on 04-22-2008 6:26 AM
I am trying to write a custom SAP Login module which would have some authentication logic and once authenticated SAP should generate MYSAPSSO2 cookie.
For the time being, I have written a stub module which always returns successful authentication status.
We have a simple servlet which invokes this authentication module as follows.
Servlet has
LoginContext lc= new LoginContext(myPolicy);
Lc.login();
myPolicy has the following login modules
1 MyLoginModule Requisite
2 CreateLoginTicketModule Optional
On successful authentication, createLoginModule is setting SAPLogonTicket as the private credential for a subject but nowhere we could see the required cookie ( iehttpheader is showing JSESSIONID and saplb cookies but not MYSAPSSO2)
subject=Subject: Principal: manasi --- Subject is set correctly
Private Credential: com.sap.security.core.server.jaas.SAPLogonTicketCredential@f0364750
Principal manasi
HTTP parms
HTTP/1.1 200 OK
Server: SAP J2EE Engine/7.00
Content-Type: text/html
Set-Cookie: saplb_*=(ps6073_N4S_01)18533550; Version=1; Path=/
Content-Length: 519
Date: Thu, 10 Apr 2008 14:02:42 GMT
Set-Cookie: JSESSIONID=(ps6073_N4S_01)ID0291618550DB00965507315922702307End; Version=1; Domain=.persistent.co.in; Path=/
Possible configuration changes I have tried so far -
We tried setting profile parameters in DEFAULT.pfl -
login/accept_sso2_ticket - 1
login/create_sso2_ticket - 2 -
login/ticket_expiration_time
the key storage correctly setup to have SAPLogonTicketKeyPair and SAPLogonTicketKeyPair-cert.
The browser is setup to accept cookies.
UME configuration has login.ticket.client=000
The client and server reside on the same machine so there should not be a problem of certificate import/export.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
84 | |
24 | |
12 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.