on 01-19-2011 3:40 PM
Requirement: We have a Java application that would run on NWCE. This application will be invoked from ERP/SAPGUI via HTML Controller. With SSO enabled, the goal is to pass ERP credentials to CE application. This CE application in turn will use ERP credentials from Logon ticket to connect to ERP and invoke BAPI calls (JCo 3.0 destination)
System Information:
CE System: SAP NW CE 7.2 SPS 04
ERP: SAP ECC 6.04
Both systems are trusted using X.509 certificates
Current scnerio:
1) Destination (CE to ERP) - JCo 3.0 using Authetication method of u201CCurrent User (Logon Ticket)u201D
- Web application is unable to find the JCo 3.0 destination.
2) Destination (CE to ERP) - JCo 3.0 using Authetication method of u201CTechnical Useru201D
- Web application is able to find the JCo destination
Any assiatance in resolving the issues would be appreciated ....
Trace Log:
#2.0 #2011 01 19 14:44:38:756#+0100#Error#com.sap.security.core.server.destinations.provider.DestinationsProviderFrame#
com.sap.getDestinationProperties()#BC-JAS-SEC#tcsecdestinations~provider#001F2960BE89048C0000000100005BC1#16777250000000004#sap.com/TestJcoWebEar#com.sap.security.core.server.destinations.provider.DestinationsProviderFrame#10207625#182##4286395D23D211E08BA2000001000022#d981f18323b011e0b5eb000001000022#d981f18323b011e0b5eb000001000022#0#Thread[HTTP Worker [@2002275007],5,Dedicated_Application_Thread]#Plain##
ASJ.dest.pr0023#
Hi Sampath,
I have resolved this issue.
Do you use JCo 3.0? Sometimes there are exceptions with destination service and JCo 3.0 as it doesn't support forwarding of logon tickets with JCo 3.0 .This is done because of security reasons. In this case you need to switch to Current User(assertion tickets).
Regards,
Nivas209
Edited by: Nivas209 on Feb 28, 2012 7:00 AM
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Sampat,
Can you plesse provide the full log.
Thanks,
Hamendra
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Hemandra,
This is the Full error message i am getting
Message: ASJ.dest.pr0023
Severity: Error
Date: 2012-02-09
Time: 21:37:25:134
User: SUPPLIER
Category: /System/Security
Location: com.sap.security.core.server.destinations.provider.DestinationsProviderFrame
Application: XXXXXXXXXXXXXXXXXXXXXX
Thread: Thread[HTTP Worker [@254542764],5,Dedicated_Application_Thread]
Data Source: j2ee/cluster/server0/log/system/security.log
Arguments:
Passport User Activity ID: 1d2dfea9533811e1adf3000000dc2fc6
Message ID: com.sap.getDestinationProperties()
Session: 11
Transaction:
Time Zone: +0530
Customer Message Component: BC-JAS-SEC
Runtime Component: tcsecdestinations~provider
Correlation ID: 14430150000000004
Passport Session: 8703D330533611E19565000000DC2FC6
Passport Connection: 1d2dfea9533811e1adf3000000dc2fc6
Passport Connection Counter: 0
Host: XXXXX
System: XXX
Instance: J01
Node: server0
Log ID: C000AC10088100FF0000000000002BF1
Regards,
Srinivas
Hi Sampat,
We are also facing the same issue in NW 7.3 . We have done SSO b/w NW 7.3 and ECC.(SAP Logon Ticket)
The JCO and Webdynpro Java applications are working fine with Authetication method of u201CTechnical User.
When i change Authetication method of u201CCurrent User (Logon Ticket)u201D we are getting the same error "ASJ.dest.pr0023#".
But in screen it is displaying as "No SAP Logon Ticket Found".
Note:This error is coming for only two apllications other applications are working fine .
Regards,
Srinivasan
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
Did you check whether JCO connections are tested successfully?
share complete log.
Regards
Deepak
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
81 | |
10 | |
10 | |
9 | |
7 | |
6 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.