on 06-25-2008 9:31 AM
Hi,
I have developed an application in J2EE/ JSP using Netweaver Developer studio that connections to a back-end system using the JCO Java connecter.
Our EP consultant has created an iView for this but, of course, the user must log in a second time to my application using their credentials.
I have been asked to make this work using SSO. If I understand correctly, to do this I essentially need to look for a browser cookie call MYSAPSSO2, and from that I can determine the name of the user logged in.
Questions:
1. Does anyone have an example of Java code that handles this?
2. Where can I get a description of the SSO cookie structure so that I can take out the information that I need and have my code handle all the different configurations that this cookie might have?
3. Is this a secure way to do things? Surely it would be easy for someone to make a "fake" cookie (a faux biscuit) to dupe my code into thinking a particular user was logged on.
Thanks!
Tristan
Hi ,
dou need the code for the user name who has logged into the portal . or u need SSO Details,
Regards
venkat
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
for current user logged
Try:
{
// get the currently logged in user
IWDClientUser wdUser = WDClientUser.getCurrentUser();
//get the com.sap.security.api.Iuser; It is null in case wdUser represents an anonymous user
IUser user = wdUser.getSAPUser();
//check whether the user is anonymous
if (user != null)
{
//access logon ID by iterating through the IUserAccount array
IUserAccount[] acct = user.getUserAccounts();
if(acct[0] != null)
{
String strUserid = acct[0].getLogonUid();
//pass the value obtained from the portal to value attribute
wdContext.currentNode().setAttribute(new String(strUserid));
}
}
}
put this code
Regards ,
venkat
Hi Venkat,
Thanks for your reply, but I think that only works for WebDynpro applications. We are writing a pure Java application - when I try that code I get a null pointer exception because, presumably, the call to getCurrentUser is expecting some of the web dynpro classes to have been instantiated.
Do you know how we could achieve this in pure Java?
Thanks,
Tristan
Hi,
could you clarify your problem?? I'm confused.
You developed an enterprise application that is deployed in your J2EE Engine and you are accessing it via SAP EP.
Is there any other system involved or why are you talking about implementing Single Sign On?
If your application resides in the portal you can easily determine the Authenticated User using UME API
Here is some sample code:
boolean permitted = false;
try {
IGroupFactory igf = UMFactory.getGroupFactory ();
IUserFactory ufac = UMFactory.getUserFactory ();
IGroup GROUP = igf.getGroupByUniqueName ("GROUPTOCHECK");
IUser loggedonUser = UMFactory.getAuthenticator().getLoggedInUser();
if (loggedonUser!=null) {
String groupun = GROUP.getUniqueID ();
permitted = loggedonUser.isMemberOfGroup (groupun, true);
}
} catch (UMException UMEx) {
UMEx.printStackTrace();
}
If you want to validate the logon ticket or extract information from it you need an appropriate SAP Library called SSOEXT but this only makes sense for external or 3rd party systems.
Nevertheless goto https://websmp105.sap-ag.de/swdc and search for SSOEXT:
Download the software. The package also contains documentation and sample codes for various programming languages (e.g. Java, .NET and others)
Hope this helps
Cheers
User | Count |
---|---|
93 | |
10 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.