cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Using cookies through PI

Go to solution
Former Member

on ‎02-22-2011 10:52 AM

0 Kudos

Hi

Scenario:

Ext System -> SAP PI -> SAP backend.

Problem:

User credentials contained in cookie in SOAP request to SAP PI should be forwarded and used to log on to SAP backend system. How to propagate the user credentials in the cookie and what adapter could be preferred for the connection to SAP backend? Note that we do not want all backend users to have WS Runtime credentials (execution of WS calls), and therefore WS adapter may be out of the question..?

Appreciate any input to how this can be solved.

Thank you

regards Ole

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

RKothari
Contributor
‎02-22-2011 11:14 AM
0 Kudos

Please check the below document:

http://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/b092777b-ee47-2a10-17b3-c5f593809...

Also, refer SAP Note: 1039369 FAQ XI Axis Adapter

Show replies
Show replies

Answers (3)

Answers (3)

Former Member
‎02-22-2011 1:35 PM
0 Kudos

Thanks for that. We have been looking into the concepts of PP & SAML for PI and backend systems. It is not as straightforward as one should hope, but with newer ABAP NW versions coming up, better interoperability can be achieved and at least the backend systems can benefit. It was anyway good to get a confirmation that cookies are not easy to handle that way in PI.

Show replies
Show replies
stefan_grube
Active Contributor
‎02-22-2011 11:36 AM
0 Kudos

> User credentials contained in cookie in SOAP request to SAP PI should be forwarded and used to log on to SAP backend system.

This is not possible.

Show replies
Show replies
Former Member
‎02-22-2011 12:31 PM
0 Kudos

Hi

Thanks for answering.

Chirag - usr/pwd in URL is definitely not an option.

Rahul - the document is not 100% what we are after.

Stefan - you say it is not possible and I trust you on that, but could you say something regarding where the limitations are? Is it the operation of getting the user context "transported" to another comm.channel? I guess it would anyway need some dynamic config which is always nice and time-consuming...

regards Ole

stefan_grube
Active Contributor
‎02-22-2011 1:25 PM
0 Kudos

In standard the user of PI is a standard service user.

in PI 7.0 the development introduced principal propagation for some scenarios.

That means, PI logs on with a specific user which is provided by the sender of the interface.

There are threee types of adapters whch are supported. With SOAP adapters you can use PP, but not with cookies.

There nothing in online help, that is helpful

Here some blogs about the topic:

/people/alexander.bundschuh/blog/2007/01/16/principal-propagation-in-sap-xi

/people/alexander.bundschuh/blog/2007/08/06/principal-propagation-with-sap-netweaver-process-integration-71

Edited by: Stefan Grube on Feb 22, 2011 2:25 PM

Former Member
‎02-22-2011 11:16 AM
0 Kudos

u can pass username and password through SOAP URL - use this parameter at the end of URL - &sap-user=<username>&sap-password=<password>

other option might be principle propagation but it keeps same user identity to authenticate at the end system.

http://help.sap.com/saphelp_nw04/helpdata/en/45/0f16bef65c7249e10000000a155369/frameset.htm

chirag

Show replies
Show replies
Ask a Question