cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SSO with Webgui and ~transaction=MM03

Former Member

on ‎02-06-2008 1:04 AM

0 Kudos

We use SSO for SAP GUI and SAP Webgui and it works fine for both. In the case of webgui we call first the service sapntauth.srvc which is then redirected to the service webgui.

Is there any possibility to pass the transaction as a query string when using SSO? This works perfectly fine without SSO, e.g. [http://<hostname>/scripts/wgate/webgui/!?transaction=MM03&client=002&~language=en]

But in combination with SSO the only way to call a transaction directly was by creating individual services for each transaction. Any hint on how to do better would be very welcome.

We use SAP ITS 6.20 Patch 23.

Regards,

Gerald

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎08-13-2008 9:15 PM
0 Kudos

We did not find a solution to pass 2 parameters to the redirect service. As we are moving to Netweaver Portal, the question becomes obsolete

Show replies
Show replies
Former Member
‎02-06-2008 8:27 AM
0 Kudos

Hi Gerald,

what is sapntauth.srvc? May be you can use Javascript or Business HTML to parse the URL and

to assemble a redirection URL containing the ~transaction parameter?

regards

Tobias

Show replies
Show replies
Former Member
‎02-06-2008 1:28 PM
0 Kudos

We use SNC with NTLM authentication as single sign on method. sapntauth.srvc ist the relevant PAS service file (see [SAP Help|http://help.sap.com/saphelp_47x200/helpdata/en/fc/9d353a03e5494ce10000000a114084/frameset.htm]). This works perfectly fine. The user clicks on a link to the sapntauth.srvc and is then redirected to the webgui.srvc

The problem with this method: We have to write a xxx_auth.srvc and a transaction.srvc for each single transaction for which we like to offer a direct http link via Webgui.

I am looking for a method to pass the transaction in the query string and at the same using NTLM as authentication.

Thank you

Gerald

Former Member
‎02-07-2008 8:12 AM
0 Kudos

Hi Gerald,

what is the contents of your service? What does it do? The link provided by you is not very helpful...

I am almost sure that there is a way to pass parameters to the query executed by this service.

regards

Tobias

Former Member
‎02-08-2008 7:37 AM
0 Kudos

Tobias,

thank you for your dedication.

I found the [wiki of Klaus Layer|https://www.sdn.sap.com/irj/sdn/wiki?path=/pages/viewpage.action?pageId=22375] very useful and created some URLs according his guidance.

It works perfectly as long as we don't use single sign on. We use the service file SAPNTAUTH.SRVC as described in SAP note 361064. Instead of a redirect to service sapwp we redirect to the service webgui.

SAPNTAUTH.SRVC provides the logon ticket for the user and then redirects the user to the desired service (in this case webgui.srvc). We pass the parameter redirectQS to sapntauth.srvc via the url: [http://itsfrq/scripts/wgate/sapntauth/!?redirectQS=~transaction=*vl71 RG_VBELN-LOW=80000380]

This works fine yet, but we get an error message as soon we include a semicolon ";" in the url, e.g. [http://itsfrq/scripts/wgate/sapntauth/!?redirectQS=transaction=*vl71 RG_VBELN-LOW=80000380;RG_KSCHL-LOW=ZLD0;DYNP_OKCODE=SHOP]

The error message is: client does not exist in system.

Do you have any idea on that?

Kind Regards,

Gerald

SAPNTAUTH.SRVC

###############################################

  1. @Copyright SAP AG 2002

  2. Example Service File for the Pluggable Authentication Service (PAS)

#

  1. Remark:The PAS Modul sapextauth must be included in ~xgateways in global.srvc

  2. There are following types for PAS on ITS:

#

  1. X509 --> ITS 4.6D (remark also note: 350776)

  2. NTLM --> ITS 4.6D (remark also note: 361064)

  3. NTPassword --> ITS 4.6D (remark also note: 497532)

  4. LDAP --> ITS 6.10 (remark also note: 509237)

  5. HTTP --> ITS 4.6D (see note: 493107 and 494984)

  6. DLL --> ITS 4.6D (remark also note: 535538)

#

  1. For detailed information see documentation (http://service.sap.com/security)

###############################################

~theme 99

###############################################

  1. Module

~xgateway sapextauth

  1. possible settings ->X509 , NTLM , NTPassword , LDAP , HTTP, DLL

~extauthtype NTLM

  1. For NTLM and NTPassword: NT , for X509: DN, for LDAP: LD,

~extid_type NT

#

###############################################

  1. settings for PAS service self

~client 002

~language de

#get a SSO2 Ticket

~mysapcomgetsso2cookie 1

#converts the login input to upper case. Might useful for LDAP and NTPassword

#if in doubt, set to 1 and maintain USREXTID mapping in caps.

~login_to_upcase 1

#

###############################################

  1. after external authentication

  2. Hostname which should redirected

~redirectHost itsfrq

  1. path to another service

~redirectPath /scripts/wgate/webgui/!

#~redirectQS (Query String): ITS specific service parameters can be set there

~redirectHttps 0

~login_template login

  1. if 1, user get only a ticket, if there is no

~dont_recreate_ticket 1

#

###############################################

~webgui_message_in_popup 0

Ask a Question