in all DEV.QUA and PRD systems.

Regards

Janakiram

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (4)

Answers (4)

p330068
Active Contributor
‎02-12-2010 9:53 AM
0 Kudos

Hi Janakiram,

Please check below document if your problem has not resovled. this is very good doc's for Single sign on between EP and BI configurations.

Click here BI [Configuration|http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/00c4742a-3a4b-2b10-b4ae-b03d08bcde6e?overridelayout=true].

Hope this will helps you.

Thanks

Arun Jaiswal

Show replies
Show replies
Former Member
‎02-15-2010 3:50 AM
0 Kudos

hi

You can check BI and EP system deafult Client and Create same user name in BI and EP give permisssion SAP_ALL

Check Certification file Valid .

Check BI system time zone and EP system Time Zone

Former Member
‎02-17-2010 3:09 AM
0 Kudos

Hi Arun.

Thanks for sharing this document.It was really good for SSO between BI and EP.

Regards

Janakiram.

p330068
Active Contributor
‎02-17-2010 8:03 AM
0 Kudos

Hi Janakiran,

Wc...Please let me know if you problem has resolved. Also please close the if your problem has resoved.

Thanks

Arun

Former Member
‎02-11-2010 12:48 PM
0 Kudos

Hi

Do you use JCo connection for this SSO to BW ?

Show replies
Show replies
Former Member
‎11-13-2009 1:32 AM
0 Kudos

Hi,

If your portal system is the ticket issueing system then check the portal certificate.

Also check if there is any time differnece between two sytems?

If your bi system is a ticket issuing system then check the certificate. Did you import the portal certificate into your

bi system and add this into ACL? Also check the validity time of the certificate generally it will be 8 hrs.

Regards,

Vamshi.

Show replies
Show replies
Former Member
‎11-13-2009 6:47 AM
0 Kudos

HI Vamsi.

Thanks for your reply.

I have done what ever you have suggested but i donot know how to see the time differnece between two sytems?

our BI system is in EST ,Where can i see the portal timing settings.

Please let me know.

Regards

Janakiram

Former Member
‎11-13-2009 7:13 AM
0 Kudos

Janakiram,

This is what both Me and Vamsi mean (or atleast I think he means the same too). Expired SSO tickets are most likely because of time difference between systems. For example, if your Portal Server is running on a different host and BI is on another, then a time difference between the two systems can cause this. In this case, you will have to make sure that the time is synchronized, most likely by the use of NTP.

Day Light Savings (DST) which happened a few weeks ago, could've caused this time difference. I was trying to hint at a possible cause.

Also, I see "Cannot authenticate the user" in the log. Make sure that the user you are logging in with has the right access. Are you logging in as j2ee_admin or some other portal user. I haven't used this functionality of BI, so I'm not absolutely sure how you would log in. But to eliminate any authorization errors, I would try and log in as the super user (j2ee_admin in Java, and sap* in ABAP) as a test. If that works, then you need to check the authorizations for the user that you are currently logging in as.

Hope this helps.

Kunal

Former Member
‎11-13-2009 7:42 AM
0 Kudos

Hi Kunal.

I got it what you are saying ,But do you have any idea where can i see the time settings from portal system.

My Portal system and Bi systems are running on different hosts as you said.

MY bi system time zone is EST_NA

User's default time zone is PST_NA in BI system(I got it from STZAC Tcode).

Regards

Janakiram

Edited by: janakiram reddy on Nov 12, 2009 11:44 PM

Edited by: janakiram reddy on Nov 12, 2009 11:46 PM

Former Member
‎11-13-2009 11:14 AM
0 Kudos

Hi,

You can check the os time zone for your portal system this will give you the timezone of your server.

But the error suggests that there is some problem with the validity of the ticket. One more thing did you add the bw as the backend system in your portal? Just do aconnection test if you have added it then check what the error it throws.

If you have not create the system in portal, please create it.

Regards,

Vamshi.

Former Member
‎11-13-2009 6:22 PM
0 Kudos 
My Portal system and Bi systems are running on different hosts as you said.

I think there lies the problem. It doesn't matter if the 2 systems are running on different hosts as long as the times on both of those hosts is synchronized. If they are not, then the SSO problem could be because of the time difference.

Also, did you check the authentication ? You need to provide us with inputs and more information if you expect some kind of help from us. You cannot expect us to spoon feed you with everything.

Kunal

Former Member
‎11-13-2009 6:56 PM
0 Kudos

Hi Vamsi.

I checked my portal OS timezone.

date

Fri Nov 13 13:18:52 EST 2009....It is also in EST.I do not think we have problem with this why because my BI system is also in EST.

coming to next point .

