JCO3 log in using $X509CERT$ as username

Former Member · ‎06-02-2010

Hi,

in JCO 2.1.8, the createClient() method accepts $X509CERT$ as username and the base64 encoded cert as password for logging into Web AS ABAP over SNC. The documentation says: "For X509 specify the user to be $X509CERT$ and pass the base64 encoded certificate as the passwd parameter."

If I try to do the same using JCO 3 (on a newer JDK), the initial connection establishment takes very long (sometimes times out after 60 seconds). During that time, I can see user SAPSYS being connecting to client 000. Finally I receive:

"User SAPSYS has no RFC authorization for function group SYST."

There is a new way of attaching the X.509 cert with the connection request using the "jco.client.x509cert" field. However, this would require a change in my application logic.

Is there a way of using the old approach in JCO 3 with a dedicated keyword to indicate the authentication mechanism?

I assume the same considerations apply for log on using MYSAPSSO2.

Any help is appreciated.

Jens

former_member257889 · ‎06-30-2010

Hi

Please try to use for the logon ticket "jco.client.mysapsso2" property.

work-around user $MYSAPSSO2$ is not supported anymore.

jco 2.1.x supports the jco.client.mysapsso2.

Let us know the results.

Thanks and best regards,

Alvaro Raminelli

Former Member · ‎06-30-2010

Hi,

thanks for your response.

Are you aware of any 'migration path'. Do we really need to modify all our application which used to leverage that?

In particular, are you aware of the reasons, why this support has been removed? Is "$X509CERT$" a valid user name and therefore must not be used as a reserved word within in JCO or something similar?

Thanks for your insight.

Jens