on 03-25-2008 9:47 PM
Hi,
In our environment we have machines that are accessed by many users. What tends to happen is that one user will log in to Portal and that one session will be used by all of the other users. This means that all of the users that use that session are logged in as the original user.
We have some sensitive HR information that is accessed through Portal via a Web Dynpro. What we need to achieve is that when the Web Dynpro starts, the user is forced to authenticate again. So if "user1" is logged in, then "user2" should be able to run the Web Dynpro and enter their credentials and have it log in as them.
Thanks,
Greg
IUserAccount usrAccount = UMFactory.getUserAccountFactory().getUserAccountByLogonId("<logonID>",null);
if(usrAccount != null && !usrAccount.isPasswordDisabled()){
if(usrAccount.checkPassword("<input string>"))
// Allow user to process
else
//throw Exception
}
embed this code with your application, you may achive authetication....
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Greg,
If you want to use the unique userid to login to portal and use different userid/password to access the HR system, check if an SSO is built between the Portal and HR System and if so, delete the SSO between these 2 systems which would force you to login whenever an iView from the HR system is accessed from the portal.
Thanks!
Surya.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
may be you can try with this
In your application, set property sap.authentication to true
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks but that isn't what I'm looking for.
The scenario I have is:
"User123" is authenticated to Portal.
When someone runs my Web Dynpro I want to force them to authenticate again.
The reason for this is that the Web Dynpro displays sensitive information and the user that runs the application isn't necessarily the same user that started the session.
hi,
I think this is possible by changing the application property.Suppose your webdynpro application has an application called "test". Now double click on test.A view opens, now click on application properties,select new. Now select "predefined" and and then browse to get "authentication". select this and sets its value to true. Now whenever your webdynpro application needs to deployed, it has to authenticated. You can try this.
Thanks Pinki, but that does not help.
sap.authentication is set true by default. What that property does is ensure that the current user has authenticated to Portal. If they have, the application will run. If they have not they will be prompted to provide their credentials first.
This differs from my situation, because I need to force the user to authenticate even if they have already done so.
User | Count |
---|---|
93 | |
10 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.