on 11-13-2006 12:46 PM
I have a NW04s system with ABAP + Java Addin. For some reason I cannot logon to the Java side using J2EE_ADMIN? I can logon to SAPgui (ABAP) and the SDM tool, but not the Java stack or VA?
In searching through the security logs I can see the following when I try logging on with J2EE_ADMIN:
#1.5#000B5DF387DF00540000005E000016FB00042217DBBD484A#1163385773049#/System/Security/Usermanagement#sap.com/com.sap.security.core.admin#com.sap.security.core.
persistence#J2EE_GUEST#0##sapbwd_BWD_152868450#Guest#a8df85f072c011dbb25b000b5df387df#SAPEngine_Application_Thread[impl:3]_23##0#0#Error#1#com.sap.security.co
re.persistence#Java#User "" is the communication user for the connection between User Management Engine and the ABAP backend system . This user cannot l og-on to the User Management Engine.##User "" is the communication user for the connection between User Management Engine and the ABAP backend system .
This user cannot log-on to the User Management Engine.#2#J2EE_ADMIN#BWDCLNT010#
Versus when I use a copy of J2EE_ADMIN called J2EE_ADMIN2 it works and the log has the following:
#1.5#000B5DF387DF0055000004C4000016FB00042217DF5BE7AE#1163385833777#/System/Security/Authentication#sap.com/com.sap.security.core.admin#com.sap.engine.service
s.security.authentication.logincontext#J2EE_ADMIN2#186##sapbwd_BWD_152868450#Guest#cd049b0072c011db98b2000b5df387df#SAPEngine_Application_Thread[impl:3]_25##0
#0#Info#1#com.sap.engine.services.security.authentication.logincontext#Plain###LOGIN.OK
User: J2EE_ADMIN2
Authentication Stack: ticket
Login Module Flag Initialize Login Commit Abort Details
com.sap.security.core.server.jaas.EvaluateTicketLoginModule SUFFICIENT ok false false
com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule REQUISITE ok true true
com.sap.security.core.server.jaas.CreateTicketLoginModule OPTIONAL ok true true
Central Checks
Can any of you SAP Experts help me?
Thanks much, - Chad
Hi Chad Niswander,
In case of ABAP+ Java stack; you should follow below steps:
1. Open Config tool:
<b>C:\usr\sap\<SYSTEM ID>\JCxx\j2ee\configtool --> configtool.bat</b>
Example: <b>C:\usr\sap\Y76\JC03\j2ee\configtool --> configtool.bat</b>
2. In Config tool: <b>cluster-data>Global Server configuration>services--> com.sap.security.core.ume.service</b>
3. set the values for below ume properties:
<b>ume.persistance.data_source_configuration</b> = dataSourceConfiguration_abap.xml
<b>r3.connection.master.ashost</b> = <backend system hostname>(ex: ls4079.wdf.sap.corp)
<b>r3.connection.master.client</b> = <enter clint number> (ex: 000)
<b>r3.connection.master.sysnr</b> = <system number>(ex: 09)
<b>r3.connection.master.user</b> = <comuser>(the sapjsf or communication user which we created in backend system)
<b>r3.connection.master.password</b> = <enter comuser password> ((it is the password of the comuser which is in the backend system)
<b>ume.login.guest_user.uniqueids</b> = <J2EE_GUEST>
<b>login.ticket_portalid</b> = yes (If administrator id length is more than 12 charcters ex: administrator)
: No (If administrator id length is less than 12 charcters ex: j2ee_admin)
<b><u>Notes:</u></b>
<b><u>Creating users</u></b>
<b>J2EE_ADMIN</b>,<b>J2EE_GUEST</b> and <b>communication user</b>(called as comuser).
<u><b>User Name:</b></u> -
<u><b>User Type:</b></u>
J2EE_ADMIN -
Diallog user
J2EE_GUEST -
Diallog user
COMUSER -
Communication user
-
<b><u>NOTE 2:</u></b>
<u><b>User Name:</b></u> -
<u><b>Roles</b></u>
J2EE_ADMIN -
SAP_BC_AI_ADMIN
J2EE_GUEST -
SAP_J2EE_GUEST
COMUSER -
SAP_BC_JSF_COMMUNICATION;SAP_BC_JSF_COMMUNICATION_RO
I think it is more helpfull for you; Please let me know if you have any doubts on this.
<b>Thansk,
Nagaraju Parlapalli</b>
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Problem was user SAPJSF was locked.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I have activated the emegency user but that does not help. In the VA (or SU01) the J2EE_ADMIN user is not locked. So I have been able to get into the VA with the emergency user, but still does not help with J2EE_ADMIN.
Points will be awarded for assistance.
Thanks, -Chad
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Chad,
Have you tried to activated emergency user?
Read,
http://help.sap.com/saphelp_nw2004s/helpdata/en/3a/4a0640d7b28f5ce10000000a155106/frameset.htm
hope this help
Juan
Please reward with points if helpful
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
84 | |
10 | |
10 | |
10 | |
7 | |
6 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.