Skip to Content

assign value to an ABAP variable(page attribute) directly ,from javascript.

What we get in the Input field is something like this :

image

We can see a lot of name-value pairs like sap-appcontext,sap-contextid,JSESSIONID and finally we can see what we need,the MYSAPSSO2 cookie,but its value is incomprehensible,as it seems encrypted.

The other values also contain lots of information like Session details in cookie

JSESSIONID

, but right now we just need to extract the userid of the EP user,
basically,to just decrypt the MYSAPSSO2 cookie.
Firstly we need to separate it from the other values,so as to make our task little easier.So,in onInputProcessing event handler,we use

SPLIT mysapsso2 AT 'MYSAPSSO2=' INTO temp1 temp2 .
SPLIT temp2 AT ';' INTO cookie temp2.

And we get the following value in the variable-cookie.

image

It turns out that it is just Base 64 encoded and first, we have to decode it to see what it actually has in store.

In ABAP the class

CL_HTTP_UTILITY

has methods which help us achieve just that. But first we need to pass the value from the input field, so that it can be
read and processed.
Through the button click we can submit the form to to process the value in onInputProcessing.
Then, in the event handler onInputProcessing ,we process the value as:

CALL METHOD utility->decode_base64
EXPORTING
encoded = cookie
RECEIVING
decoded = cookiedecoded.

IF we print the value that we have now in page attribute cookiedecoded,we will get something like :

image

Bingo! Now we see something comprehensible.

On close examination we see values like

SIDDHJ

, which is the userid with which I logged onto the Portal,then we see the method used for authentication onto
our WAS on which the BSP application is hosted as

basic authentication

,we see the SYSTEM ID of Ticket Issuing Portal server as

NWS

,we see the expiry
time/validity of ticket as

200510220946

.(YYYYMMDDHHMM)
But, still we need to separate the values, to generalize the way in which we get the userid etc. in some variable.
I was unable to split up the string in this format, so I decided to do some more processing on it.
We can use another method of the class CL_HTTP_UTLITY as:

CALL METHOD utility->escape_url
EXPORTING
unescaped = cookie
RECEIVING
escaped = cookie.

We get something like:

image

Now we use the SPLIT statement to break the string and to get details,say userid.So we use :

SPLIT cookie AT 'portal%3a' INTO temp username.
SPLIT username at '%88' into username temp.

Finally the page attribute username contains the UserID of the Portal user logged in.
After doing this, we can do some cleaning to our code.
Instead of using document.cookie,we would use


function ReadCookie()

{

var cookiename = “MYSAPSSO2”;

var cookiestring=””+document.cookie;

var index1=cookiestring.indexOf(cookiename);

if (index1==-1 || cookiename==””) return “”;

var index2=cookiestring.indexOf(‘;’,index1);

if (index2==-1) index2=cookiestring.length;

document.formAccnt.ip1.value = unescape(cookiestring.substring(index1cookiename.length1,

More details on using the Appintegrator can be had from the How To.. document on SDN

How To Use The AppIntegrator

But the Appintegrator uses GET method for passing parameters,so it may not be a very secure way of passing sensitive information.</p>

So,we can choose the method depending upon our requirement,as to what needs to be done-Read the Ticket or simply pass parameters from iViews.

To report this post you need to login first.

39 Comments

You must be Logged on to comment or reply to a post.

  1. Valery Silaev
    Hi,

    I’m not familiar with ABAP / BSP programming, but in WebDynpro for Java this looks as a 2-liner code using UME (User Management Engine) API:

    // ——-
    final IWDClientUser clientUser
      = WDClientUser.forceLoggedInClientUser();

    final String ticket = (String)
      clientUser.getSAPUser().getTransientAttribute
      (
        IPrincipal.DEFAULT_NAMESPACE,
        “MYSAPSSO2_STRING”
      );
    // ——
    AFAIK, almost the same is possible within portlets.

    Does BSP applications _in fact_ require so extraordinary hacks???

