cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Logon ticket using XI

Go to solution
Former Member

on ‎05-13-2007 12:25 PM

0 Kudos

Hello,

We have the following scenario:

We have a webdynpro we created on our portal (EP6.0 SP19) which calls a webservice hosted on our XI (XI3.0 SP19) via SOAP. This webservice actualy calls an RFC on our R34.6c system (Basis COP51) and returns synchronosly some data to the webdynpro.

When running this scenario without any users/PP it runs fine.

When we are changing the agreements in XI to use <b>Principal Propagation</b> and do not pass any user/pass with the webdynpro, we fail on accessing the XI with error <b>401 - unauthorized</b> (from the engine ICM port).

We have configured everything for PP according to the guides (SP19), created the user with the required auths in all systems, etc.

we have set in the webdynpro application the parameter sap.authorization=true even.

What we think might be the problem is that no ticket is passed to the XI from the portal so it gets the 401 error.

How can this be checked?

We have noticed no problems in the security log traces on either XI or portal.

Regards,

Yaki

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

MichalKrawczyk
Active Contributor
‎05-13-2007 12:59 PM
0 Kudos

Hi,

can you double check with Alexander's blog?

/people/alexander.bundschuh/blog/2007/01/16/principal-propagation-in-sap-xi

Regards,

michal

-

<a href="/people/michal.krawczyk2/blog/2005/06/28/xipi-faq-frequently-asked-questions"><b>XI / PI FAQ - Frequently Asked Questions</b></a>

Show replies
Show replies
Former Member
‎05-13-2007 1:44 PM
0 Kudos

Hi Michal,

We already used this blog, it's realy a good one but still have the problem described above, any idea?

Regards,

Yaki

Former Member
‎05-22-2007 5:01 AM
0 Kudos

Hi all,

We have found note: Note 856597 - FAQ: XI 3.0 SOAP Adapter

in it, there is a section speaking about our 401 error:

Q: I get an authorization error "401 Unauthorized" from the adapter's servlet. What went wrong?

A: The adapter's servlet is protected by default. You must use one of the user names assigned in security role xi_adapter_soap_message for component XISOAPAdapter. Please consult the documentation for Visual Administrator to view and change the security setting.

The user authentication of the SOAP adapter is not part of the SOAP adapter but of the web container of the J2EE engine. The default authentication setting is defined in the web.xml descriptor file of the SOAP dapter web application. This setting may be modified from Visual Administrator with some restriction. Please refer to the security documentation for the J2EE engine.

Can this be related to our problem?

If so, where should we configure this role?

It does not exist by default in our system.

Regards,

Yaki

Former Member
‎05-23-2007 3:59 PM
0 Kudos

Hey Yaki, i am in the same shoes , i dont now why i am also getting same 401 unauthrozed error , I amusing XI 7.0 SP11 earlier i configured on XI 7.0 SP10 without any issues and every thing went fine.

Any directions or updates on your side ?

Former Member
‎05-24-2007 7:06 AM
0 Kudos

Hi,

We still not found a solution, we had a direction but it didn't succeeded, you can also try it, maybe ....

note 856597 that you found may be relevant for this issue, i.e. :

Q: I get an authorization error "401 Unauthorized" from the

adapter's servlet. What went wrong?

Please review the following links which should help you in configuring

this role:

'User Roles for Adapter and Module Development'

http://help.sap.com/saphelp_nw2004s/helpdata/en/43/1e1bbc5d9206fde10000000a422035/frameset.htm

'SOAP Adapter'

http://help.sap.com/saphelp_nw2004s/helpdata/en/02/6d5c034c182e4fbe7bfd25c2b56f9b/frameset.htm

If this does not help please review the following note and change the

password for the user accordingly:

- 810621 UME with ABAP persistence: Error in back end connection

Anyway, if we will have a solution, I will update this message.

Regards,

Yaki

Answers (1)

Answers (1)

Former Member
‎05-24-2007 7:10 AM
0 Kudos

<a href="https://www.sdn.sap.comhttp://www.sdn.sap.comhttp://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/69d95112-0d01-0010-8297-fa31feea26e0">How to Enable Single-Sign-On for SAP Exchange Infrastructure</a>

hope help you!

Please Award points if help is useful .

jun huang

Show replies
Show replies
Former Member
‎05-24-2007 9:16 AM
0 Kudos

Hi Jun,

This document describes ths SSO between the XI components, we try to operate the SSO between EP to R3 via XI.

Thanks anyway,

Yaki

Former Member
‎08-03-2007 4:11 PM
0 Kudos

Yaki,

We are experiencing the same issue in an XI 7.0 SP11 system. Have you found answer to this issue yet? Would you mind share it if you have. Thanks.

Regards,

Jiannan

Ask a Question