cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Java code for NetWeaver AS Java

Go to solution
Former Member

on ‎09-07-2015 12:45 PM

0 Kudos

Hi,

I am trying to develop a java code which will change the NetWeaver AS Java user passwords as provided by me.

But, I am unable to find a way by which i can automate the process.

Is there any way by which i can change user passwords through my java application ?

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎09-08-2015 7:38 AM
0 Kudos

Hi Shivam,

You could change the password of the users via the User Management Engine (UME) API. It consists of several factories, and each of them is responsible for a different principal: user, user account, group, role, and etc. For more information you could check the javadoc UMFactory (SAP NetWeaver 7.1 Composition Environment).

If you have the logon ID of the user for which you want to change the password, you could use:

try {

  // Get the user's account

  IUserAccount account = UMFactory.getUserAccountFactory().getUserAccountByLogonId("logonid");

  // Change the password

  account.setPassword("oldpassword", "newpassword");

  // Save the changes

  account.save();

  account.commit();

} catch (UMException ume) {

  // Handle

}

In order to use the API you will need a reference to DC tc/je/usermanagement/api.

Best regards,

Nikolay

Show replies
Show replies
Former Member
‎09-08-2015 8:55 AM
0 Kudos

Hi Nikolay,

Thanks for the response.
Just one more query though, does this method will also work for Admin Users?

Regards,

Shivam

Former Member
‎09-08-2015 11:17 AM
0 Kudos

Hi Shivam,

This method will also work for admin users.

Best regards,

Nikolay

Former Member
‎10-06-2015 8:53 AM
0 Kudos

Hi Nikolay,

I tried implementing this method, but i am getting some issues.
I am developing a j2ee application using com.sap.security.api jar but i didn't get any reference as to how System properties parameters (Hostname, System Number, Client ID, User Credentials) which are required to connect to SAP Java system are configured in the java Application.

Is there any article explaining these configurations?

TIA.

Shivam

Former Member
‎10-06-2015 9:10 AM
0 Kudos

Hi Shrivam,

Usually you do not have to provide any system parameters when working with the UME API in a Java EE application. You are already running in the SAP NEtWeaver AS JAva environment and there is no need to provide connection information. Could you please tell me for which method or configuration do you want to use the system parameters: hostname, system number, client ID and user credentials?

Best regards,

Nikolay

Former Member
‎10-06-2015 10:41 AM
0 Kudos

Hi Nikolay,

I am not using NetWeaver Developer Studio, I am creating a standalone Java Application in Eclipse IDE.

I also created similar application for ABAP Type SAP systems, using JCo, it uses a xxx.jcoDestination file where all the required parameters (SAP System hostname, SAP Client Number, SAP System number, Authorized User Credentials etc.) are stored and JCo uses this file to connect to the target system and do some processing there (like modify RFC Destinations).

So, my question is there must be some System information required by Standalone Java application which it uses to connect to the Target JAVA type SAP system and change user's password there using UME APIs otherwise how will the application know which system it should connect to change the passwords of users.

Regards,

Shivam

Former Member
‎10-06-2015 1:19 PM
0 Kudos

Hi Shivam,

For a standalone java application, you could not use the UME API directly. The recommended way for manipulating UME principals (including changing their password) from standalone java applications is via SPML. It is a webservice like interface that accepts SPML requests. For accessing it you could use any java HTTP client. For more information, please see

There is a special section for changing and resetting passwords: "2.1.5 Changing or Resetting Passwords".

Best regards,

Nikolay

Former Member
‎10-08-2015 11:52 AM
0 Kudos

Hi Nikolay,

For SPML, will it require just activating SPML services for some User on SAP side after which I can call that service from Standalone Java Client ? or will it require some Server side code to be deployed on Netweaver?
My client might not be open to deploying something on Netweaver.

Also, can you please share some JavaDoc from which i can get help creating Java Client for SPML services?

