on 05-01-2007 10:36 PM
Hello everyone,
Can anyone suggest me how to consume with saplogon tokens from biztalk server application. I was curious to know whether SAP Logon Tokens can be used from Biztalk to enable single signon.
Regards
Ram
Hi Ram,
you should be able to do so using the SSO22KerbMap Module if the Web Service offered by BizTalk allows authentication using Windows Integrated Authentication.
Please see my whitepaper <a href="http://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/9bdcb279-0e01-0010-b5ac-ef7f99e44c68">Single Sign-On of Windows-Based Web Service Clients using SAP Logon Tickets</a> and check the SAP Note 735639 SSO22KerbMap: Known issues .
Best regards,
André
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Andre,
I had already gone thorugh your white paper. It was great white paper. i have certain queries like
1) You have used the class BAPI_FLIGHT_GETLIST to create proxy for web service and for definiing parameters. i am not sure where this class refered to?
2) I am even wondering where destinationfrom and destinationto objects/variables refered to?
3) As far as i know from yourwhitepape, Webapplication will be calling SAP webservice but in my requirements it is otherwise. I would be getting request from ABAP to .NET web service so how can i handle SAP Logon tickets.
I would be grateful if you answered my queries.
Thank you and have a nice day
Regards
Ram
Hi Andre,
Let me give you clera picture. SAP will be consuming our webservice and query the details from biztalk. biztalk will respond back to SAP. Now biztalk will query to SAP.
We are planning to use SAP Logon tickets, i am wondering how the SAP will send us the SAP Logon ticket and how this ticket convert to windows token and how this windows token converts back to Sap Logon Ticket.
Please help
Regards
tarak
Hi Andre,
I read your article "Sample Application: SSO with a .NET-based Web Service Client using SAP Logon Tickets". This is really a great post. I tried to implement SSO for SAP from .Net as per you have mentioned. I am facing one problem. Following are the details.
I want to develop one ASP.NET application from where I can show SAP IView. I have URL of SAP application, URL of IView, Credentials to access the SAP, Also my client had created logon ticket for me. Means I have all detail.
Now as per steps mentioned in the article, I have created class SAPLogonTicket.cs where I have written the following code(copied your code and just changed credentials and SAP URL).
----- Code Start--
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(ticketissuerURL);
request.CookieContainer = new CookieContainer();
request.Credentials = new NetworkCredential("SAPUser", "SAPPassword");
Console.WriteLine("Connect to " + ticketissuerURL);
HttpWebResponse response;
try
{
response = (HttpWebResponse)request.GetResponse();
}
catch (System.Net.WebException ex)
{
throw ex;
}
Console.WriteLine("HTTP Return Code ", response.StatusCode);
this.CookieContainer = request.CookieContainer;
----- Code End--
After implementing this When I am running the application I got following error.
"The remote server returned an error: (400) Bad Request.".
So please assist me, if I am missing some setting, do we need to use SAPSSOEXT.dll, do we need that PSE file of ticket.
Note: 1) I am able to access the SAP application directly from browser using same credentials.
2) As I dont want that flight one webservice implementation. I have ignored all other coding in GetFlights.cs class.
Any help would be greatly appreciated.
Thanks in adv.
Edited by: Netweb on Nov 12, 2009 3:40 PM
Hello,
I think the best way of doing this is to use the SAPSSOExt.dll in the Microsoft side and develop an ASP .NET Web Service which receives the call from the SAP system. From SAP you can choose to use SAP Logon Tickets as Assertion Tickets in the header, the Web Service on Microsoft side will get the Tickets, will hand it over to the SAPSSOExt.dll where it will get verified and then after sucessfully verifiying the Ticket a Kerberos Ticket will be requested and the BizTalk Application is called. I would recommend reading through the documentation of the SAPSSOExt.dll.
- Juergen
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
95 | |
11 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.