cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Security: User mapping to Role

Go to solution
Former Member

on ‎03-01-2005 8:02 PM

0 Kudos

hi,

Im NOT using netweaver studio.

I have an application that uses form-based authentication and so I want to map usernames on the box to security roles in my application. Right now i do it using Visual Administrator when im deploying the application.

Can someone tell me where this information is stored. I want to incorporate it in my ant build process.

would appreciate any help.

thanks

RD

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Jordan_Stanchev
Product and Topic Expert
Product and Topic Expert
‎03-02-2005 7:53 AM
0 Kudos

Hello,

the documentation about security development can be obtained here:

1. Administration Manual -> Server Administration -> J2EE Engine Security -> Authentication on the J2EE Engine

(http://help.sap.com/saphelp_nw04/helpdata/en/f8/9636eedafe8b4589cd6e9e4e73fd3c/frameset.htm)

2. Development Manual ->

Integrating Security Functions.

(http://help.sap.com/saphelp_nw04/helpdata/en/61/f8bc3d52f39d33e10000000a11405a/frameset.htm)

3. A topic about form-based and basic authentication -> Using Basic Authentication (User ID and Password)

(http://help.sap.com/saphelp_nw04/helpdata/en/f3/a193e2f6ee1b45ac2e386468d3c272/frameset.htm)

4. A topic about the mapping users and groups on the J2EE Engine -> Mapping Users and Groups

(http://help.sap.com/saphelp_nw04/helpdata/en/64/3843ed5a85d84ab4e4bd12778442bc/frameset.htm)

5. A topic about how to manage security roles -> Using Security Roles and Security Role References

(http://help.sap.com/saphelp_nw04/helpdata/en/25/21b957daaaa745b3ded44f8a39d7a1/frameset.htm)

Hope that helps a bit.

Jordan

Show replies
Show replies

Answers (2)

Answers (2)

Former Member
‎03-18-2005 10:54 PM
0 Kudos

heres how i solved it.

the security roles to user mapping goes into the web-j2ee-engine.xml file as part of the WAR.

<security-role-map>

<role-name>MY_ROLE</role-name>

<user-name>MY_USER</user-name>

</security-role-map>

you can have many users mapped to a role. just add <user-name> element. it can be substituted with <group-name> as well. check out http://help.sap.com/saphelp_nw04/helpdata/en/3f/40bd71ae1a9b45a0f3eb6ff0a27aae/frameset.htm

for more info.

hope this helps.

-RD

Show replies
Show replies
Former Member
‎03-21-2005 7:14 PM
0 Kudos

According to the Netweaver GUI for the web-j2ee-engine.xml file, user and group based mapping is deprecated and role based mapping should be used. However, I can not get role based mapping to work in 6.4. I can get user based mapping to work.

For role based mapping, I have the following in web-j2ee-engine.xml:

<security-role-map>

<role-name>AppRole</role-name>

<server-role-name>ServerRole</server-role-name>

</security-role-map>

I have used the admin tool to create a role named ServerRole and have associated the user ctippin with that role using the SecurityProvider->runtime->Security->Roles->User Mapping screen. The user seems to authenticate, but the server complains that the user is unauthorized to access the protected resources.

However, if I change the web-j2ee-engine.xml to have the following (deprecated) entry, all works fine. That is, the user authenticates and subsequently is granted access to the protected web pages.

<security-role-map>

<role-name>AppRole</role-name>

<user-name>ctippin</user-name>

</security-role-map>

Can anybody shed some light on this issue?

Thanks,

Chad

Former Member
‎07-14-2005 9:53 PM
0 Kudos

Was this ever figured out?

Vlado
Advisor
Advisor
‎03-02-2005 8:30 AM
0 Kudos

Hi RD,

I'm not sure that you'll be able to do it with ant (and even if you do it that it will work properly as it works with the "usual" mapping way) but anyhow, I'm telling you where the information is stored. It's in the J2EE configuration manager (open offlinecfgeditor from /usr/sap/<SID>/<INSTANCE>/j2ee/configtool).

For security roles in web modules it's under /apps/<provider-name>/<app-name>/<alias>/security/roles/<user-store>/<role-name>

For security roles in EJB modules it's under /apps/<provider-name>/<app-name>/ejb/security/<jar-name>/security/roles/<user-store>/<role-name>

Hope this helps anyway,

Vladimir

Show replies
Show replies
Ask a Question