    VS

    (0) 
      1. Siddhartha Jain Post author
        HI Valery,
        Adding On,As is mentioned in the introduction of the Blog about the discussion on reading the MYSAPSSO2 cookie in BSP,the link to the discussion[url]Re: EP user credentials as attributes of BSP[/url],apart from some other posts i found on searching the forums as
        [url]Re: MYSAPSSO2[/url]
        and [url]Re: Portal COOKIE[/url] ,
        and
        [url]Re: Get Session-Id of Cookie MYSAPSSO2[/url].
        These links directly/indirectly refer to the problem SDN’ers Have to Read the MYSAPSSO2 cookie in BSP/ABAP.
        This Blog provides just a simple approach on how to handle the cookie in BSP,whats inside it(and whats not) and not any “Extraordinary Hack”.
        The rest is left upto the developers to explore and use.
        Hope that satisfies your question.
        Regards,
        Siddhartha
        (0) 
        1. santosh kadam

          Hi Siddharth,Héù„fú�™ëÐ, Y«ÿö}F<P!PWÒ\³K ¬¥¨Jè ˜á±ËÿÛX †1‚ `0‚ \   0 0 1 0  U    C11  0       +      ]0       *†H†÷       1       *†H†÷   0       *†H†÷       1  051128062403Z0#      *†H†÷       1   ÿÛ_3£ÚQGVÿÙü‘(0ÂȪâš0ݹ0�¦  +    0�œ A “õ\µ”‘©€ )o.º±]zŒ�Î&J     ÿýŸnTCmê cbÿÛTºõ¯ÿÛRf” Ð ÿöÖÛF¨ãÿýŸ@ ýó1m˜Zl      â;P!P ÎÁh¶wV=�  y öaåàZÐ$ ±›ø¤Û¦|tM†i[(¯S  Ь0ç ±yÖE…0 ½Ç¥¶´Z1ÄÿgÝ ¡üŽH Í¢C�RÿÛ[•çL†?F=‰ž�Bó Ð!ÿýµóºIÕ\ %î”@ …Ôq¹ ½{    F¼}ÔbÒ„zh„» ž)Ù È 6<br/><br/><br/>   and cookiedecoded field is displaying:<br/><br/>%021100%01%00%0cNHRAVP000300%02%00%03400%03%00%08Q47+++%04%00%0c200511280624%05%00%04%00%00%00%3c%06%00%01X%09%00%01E%0a%00%0cNHRAVP000300%0b%00%03Q47%0c%00%08Q47+++%0d%00%0c200511280624%0e%00%00%ffg%f0E%c3%08E%80%60%92%a8d%88op%d0%10p%2a%08D%93%08DP%10%13%10%b3%00%90%60R%b0%e00%21%a0P%03%00%b0%60%92%a8d%88op%d0%10p%1a%08%2c%03%08%2b%c3%08%1d%d0%10%03%08%1a%60%60R%b0%e00%21%b3%08%19%c0%24%10%12%2fU%cbR)%1a%98%01%c2%96%f2%eb%ab%15%d7%a8%c8%1c%e2d%a0%92%ff%d9%f6%e5D6%de%a2%066%ff%fd%b5K%afZ%ff%fd%b5%26i%40%7d%01%27%ffmm%b4j%80%de%3b%ff%d9%f4%00%7f%df3%16%d9%85%a6%c0%f0%9e%23%b5%02%15%01%40%dc%ea%dc%16%8bguc%d9%d1%81%07%91%cff%1e%5e%05%ad%02%40%7b%19%bf%8aM%bag%c7D%d8f%95%b2%8a%f50%e0%3d%0a%c3%0eq%bb%17%9d%60%d4XS%00[%dcz[%60%dbE%a3%1c%ff%f6%7d%d1Z%1f%c8%e4%8a%0c%da%249%05%ff%fd%b5%b9%5et%c8c%f2%b4c%d8%99%e90%0e1%0c0%0a%06%03U%04%03%13%03C110%1e%17%0d971001000000Z%17%0d380101000000Z0%0e1%0c0%0a%06%03U%04%03%13%03C110