I have created backend system in my portal system.when i do the test connection it is hitting the error message.

ERROR:

Results

Test Connection with Connector

Test Details:

The test consists of the following steps:

1. Retrieve the default alias of the system

2. Check the connection to the backend application using the connector defined in this system object

Results

Retrieval of default alias successful

Connection failed. Make sure that Single Sign-On is configured correctly.

Please also find CONNECTOR properties.

GROUP:PUBLIC

Logicalsystem name:BWD100

messageserver:<giving the hostname of bi system>

remote host type:3

sapclient:100

sap sid:BWD

serverport:36XX

systen Type:SAP_BW.

Please help me to sort out this issue..

Regards

Janakiram

alex_tender
Explorer
‎02-11-2010 10:08 AM
0 Kudos

HI

Try chaning your serverport to 32XX.

Regards

Alex

Former Member
‎11-13-2009 1:30 AM
0 Kudos

Janakiram,

My 2 cents. If you have already deleted and reimported the certificates, then it could be a problem with the time synchronization between the server OS and SAP. Check to make sure that they are the same. I don't know your landscape, so I cannot be absolutely sure that the time is/isn't the problem here. Also, if you are in the US, the change in DST could've triggered this off.

Where do you see the error ? In the default trace ? Go ahead and post the complete error and some more detailed information about how you get the error and/or steps that you do before you get the error.

Check Note 947376; could help. Especially point 3.

Kunal

Show replies
Show replies
Former Member
‎11-13-2009 6:44 AM
0 Kudos

Hi Kunal..

Nice to see your reply..

I have checked all the settings as per note 947376 POIT 3.Every thing is in place.I did not see any inconsistency.

if you are in the US, the change in DST could've triggered this off.

I did not understand this point could you please explain briefly about this .What exactly i need to do here.

#1.5^H#C0000A4ED6B600000000000100A33CE2000458290B8B90D0#1222833217440#com.sap.engine.services.adminadapter.gui.tasks.LoginTask##com.sap.engine.services.admina

dapter.gui.tasks.LoginTask#######Thread[Thread-3,5,main]##0#0#Error#1#/System/Server/VisualAdministrationTool#Java###Error while trying to login to amdssapjep

: Cannot authenticate the user.

[EXCEPTION]

#1#com.sap.engine.services.security.exceptions.BaseLoginException: Cannot authenticate the user.

at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:178)

at java.security.AccessController.doPrivileged(Native Method)

at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:181)

at com.sap.engine.services.security.remoteimpl.login.RemoteLoginContextHelperImpl.login(RemoteLoginContextHelperImpl.java:72)

at com.sap.engine.services.security.remoteimpl.login.RemoteLoginContextHelperImplp4_Skel.dispatch(RemoteLoginContextHelperImplp4_Skel.java:64)

at com.sap.engine.services.rmi_p4.DispatchImpl._runInternal(DispatchImpl.java:319)

at com.sap.engine.services.rmi_p4.DispatchImpl._run(DispatchImpl.java:200)

at com.sap.engine.services.rmi_p4.server.P4SessionProcessor.request(P4SessionProcessor.java:136)

at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)

at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)

at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)

at java.security.AccessController.doPrivileged(Native Method)

at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)

at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)

Caused by: com.sap.engine.services.security.exceptions.BaseLoginException: Authentication did not succeed.

at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:175)

... 13 more

-

predecessor system -

com.sap.engine.services.security.exceptions.BaseLoginException: Cannot authenticate the user.

at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:178)

at java.security.AccessController.doPrivileged(Native Method)

at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:181)

at com.sap.engine.services.security.remoteimpl.login.RemoteLoginContextHelperImpl.login(RemoteLoginContextHelperImpl.java:72)

at com.sap.engine.services.security.remoteimpl.login.RemoteLoginContextHelperImplp4_Skel.dispatch(RemoteLoginContextHelperImplp4_Skel.java:64)

at com.sap.engine.services.rmi_p4.DispatchImpl._runInternal(DispatchImpl.java:319)

at com.sap.engine.services.rmi_p4.DispatchImpl._run(DispatchImpl.java:200)

at com.sap.engine.services.rmi_p4.server.P4SessionProcessor.request(P4SessionProcessor.java:136)

at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)

at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)

at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)

at java.security.AccessController.doPrivileged(Native Method)

at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)

at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)

Caused by: com.sap.engine.services.security.exceptions.BaseLoginException: Authentication did not succeed.

at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:175)

... 13 more

how you get the error and/or steps that you do before you get the error

I have assigned BEX roles to the users when they are try to execute BEX Web application from portal we are getting the error

message:

Regards

Janakiram

Ask a Question