SAP for Utilities Discussions
Connect with fellow SAP users to share best practices, troubleshoot challenges, and collaborate on building a sustainable energy future. Join the discussion.
cancel
Showing results for 
Search instead for 
Did you mean: 

UCES Logon Page Servlet

Former Member
0 Kudos

Greetings everyone,

I have completed a project where I heavily customized the UCES application; HTML5, CSS3, backend customization for payements etc. However, there is one questions that I have and the answer has eluded me since I started working with UCES. It is not clear to me how the login page loginPage.jsp is called. When diving into the code, I can see that the servlet class SAPMLogonServlet dynamically renders the <form tags for j_security_check etc. But how is this class being called? When the submit button is clicked, which servlet is the form served to for authentification?

Another thing that has confused me is how does the logonPage.jsp get called if we are accessing the UCES application in the URL? The web.xml file has a url pattern for .sap so any calls ending in that will be picked up by the FrontController servlet. However, I have not seen any code in the FrontController servlet that leads me to believe that it is responsible for the redirect to the logonPage.jsp. Is there another servlet that is called before the FrontController that redirects the page but keeps the URL the same?

Located within the UCES directory is a jsp page content_login_html.jsp. It is not being used, but how could I bypass the call to logonPage.jsp and use content_login_html.jsp? For lack of a more elegant solution, I guess I could create another folder and drop all the files in there. That should bypass any servlet that is sniffing out my url call and serving the logonPage.jsp.

Thank you in advance for your answers.

1 ACCEPTED SOLUTION

Former Member
0 Kudos

Hi Clayton,

Biller Direct or the IS-U version called UCES is using  the Login screen mechanism of the UME. So whenever Biller Direct is not finding your login session, the UME service is called. Within the LogonAction in the java code of Biller Direct you find somehwere a method call like "UMFactory.getAuthenticator().forceLoggedInUser(req, res)". That actually will trigger a HTTP redirect internally, so that you get forwarded to the portal logon mask. Once the logon was successful, the portal is redirecting the page back to Biller Direct.

You find the servlet and all JSP code within the app "com.sap.security.core.logon". There is unfortunately no source code available, so there is no chance to modify the app and deploy it using e.g NWDI. To modify the logon mask in a NW 7.0x environment, you only have the option to directly modify the JSP code on the file system. 7.3x however is different, because this system allows you to develop your own logon app and within the UME Setup, you can switch from the SAP default logon app to your custom version.

My company has completely integrated a logon, registration and password reset process into Biller Direct / UCES to be able to provide fully automated, frameless and customized screens, but this is initially very very complicated.

The "content_login_html.jsp" is unfortunately not used at all. I assume a developer did start to implement a logon screen, but it never was finished. There is no way you can re-use that, because there is no Java code behind that does provide any business logic to handle the logon.

I hope that does answer all your questions.

Best regards,

Andreas

View solution in original post

6 REPLIES 6

Former Member
0 Kudos

Bump.

Former Member
0 Kudos

Hi Clayton,

Biller Direct or the IS-U version called UCES is using  the Login screen mechanism of the UME. So whenever Biller Direct is not finding your login session, the UME service is called. Within the LogonAction in the java code of Biller Direct you find somehwere a method call like "UMFactory.getAuthenticator().forceLoggedInUser(req, res)". That actually will trigger a HTTP redirect internally, so that you get forwarded to the portal logon mask. Once the logon was successful, the portal is redirecting the page back to Biller Direct.

You find the servlet and all JSP code within the app "com.sap.security.core.logon". There is unfortunately no source code available, so there is no chance to modify the app and deploy it using e.g NWDI. To modify the logon mask in a NW 7.0x environment, you only have the option to directly modify the JSP code on the file system. 7.3x however is different, because this system allows you to develop your own logon app and within the UME Setup, you can switch from the SAP default logon app to your custom version.

My company has completely integrated a logon, registration and password reset process into Biller Direct / UCES to be able to provide fully automated, frameless and customized screens, but this is initially very very complicated.

The "content_login_html.jsp" is unfortunately not used at all. I assume a developer did start to implement a logon screen, but it never was finished. There is no way you can re-use that, because there is no Java code behind that does provide any business logic to handle the logon.

I hope that does answer all your questions.

Best regards,

Andreas

0 Kudos

Andreas,

Thank you very much for the thorough response. I was hoping that you would respond to this discussion as I have been aware of your involvement with Ecomize and the very successful implementation at London Hydro. I to deployed a custom logon app but it was mostly to modify the logon screen and make it compatible with HTML5 and CSS3. I still relied on the "j_security_check" functionality that is part of the standard delivery. If your company implemented a fully custom logon process, I would guess that you were able to accomplish this by replacing the SAPJ2EEAuthenticator class that is referenced in the NWA settings?

Good to know that the initial process occurs within the LogonAction class and then redirects from there utilizing the methods of the UMFactory.

Thanks again for the response. It helped clear up all the questions that remained for me in regard to UCES.

Time to start customizing UMCUI5 now haha.

0 Kudos

Oh wow, London Hydro is quite a long time ago and it was a very basic implemention ... a lot has changed

No, i have not replaced the SAPJ2EEAuthenticator. I hate doing changes diretly on the file system for 7.0x environments. 7.3 changed everything, but at this time i completely enrichted Biller Direct with it's own authentication, registration & support features - still have 100% support of the UME in place, so that you can either use the standard or custom screen to perform exactly the same - ok, let's say i do at least the same as the standard, as there is a quite an amount of extra features we have added like sending HTML emails, temporary valid passwords, OData interfaces, etc.

Right now i would only consider the standard login for 7.3x, if Biller Direct / UCES is integrated into the enterprise portal - but that is old school. As we also have introduced Web CMS capabilities and template based frontends, it makes always more sense to use our integrate login capabilities.

0 Kudos

This message was moderated.

Former Member
0 Kudos

This message was moderated.