07-17-2007 8:42 PM
Hi,
We have deployed our application (j2ee application) as an ear in SAP Netweaver. In order to facilitate SSO the following authentication modules have been set up on Netweaver: Evaluate SAP Logon ticket, Kerberos authentication and form based validation.
How do we associate the deployed application (ear file) to the authentication stack?
Is this done by having entries in web-j2ee-engine.xml ? If so, an example would be helpful as to what entries need to be there and how to prioritize the authentication stack.
Thanks,
- Shankar
07-20-2007 5:30 PM
Hi,
The authentication configuration will be automatically created for the application, based on the login module configuration you (can optionally!!!) setup in web-j2ee-engine.xml. This is described in greater detail here:
http://help.sap.com/saphelp_nw70/helpdata/en/3e/ee7aa1ab8b4442bab00ba3171cef72/frameset.htm
The doc has examples too - the prioritization of the modules in the stacks is done with their order in the stack plus the JAAS (=Java Authentication and Authorization Service) flags. With the latter you control the execution flow.
Since you mention Kerberos, take a look at the ordering of the stack for the SPNego solution that SAP provides for Kerberos authentication:
http://help.sap.com/saphelp_nw70/helpdata/en/43/4bf48061215f6be10000000a1553f6/frameset.htm
You'll probably need to setup your stack in a similar way.
Regards,
Yonko
07-24-2007 3:20 PM
Thanks for your response.
I want to start out simple and configure authentication for our application with one module, namely BasicPasswordLoginModule. This is provided by SAP Netwaeaver out of the box. In order to use this what need to be the entry in the web-j2ee-engine.xml?
Will the default challenge response form from Netweaver will be used? or do I need to configure a login page as well?
Also, do we need any entries in web.xml?
Thanks.