on 03-13-2008 5:11 PM
I am currently in the process of configuring ADS for my Netweaver 2004S system (connection BW and the Portal). I have gone through the guide numerous times and set up the users and roles exactly the way they have mentioned in the guide, however, when I attempt to test my RFC connection I am getting the error 403 Forbidden message. I have verified that I am using the correct username and password.
PS When I change the RFC connection to use the J2EE Administrator username and password it tests successfully.
Edited by: Jon Morozowski on Mar 13, 2008 6:44 PM
I could not give ADSCallers access to the WSNavigator so I added my user to a group that had access and all is working now.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
My ADS_AGENT user works fine with that test. I have double checked my security config from the guide and bounced my J2EE engine and the ADS rfc connection is STILL failing. It appears to be some kind of security somewhere on the Java side. I've verified that I can login to my J2EE side with ADSUser. Can someone with a working ADS please let me know what components their ADSUser has rights to?
Shridhar,
I have ran your test and I think I isolated the problem even further. I can not login to the WS Navigator with ADSUser, however, I can login with my Administrator user and then when I run the test using the ADSUser ID it is successful. When I attempt to go to the url http://<ADS_HOST>:<PORT>//AdobeDocumentServices/Config?style=rpc I can not login there with ADSUser, but when I login with Administrator and then run the test, and then enter the ADSUser credentials for the test, the test runs successfully. So I think if I can get ADSUser to login to WS Navigator then my problem will be solved.
HTTP/1.1 200 OK
Connection: close
Set-Cookie: <value is hidden>
Set-Cookie: <value is hidden>
Server: SAP J2EE Engine/7.00
Content-Type: text/xml; charset=UTF-8
Date: Fri, 14 Mar 2008 17:38:36 GMT
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ><SOAP-ENV:Body><rpl:rpDataResponse xmlns:rpl='urn:AdobeDocumentServicesVi'><Response xmlns:pns='urn:com.adobe'><pns:rpStreams></pns:rpStreams><pns:rpStrings><pns:RpString><pns:name>Error_Level</pns:name><pns:value>0</pns:value></pns:RpString><pns:RpString><pns:name>Results</pns:name><pns:value>Processing exception during a "checkDocument" operation.
Request start time: Fri Mar 14 13:38:36 EDT 2008
com.adobe.ProcessingException: Required stream: "PDFDocument" not found in request OR its length is zero.
Exception Stack Trace:
com.adobe.ProcessingException: Required stream: "PDFDocument" not found in request OR its length is zero.
at com.adobe.ads.request.Request.checkDocument(Unknown Source)
at com.adobe.ads.request.Request.setUpOperations(Unknown Source)
at com.adobe.ads.request.Request.process(Unknown Source)
at com.adobe.AdobeDocumentServicesEJB.processRequest(Unknown Source)
at com.adobe.AdobeDocumentServicesEJB.rpData(Unknown Source)
at com.adobe.AdobeDocumentServicesLocalLocalObjectImpl0_0.rpData(AdobeDocumentServicesLocalLocalObjectImpl0_0.java:120)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at com.sap.engine.services.webservices.runtime.EJBImplementationContainer.invokeMethod(EJBImplementationContainer.java:126)
at com.sap.engine.services.webservices.runtime.RuntimeProcessor.process(RuntimeProcessor.java:157)
at com.sap.engine.services.webservices.runtime.RuntimeProcessor.process(RuntimeProcessor.java:79)
at com.sap.engine.services.webservices.runtime.servlet.ServletDispatcherImpl.doPost(ServletDispatcherImpl.java:92)
at SoapServlet.doPost(SoapServlet.java:51)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
</pns:value></pns:RpString><pns:RpString><pns:name>VersionInfo</pns:name><pns:value>800.20070708051308.406522</pns:value></pns:RpString><pns:RpString><pns:name>TraceString</pns:name><pns:value> com.adobe.ProcessingException: Required stream: "PDFDocument" not found in request OR its length is zero.
</pns:value></pns:RpString></pns:rpStrings></Response></rpl:rpDataResponse></SOAP-ENV:Body></SOAP-ENV:Envelope>
Edited by: Jon Morozowski on Mar 14, 2008 6:39 PM
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
To access WSNavigator
add securityrole "sap.com/com.sap.engine.services.webservices.tool*wsnavigator : WSNavigatorRole" to "everyone" group or ADS_AGENT.
How?
Login to Visual Admin -> Server > Services -> Security Provider > Policy Configurations
- Select com.sap.engine.services.webservices.tool*wsnavigator
Select tab Security Roles and change the Security Role WSNavigatorRole also to groups everyone and save it.
Regards
Shridhar Gowda
Hi Jon,
Make sure that you are atleast on sp stack 11 on your java stack.
Once your ads_agent is working fine then just create a http destination using visual admin.
FP_ICF_DATA_<SID> enter the client details and use ur ads_agent user.
in the address enter http://localip:<abap http port>.
Regards,
Vamshi.
Thanks for all the answers. However, there is not a problem logging in to the portal with the ADSUser account. The problem seems to be a security issue on the Java side. When I try to test via the http link to test and I log in with the ADSUser I get the message " You are not authorized to view the requested resource".
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Jon,
Create a user ADS_AGENT this should be a service user and the role to this user should be SAP_BC_FP_ICF.This user should exsists in the client in which you want to use ADS.
The ADSUSER will be exsisting in the client 001 by default.
Also check this link
http://<local ip>:8001/sap/bc/fp/form/layout/fp_test_00.xdp
Enter the userADS_AGENT and the password which you have created.
The output should be in the xml format.
Regards,
Vamshi.
do this test and let me know
1. The info of SM59 , test via browser link this
http://<ADS HOST>:<PORT>/AdobeDocumentServices/Config?style=rpch
2. click > Test tab then "rpData then Send button
3. now it will ask you for user/password. enter correct ads username and password:
copy -paste the error here.
Regards
Shridhar Gowda
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi
In the path prefix of your rfc in sm59 give the following string
/AdobeDocumentServices/Config?style=rpc
If you dont use ssl this works fine, as you have already created the user 'ADSUSER' in the 001. This user must be a communication user.Also try creating the same user in the client which you want to configure ADS.Then place the ads user password in the rfc and try it should work.It has worked in my case.
Reward points if helpfull.
Regards,
Vamshi.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
On ABAP side, it should not matter. But please do and also make sure that the password is the same on ABAP & Java side both.
Regards,
Snehal
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
I am asuming your java stack and ABAP stack are in the different machiens and answering this question.
if this is the case you will have 2 users ADSUSER(one in abap and one in Java)
Please delete the one in the java database and change the password from portal and see if it is reflecting in ABAP(to check this you have to change the user as dailog , test it and change back to system).
If this is all working you wont face any problem with the RFC connection.
I am happy to provide any further information.
Kind Regards,
Vamsi.
I deleted and recreated the user on the Java side and it did not fix the problem. Does the user need to be deleted and recreated on the ABAP side as well? I think the case is wrong there also.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Recreate the user with the correct case.
Regards,
Snehal
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thank you for the swift reply, it appears the case in Visual Admin is all caps. Is there a way to change this case or should the user be deleted and recreated on the Java side?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Please refer to the following link and make sure the correct authorizations are granted :
http://help.sap.com/saphelp_nw70/helpdata/en/7f/65eba6ac324d28b477390262a87ab2/frameset.htm
Also, in the policy configuration to user mapping the user should be maintained in the right case 'ADSUser'
Also refer to SAP note 944221.
Hope this helps.
Regards,
Snehal
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
84 | |
10 | |
10 | |
10 | |
7 | |
6 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.