cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

J2EE_ADMIN unable to logon to Java Stack?

Former Member

on ‎11-13-2006 12:46 PM

0 Kudos

I have a NW04s system with ABAP + Java Addin. For some reason I cannot logon to the Java side using J2EE_ADMIN? I can logon to SAPgui (ABAP) and the SDM tool, but not the Java stack or VA?

In searching through the security logs I can see the following when I try logging on with J2EE_ADMIN:

#1.5#000B5DF387DF00540000005E000016FB00042217DBBD484A#1163385773049#/System/Security/Usermanagement#sap.com/com.sap.security.core.admin#com.sap.security.core.

persistence#J2EE_GUEST#0##sapbwd_BWD_152868450#Guest#a8df85f072c011dbb25b000b5df387df#SAPEngine_Application_Thread[impl:3]_23##0#0#Error#1#com.sap.security.co

re.persistence#Java#User "" is the communication user for the connection between User Management Engine and the ABAP backend system . This user cannot l og-on to the User Management Engine.##User "" is the communication user for the connection between User Management Engine and the ABAP backend system .

This user cannot log-on to the User Management Engine.#2#J2EE_ADMIN#BWDCLNT010#

Versus when I use a copy of J2EE_ADMIN called J2EE_ADMIN2 it works and the log has the following:

#1.5#000B5DF387DF0055000004C4000016FB00042217DF5BE7AE#1163385833777#/System/Security/Authentication#sap.com/com.sap.security.core.admin#com.sap.engine.service

s.security.authentication.logincontext#J2EE_ADMIN2#186##sapbwd_BWD_152868450#Guest#cd049b0072c011db98b2000b5df387df#SAPEngine_Application_Thread[impl:3]_25##0

#0#Info#1#com.sap.engine.services.security.authentication.logincontext#Plain###LOGIN.OK

User: J2EE_ADMIN2

Authentication Stack: ticket

Login Module Flag Initialize Login Commit Abort Details

com.sap.security.core.server.jaas.EvaluateTicketLoginModule SUFFICIENT ok false false

com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule REQUISITE ok true true

com.sap.security.core.server.jaas.CreateTicketLoginModule OPTIONAL ok true true

Central Checks

Can any of you SAP Experts help me?

Thanks much, - Chad

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (4)

Answers (4)

former_member185864
Active Participant
‎11-23-2006 12:23 PM
0 Kudos

Hi Chad Niswander,

In case of ABAP+ Java stack; you should follow below steps:

1. Open Config tool:

<b>C:\usr\sap\<SYSTEM ID>\JCxx\j2ee\configtool --> configtool.bat</b>

Example: <b>C:\usr\sap\Y76\JC03\j2ee\configtool --> configtool.bat</b>

2. In Config tool: <b>cluster-data>Global Server configuration>services--> com.sap.security.core.ume.service</b>

3. set the values for below ume properties:

<b>ume.persistance.data_source_configuration</b> = dataSourceConfiguration_abap.xml

<b>r3.connection.master.ashost</b> = <backend system hostname>(ex: ls4079.wdf.sap.corp)

<b>r3.connection.master.client</b> = <enter clint number> (ex: 000)

<b>r3.connection.master.sysnr</b> = <system number>(ex: 09)

<b>r3.connection.master.user</b> = <comuser>(the sapjsf or communication user which we created in backend system)

<b>r3.connection.master.password</b> = <enter comuser password> ((it is the password of the comuser which is in the backend system)

<b>ume.login.guest_user.uniqueids</b> = <J2EE_GUEST>

<b>login.ticket_portalid</b> = yes (If administrator id length is more than 12 charcters ex: administrator)

: No (If administrator id length is less than 12 charcters ex: j2ee_admin)

<b><u>Notes:</u></b>

<b><u>Creating users</u></b>

<b>J2EE_ADMIN</b>,<b>J2EE_GUEST</b> and <b>communication user</b>(called as comuser).

<u><b>User Name:</b></u> -

<u><b>User Type:</b></u>

J2EE_ADMIN -

Diallog user

J2EE_GUEST -

Diallog user

COMUSER -

Communication user

-

<b><u>NOTE 2:</u></b>

<u><b>User Name:</b></u> -

<u><b>Roles</b></u>

J2EE_ADMIN -

SAP_BC_AI_ADMIN

J2EE_GUEST -

SAP_J2EE_GUEST

COMUSER -

SAP_BC_JSF_COMMUNICATION;SAP_BC_JSF_COMMUNICATION_RO

I think it is more helpfull for you; Please let me know if you have any doubts on this.

<b>Thansk,

Nagaraju Parlapalli</b>

Show replies
Show replies
Former Member
‎11-22-2006 3:51 PM
0 Kudos

Problem was user SAPJSF was locked.

Show replies
Show replies
Former Member
‎11-13-2006 3:02 PM
0 Kudos

I have activated the emegency user but that does not help. In the VA (or SU01) the J2EE_ADMIN user is not locked. So I have been able to get into the VA with the emergency user, but still does not help with J2EE_ADMIN.

Points will be awarded for assistance.

Thanks, -Chad

Show replies
Show replies
JPReyes
Active Contributor
‎11-13-2006 2:58 PM
0 Kudos

Hi Chad,

Have you tried to activated emergency user?

Read,

http://help.sap.com/saphelp_nw2004s/helpdata/en/3a/4a0640d7b28f5ce10000000a155106/frameset.htm

hope this help

Juan

Please reward with points if helpful

Show replies
Show replies
Ask a Question