Kerberos on SAP WAS CE

Former Member · ‎06-24-2008

Hi All,

I want to use kerberos authentication in my web application. I have configured UME (ADS as datastore), after this SAPNEGO configuration is also done. In step 3 of SAPNEGO authentication i.e. Resolution Mode if I put any existing usrid then I get a message as "Kerberos principal name 1234@domain is resolved to user 1234 in UME".

I have also done all the settings required at IE side.

I have some doubts:-

1. How can I get this userid(1234) in web application. Can I get it in any Header variable or as a request.getRemoteUser(). I need this user id to do some internal authentication.

2. How can I confirm that kerberos is working with my web application.

3. Do I have to do any settings in web.xml or web-j2ee-engine.xml for kerberos to work.

If anybody has done this before please reply.

cheers

Jayant

former_member698570 · ‎06-27-2008

Hi,

as far as I understand you created your own application and deployed it on the SAP WAS on which you also configured SPNEGO, correct?

In this case (let's assume SPNEGO is working fine) all you have to do is configure the logon module stack for your application. You can do this

in the Security Provider Service (Visual Administrator)

You have to configure the SPNEGOLoginModule and provide some options. If you did this correctly you can login to your application using Kerberos authentication.

For Troubleshooting you should change the severity of the following Log Locations (use the Log Configurator Service in Visual Admin to do this).

com/sap/security/core/server/jaas and also System/err and System/out

(All logs will be written to default trace)

Hope this helps

Cheers

Kerberos on SAP WAS CE

Accepted Solutions (0)

Answers (1)

Answers (1)

Re: Integrate an external task system to Cloud ALM...

Re: error during install SAP S/4HANA Server 2022

Re: Mass Update Zfield in Std Table with Split & J...

Re: Unable to connect to Datasphere using the CLI

Re: Mass Update Zfield in Std Table with Split & J...