Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Question about Logon ticket with user mapping at BI-JAVA environment

Former Member

‎08-27-2007 8:54 AM

0 Kudos

We're implementing BI 7.0 including BI Java and SAP EP for end user

access.

I have two question about SSO method when we're using BI Java.

I know we can simply configure SSO logon ticket with BI-Java(EP

included) and BI-ABAP through BI template installer and we already

succeeded in that case.

But the problem is we want to change it to user mapping SSO method for

some our internal reason.

After we configure user mapping SSO, we've got SSO failed error when we

call BI-Java stuff like BEx Web Application iView.

After many testing implemented, we found SSO Logon ticket with user

mapping (using SAP reference system). It seems working now.

But our question is "Is it no problem when we use SSO logon ticket with

user mapping?" Is there any restriction or issue?

One more question is we can ONLY use user base mapping when reference

system used. How can we assign BI-ABAP users to EP Group?

5 REPLIES 5

Former Member

‎08-29-2007 6:11 AM

0 Kudos

Hi,

1. It's Ok to use user mapping as your logon method. it mey be a little complicated then SSO logon ticket because you'll need to map every user manualy unless you you map you EP groups to ABAP users(see the next section)

2. in the Identity menagment find the group you want to map and look for the tab "user mapping for system access" (same as for regular user).

WolfgangJanzen
Product and Topic Expert
Product and Topic Expert

‎08-29-2007 5:34 PM

0 Kudos

An SAP Logon Ticket can only contain two "userIDs":

one "ABAP userID" and one "Java / EP username".

So, when the SAP Logon Ticket is created by a Java system and if an ABAP system is configured as "reference system" it's possible that both "userIDs" are contained in the ticket.

<u>Notice</u>: ABAP systems only evaluate the "ABAP userID" information contained in a ticket (and also create SAP Logon Tickets containing the "ABAP userID", only).

Best regards, Wolfgang

Former Member
In response to WolfgangJanzen

‎09-04-2007 2:03 PM

0 Kudos

I have a ticket I like that:

A Java / EP username ans a "ABAP ID" are both in a ticket.

I would like to use the "<b>ABAP ID</b>" and not the "Java EP username " from the ticket as my portal user in a second portal who gets logged in via the SAP Logon Ticket.

The LoginModule would do exactly what EvaluateTicketLoginModule does.

Accept it would use the "ABAP user" as the portal user.

Is a Login Module for this available or do I have to write/modify my own?

Former Member
In response to WolfgangJanzen

‎09-04-2007 3:09 PM

0 Kudos

Hi,

Did i understood you well, you trying to connect from one portal to another portal?

Former Member
In response to WolfgangJanzen

‎09-04-2007 5:17 PM

0 Kudos

Yes, I would like to call an iView from a second portal via URL iView Integration.

This is the integration scenario, fedrated portal will not work here.

Therefore I would like to use SAP Ticket and use the ABAP user from that ticket to authenticate against the "backend portal"