on 02-11-2013 12:05 PM
From a irpt page, I have a button that triggers an xacute query from an icommand applet, but my javascript is designed to retrieve the last error message if it is unsuccessful. As I trigger it, I get the message, "Authentication is requested" and it stops. I can execute it with the same user from the workbench in both the transaction and the xacute query. Am I missing a specific user right for this transaction or is there something else that I need to do?
May be some roles like MII Operator, MII Super user missing in your Query template -> Security Part.
Regards,
Malai
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
After a little investigating and trying to pinpoint this issue, It s
not the Xacute query or the BLS transaction, it is the web service
action block that executes fine from the workbench, but once I test it
from the web page, it fails. It fails because the authentication fails.
I am not sure where this authentication fails and I need guidance to how
to fix this.
I have attached a screen capture video to show all of the steps.
http://EmailLargeFile.com/d/VURHHODEP6M
///Security log////
#2.0 #2013 02 14
21:08:46:156#+0100#Info#/System/Security/Authentication#
#BC-JAS-
SEC#security#C0006DEABD0943B100000000000016D4#9333350000000005#sap.com/m
e~ws#com.sap.engine.services.security.authentication.logincontext.table#
Guest#0##CE6FFCAE76C211E28EF10000008E6A66#565fe5a476e211e2976a0000008e6a
66#5690966B76E211E2A44C0000008E6A66#1#Thread[HTTP Worker
[@1792892168],5,Dedicated_Application_Thread]#Plain##
LOGIN.FAILED
User: torouser
Authentication Stack: BASIC*_*_*_*ws
Login
Module
Flag Initialize Login Commit Abort Details
1.
com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule
SUFFICIENT ok true true true
Central
Checks
exception Reauthentication
failed.#
#2.0 #2013 02 14 21:08:46:156#+0100#Warning#/System/Security/WS#
com.sap.ASJ.wssec.020142#BC-ESI-WS-JAV-
RT#tc~sec~wssec~service#C0006DEABD0943B100000001000016D4#933335000000000
5#sap.com/me~ws#com.sap.engine.services.wssec.authentication#Guest#0##CE
6FFCAE76C211E28EF10000008E6A66#565fe5a476e211e2976a0000008e6a66#5690966B
76E211E2A44C0000008E6A66#1#Thread[HTTP Worker
[@1792892168],5,Dedicated_Application_Thread]#Plain##
Authentication failed. User is already authenticated as a different
user#
#2.0 #2013 02 14 21:08:46:156#+0100#Info#/System/Security/WS#
com.sap.ASJ.wssec.020142#BC-ESI-WS-JAV-
RT#tc~sec~wssec~service#C0006DEABD0943B100000002000016D4#933335000000000
5#sap.com/me~ws#com.sap.engine.services.wssec.authentication#Guest#0##CE
6FFCAE76C211E28EF10000008E6A66#565fe5a476e211e2976a0000008e6a66#5690966B
76E211E2A44C0000008E6A66#1#Thread[HTTP Worker
[@1792892168],5,Dedicated_Application_Thread]#Plain##
Authentication failed. User is already authenticated as a different
user#
#2.0 #2013 02 14 21:08:46:156#+0100#Warning#/System/Security/WS#
com.sap.ASJ.wssec.020142#BC-ESI-WS-JAV-
RT#tc~sec~wssec~service#C0006DEABD0943B100000003000016D4#933335000000000
5#sap.com/me~ws#com.sap.engine.services.wssec.authentication#Guest#0##CE
6FFCAE76C211E28EF10000008E6A66#565fe5a476e211e2976a0000008e6a66#5690966B
76E211E2A44C0000008E6A66#1#Thread[HTTP Worker
[@1792892168],5,Dedicated_Application_Thread]#Plain##
Authentication failed. User is already authenticated as a different
user#
#2.0 #2013 02 14 21:08:46:156#+0100#Warning#/System/Security/WS#
com.sap.ASJ.wssec.020142#BC-ESI-WS-JAV-
RT#tc~sec~wssec~service#C0006DEABD0943B100000004000016D4#933335000000000
5#sap.com/me~ws#com.sap.engine.services.wssec.authentication#Guest#0##CE
6FFCAE76C211E28EF10000008E6A66#565fe5a476e211e2976a0000008e6a66#5690966B
76E211E2A44C0000008E6A66#1#Thread[HTTP Worker
[@1792892168],5,Dedicated_Application_Thread]#Plain##
Read data of type username and value torouser from HTTP header and set
on module javax.security.auth.callback.NameCallback
Read data of type password and value xxx from HTTP header and set on
module javax.security.auth.callback.PasswordCallback
Authentication for web service SfcService, configuration SfcService
using security policy BASIC*_*_*_*ws failed: Reauthentication failed..
(See SAP Note 880896 for further info).
#
Assuming you are not using any display template for additional security/logging, the query template and data server are the first two lines of defense for the browser user. Also consider the passthrough security for transaction objects, where the TRX is running as the logged in user.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
11 | |
6 | |
2 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.