cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

IllumLoginPassword validation

Go to solution
Former Member

on ‎06-28-2011 4:12 PM

0 Kudos

Hello experts,

We need to validate the username and password in some processes in our application for authorization in SAP - MII 12.1

We are using the url = server: / / xMII / Illuminator? Service = Personalization & IllumLoginName = username & IllumLoginPassword = pass & Session = false in an action block HttpPost and treating the return string to validate the login and password sent. In SAP - MII 12.0 we already used this procedure successfully, but in SAP - MII 12.1 this is considering the user logged in and does not consider the username and password passed as parameter in the url.

Someone could tell me whether we need to configure anything in the NW for not considering an active user?

Anyone know any other procedure that we could use for this validation.

I appreciate any help.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎06-30-2011 12:18 AM
0 Kudos

This will work in a simple jsp. If you need something more robust check out the com.sap.security.api api 

<%
try{
 if(com.sap.security.api.UMFactory.getUserAccountFactory().getUserAccountByLogonId(request.getParameter("ID")).checkPassword(request.getParameter("PW"))){
   out.println("good"); } else { out.println("bad"); }
}catch (Exception e) {
   out.println(e.getMessage());
}
%>

Show replies
Show replies
Former Member
‎07-01-2011 12:28 PM
0 Kudos

Hello Christian,

Thanks for your answer.

We are trying use the procedure that you sent, but even entering a valid user always return "bad" like the user do not exists.

Is there any difference between the LogonId and the a user value for connection to the system?

Former Member
‎07-01-2011 1:14 PM
0 Kudos

Hello Christian,

i noticed, that actually i`m having a cache problem, it will verify the parameters that i first sent, unless i change the .jsp name. here is the code i`m using:

<%

try{

if(com.sap.security.api.UMFactory.getUserAccountFactory().getUserAccountByLogonId('"user").checkPassword("pw")){

out.println("good4"); } else { out.println("bad4"); }

}catch (Exception e) {

out.println(e.getMessage());

}

%>

Thanks!

Former Member
‎07-01-2011 3:28 PM
0 Kudos

Try setting the headers to disable the browser from caching

<%
response.setHeader("Cache-Control","no-cache");
response.setHeader("Pragma","no-cache");
response.setDateHeader ("Expires", 0);
%>

Answers (2)

Answers (2)

jcgood25
Active Contributor
‎06-29-2011 5:53 PM
0 Kudos

As a test try using http://localhost:port instead of the server:// prefix. This would be an attempt to use something other than the logged in user session (assuming that the client is logging in using the machine name, IP address, etc and not localhost). Don't forget the XMII proper uppercase too.

Show replies
Show replies
Former Member
‎06-29-2011 6:45 PM
0 Kudos

Thanks Geremy, still not working when we use http://localhost:port/XMII/Illuminator?service=Personalization&IllumLoginName=Transaction.input_logi....

Returns the personalization of the logged user instead of the informed user in transaction parameter.

Is there another way to confirm a user credential in SAP-MII? Here, We have a few cases where even logged in, need reconfirm the login to validate process. We also have situations where need some high-level permission out the logged in user to confirm the process.

I appreciate any help.

agentry_src
Active Contributor
‎06-29-2011 9:24 PM
0 Kudos

Hi Marcelo,

In the Batch Manufacturing project download from SDN, there were two servers defined for the Work Instructions. One had binding(?) enabled and one did not. The two servers were separately defined and one forced a login for certain activities (submitting quality data is the one I remember). Please check the instructions for Batch Mfg. And if you can't find them, let me know. I haven't time to research it right now, but if you still can't figure it out, post again and I will check tonight or sometime on Friday.

Regards,

Mike

Former Member
‎06-29-2011 10:36 PM
0 Kudos

Hello Michel,

Thanks for your answer.

I think that on the BM is used the procedure of eletronic signature with audit control icommand. is it correct?

We are developing for mobile device and can't use applet for this development. We already have used this procedure with success for the desktop application, but I'm quiet sure that it do not work for the mobile device.

Any help will be appreciated.

agentry_src
Active Contributor
‎06-29-2011 10:39 PM
0 Kudos

Hi Marcelo,

I think you areapparently more familiar with it than I am, but that is what I was thinking of.

Sorry I couldn't be of more help. Are you planning on using servlets?

Regards,

Mike

Former Member
‎06-29-2011 8:50 AM
0 Kudos

Hi,

Sometime ago I have done similar kind of thing for SAP MII 12.1 it worked for me may be usefull

In transaction HTTP Post action I have assigned following Links

URL: http://<Server:Port>/logon/logonServlet?redirectURL=/XMII/Menu.jsp

User Name: Transaction.UName (MII Login User Name)

User Password: Transaction.UPassword (MII Login User Password)

After that as you told I checked string content of HTTP Post action.

hope it helps!!

Regards,

Manoj Bilthare

Show replies
Show replies
Former Member
‎06-29-2011 4:48 PM
0 Kudos

Hello Manoj,

Thank you for your answer.

I'm trying to perform the procedure according to your orientation, but when I use the url, I get error 404 - Error: The requested resource does not exist.

I'm trying to url = http://server:port/logon/logonServlet?redirectURL=/XMII/Menu.jsp

Ask a Question