cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Xacute query requests authentication

Former Member

on ‎02-11-2013 12:05 PM

0 Kudos

From a irpt page, I have a button that triggers an xacute query from an icommand applet, but my javascript is designed to retrieve the last error message if it is unsuccessful.  As I trigger it, I get the message, "Authentication is requested" and it stops.  I can execute it with the same user from the workbench in both the transaction and the xacute query.  Am I missing a specific user right for this transaction or is there something else that I need to do?

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎02-15-2013 10:28 AM
0 Kudos

May be some roles like MII Operator, MII Super user missing in your Query template -> Security Part.

Regards,

Malai

Show replies
Show replies
Former Member
‎02-15-2013 12:49 PM
0 Kudos

After a little investigating and trying to pinpoint this issue, It s

not the Xacute query or the BLS transaction, it is the web service

action block that executes fine from the workbench, but once I test it

from the web page, it fails.  It fails because the authentication fails.

I am not sure where this authentication fails and I need guidance to how

to fix this.

I have attached a screen capture video to show all of the steps.

http://EmailLargeFile.com/d/VURHHODEP6M

///Security log////

#2.0 #2013 02 14

21:08:46:156#+0100#Info#/System/Security/Authentication#

#BC-JAS-

SEC#security#C0006DEABD0943B100000000000016D4#9333350000000005#sap.com/m

e~ws#com.sap.engine.services.security.authentication.logincontext.table#

Guest#0##CE6FFCAE76C211E28EF10000008E6A66#565fe5a476e211e2976a0000008e6a

66#5690966B76E211E2A44C0000008E6A66#1#Thread[HTTP Worker

[@1792892168],5,Dedicated_Application_Thread]#Plain##

LOGIN.FAILED

User: torouser

Authentication Stack: BASIC*_*_*_*ws

Login

Module                                                              

Flag        Initialize  Login      Commit     Abort      Details

1.

com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule  

SUFFICIENT  ok          true       true       true      

Central

Checks                                                                 

                              exception             Reauthentication

failed.#

#2.0 #2013 02 14 21:08:46:156#+0100#Warning#/System/Security/WS#

com.sap.ASJ.wssec.020142#BC-ESI-WS-JAV-

RT#tc~sec~wssec~service#C0006DEABD0943B100000001000016D4#933335000000000

5#sap.com/me~ws#com.sap.engine.services.wssec.authentication#Guest#0##CE

6FFCAE76C211E28EF10000008E6A66#565fe5a476e211e2976a0000008e6a66#5690966B

76E211E2A44C0000008E6A66#1#Thread[HTTP Worker

[@1792892168],5,Dedicated_Application_Thread]#Plain##

Authentication failed. User is already authenticated as a different

user#

#2.0 #2013 02 14 21:08:46:156#+0100#Info#/System/Security/WS#

com.sap.ASJ.wssec.020142#BC-ESI-WS-JAV-

RT#tc~sec~wssec~service#C0006DEABD0943B100000002000016D4#933335000000000

5#sap.com/me~ws#com.sap.engine.services.wssec.authentication#Guest#0##CE

6FFCAE76C211E28EF10000008E6A66#565fe5a476e211e2976a0000008e6a66#5690966B

76E211E2A44C0000008E6A66#1#Thread[HTTP Worker

[@1792892168],5,Dedicated_Application_Thread]#Plain##

Authentication failed. User is already authenticated as a different

user#

#2.0 #2013 02 14 21:08:46:156#+0100#Warning#/System/Security/WS#

com.sap.ASJ.wssec.020142#BC-ESI-WS-JAV-

RT#tc~sec~wssec~service#C0006DEABD0943B100000003000016D4#933335000000000

5#sap.com/me~ws#com.sap.engine.services.wssec.authentication#Guest#0##CE

6FFCAE76C211E28EF10000008E6A66#565fe5a476e211e2976a0000008e6a66#5690966B

76E211E2A44C0000008E6A66#1#Thread[HTTP Worker

[@1792892168],5,Dedicated_Application_Thread]#Plain##

Authentication failed. User is already authenticated as a different

user#

#2.0 #2013 02 14 21:08:46:156#+0100#Warning#/System/Security/WS#

com.sap.ASJ.wssec.020142#BC-ESI-WS-JAV-

RT#tc~sec~wssec~service#C0006DEABD0943B100000004000016D4#933335000000000

5#sap.com/me~ws#com.sap.engine.services.wssec.authentication#Guest#0##CE

6FFCAE76C211E28EF10000008E6A66#565fe5a476e211e2976a0000008e6a66#5690966B

76E211E2A44C0000008E6A66#1#Thread[HTTP Worker

[@1792892168],5,Dedicated_Application_Thread]#Plain##

Read data of type username and value  torouser from HTTP header and set

on module javax.security.auth.callback.NameCallback

Read data of type password and value  xxx from HTTP header and set on

module javax.security.auth.callback.PasswordCallback

Authentication for web service SfcService, configuration SfcService

using security policy BASIC*_*_*_*ws failed: Reauthentication failed..

(See SAP Note 880896 for further info).

#

jcgood25
Active Contributor
‎02-11-2013 4:42 PM
0 Kudos

Assuming you are not using any display template for additional security/logging, the query template and data server are the first two lines of defense for the browser user.  Also consider the passthrough security for transaction objects, where the TRX is running as the logged in user.

Show replies
Show replies
Ask a Question