TIA,

Shivam

Former Member
‎10-09-2015 7:08 AM
0 Kudos

Hi Shivam,

Modifying UME principals (users, groups, roles) does not require any server side code.

The SPML is an XML formatted request that you send to the server, the server processes it and returns a response. All the supported operations are well documented in SAP Identity Management APIs (Security and Identity Management).

There is no javadoc that I could send to you as there is no client side library that can be used to send the SPML request. But a client side library is not needed as you could simply use the java.net.HttpUrlCorrection.

Here is a small sample, how you could send an SPML request and get the response (please have in mind that I have removed any error handling from the example in order to save space):

        URL url = new URL(spmlURL);

        HttpURLConnection httpConn = (HttpURLConnection) url.openConnection();

       

        String login = username + ":" + password;

        String encodedLogin = (new BASE64Encoder()).encode(login.getBytes());

       

        httpConn.setRequestProperty("Authorization", "Basic " + encodedLogin);

        httpConn.setRequestProperty("Content-Length", String.valueOf(b.length));

        httpConn.setRequestProperty("Content-Type", "text/xml; charset=utf-8");

        httpConn.setRequestMethod("POST");

        httpConn.setRequestProperty("X-Requested-With", "XMLHttpRequest");

        httpConn.setDoOutput(true);

        httpConn.setDoInput(true);

       

        OutputStream out = httpConn.getOutputStream();

        out.write(/*Here the SPML request must be sent*/);

        out.flush();

       

        httpConn.getOutputStream();

        httpConn.connect();

        BufferedReader br = new BufferedReader(new InputStreamReader(httpConn.getInputStream()));

        String line = null;

        while ((line = br.readLine()) != null) {

            // Here you could read the response and see if the operation is successful or not.

        }

Best regards,

Nikolay

Former Member
‎10-12-2015 12:23 PM
0 Kudos

Hi Nikolay,

Thanks a lot for persistent replies.

As per your instructions i created a user in UME and gave its spml_read_action and spml_write_action permissions and i created a Java HTTP Client.

I have some queries :-

1. The SPML Requests should be sent in String format or in Byte Array with UTF-8 Charset? As I am able to authenticate the SPML URL with the user but it seems like SPML request is not processed and there is nothing in the HTTP response (HTTP Status code is "200 ok")

2. Do I need to configure anything else on SAP side for this? (I was able to access http://<host>:<port>/spml/provisioning using the user mentioned above) Do i need to configure Virtual Directory Server for this?

Looking forward for your help once again.

Thanks,

Shivam

Former Member
‎10-13-2015 4:13 PM
0 Kudos

Hi Shivam,

It looks like you have done everything as expected. There is nothing else that you have to do on the server side. And there is no need to configure Virtual Diretory Server.

Regarding the SPML request, I sent is as a byte array taken from a string with UTF8 encoding.

Is it possible to send me the client code, so that I could test it on my installation? If this is not possible, could you please collect a trouble shooting trace as it is described in SAP Note 1332726. Please follow example 2 from the note and set log location com.sap.security.core.spml. This way we could see what has happened on the server side.

Best regards,

Nikolay

Former Member
‎10-14-2015 1:11 PM
0 Kudos

Hi Nikolay,

I was able to modify UME user attributes using SAP mxopenspml.jar provided as an attachment in SAP Note 1335669.

But, the thing is, this jar is dependent on SOAP.jar but the accurate version of this SOAP.jar is not mentioned anywhere. Also, i was unable to find these jars in SAP MarketPlace.

If you can suggest something about this, that would be of great help

Thanks,

Shivam

Former Member
‎10-15-2015 7:09 AM
0 Kudos

Hi Shivam,

Unfortunately I could not provide any help for these jars. I tried to find any some information, but without any luck.

I would suggest you yo open an incident on component BC-IAM-IDM, where the note has been released.

Best regards,

Nikolay

Answers (0)

Ask a Question