%81%ee0%81%a6%06%05%2b%0e%03%02%1b0%81%9c%02A%01%22%f5%5c%b5%22%91%a9%80%1c)o%2e%ba%b1]z%8c%81%ce%26J%09%23%f6%e5D6%de%a2%066%23%e4%ba%f5%af%7e%26i%40%7d%01%27%fa%dbF%a8%0d%e3%ff%d9%ff%40%ff%fd%9f%df3%16%d9%85%a6%c0%f0%9e%23%b5%02%15%01%40%dc%ea%dc%16%8bguc%d9%d1%81%07%91%cff%1e%5e%05%ad%02%40%7b%19%ff%d9%f8%a4%db%a6%7ctM%86i[(%afS%0e%03%d0%ac0%e7%1b%b1y%d6%0dE%850%05%bd%c7%a5%b6%0d%b4Z1%c4%fd%d1Z%1f%c8%e4%8a%0c%da%249%05%23%eb%95%e7L%86%ff%d9%f2%b4c%d8%99%e9%03C%00%02%40%0c%5c%f5r%f79i%16%cdO%b0%a9%b0%08%1d%23%b6%0aF%e5%11%40h%18%dc%c6j%23N%8e%8d%a6%15%98%e4%e9e%e1%0e%ca%13%08%b0%0e%b6%cfsG%ffg%c9%e84OT%3dOqpl[-%a9%9d%f0%93%08%1a%60%60R%b0%e00%21%b3%08%19%c0%24%10%12%2fU%cbR)%1a%98%01%c2%96%f2%eb%ab%15%d7%a8%c8%1c%e2d%a0%92%ff%d9%f6%e5D6%de%a2%066%ff%fd%b5K%afZ%ff%fd%b5%26i%40%7d%01%27%ffmm%b4j%80%de%3b%ff%d9%f4%00%7f%df3%16%d9%85%a6%c0%f0%9e%23%b5%02%15%01%40%dc%ea%dc%16%8bguc%d9%d1%81%07%91%cff%1e%5e%05%ad%02%40%7b%19%bf%8aM%bag%c7D%d8f%95%b2%8a%f50%e0%3d%0a%c3%0eq%bb%17%9d%60%d4XS%00[%dcz[%60%dbE%a3%1c%ff%f6%7d%d1Z%1f%c8%e4%8a%0c%da%249%05%ff%fd%b5%b9%5et%c8c%f2%b4c%d8%99%e9%030%000-%02%14L%3eH%e9%f9%84f%fa%9d%99%eb%d0%2c%03Y%ab%ff%f6%7dF%3cP%21P%0aW%d2%5c%b3K%a0%ac%a5%a8J%e8%01%98%e1%b1%cb%ff%dbX%10%861%82%01%600%82%01%5c%02%01%010%130%0e1%0c0%0a%06%03U%04%03%13%03C11%02%01%000%09%06%05%2b%0e%03%02%1a%05%00%a0]0%18%06%09%2a%86H%86%f7%0d%01%09%031%0b%06%09%2a%86H%86%f7%0d%01%07%010%1c%06%09%2a%86H%86%f7%0d%01%09%051%0f%17%0d051128062403Z0%23%06%09%2a%86H%86%f7%0d%01%09%041%16%04%14%ff%db_3%a3%daQGV%ff%d9%fc%91(0%c2%c8%aa%e2%9a0%dd%b90%81%a6%06%05%2b%0e%03%02%1b0%81%9c%02A%01%22%f5%5c%b5%22%91%a9%80%1c)o%2e%ba%b1]z%8c%81%ce%26J%09%ff%fd%9fnTCm%eacb%ff%dbT%ba%f5%af%ff%dbRf%94%07%d0%12%ff%f6%d6%dbF%a8%0d%e3%ff%fd%9f%40%07%fd%f31m%98Zl%0f%09%e2%3bP%21P%14%0d%ce%ad%c1h%b6wV%3d%9d%18%10y%1c%f6a%e5%e0Z%d0%24%07%b1%9b%f8%a4%db%a6%7ctM%86i[(%afS%0e%03%d0%ac0%e7%1b%b1y%d6%0dE%850%05%bd%c7%a5%b6%0d%b4Z1%c4%ffg%dd%15%a1%fc%8eH%a0%cd%a2C%90R%ff%db[%95%e7L%86%3f%2bF%3d%89%9e%90B%f3%02%d0%21%ff%fd%b5%f3%baI%d5%5c%12%25%00%ee%94%40%02%85%d4q%b9%19%bd%7b%02%15%01%07F%bc%7d%d4b%d2%84zh%84%bb%08%9e)%d9%a0%c8%0c6<br/><br/><br/>      As can be seen from both the fields, the output contains R/3 username nhrvap000300 but nowhere does it display portal username dineshpande.<br/><br/>      Kindly inform me the problem in this case.<br/><br/>Thanks and Regards,<br/><br/>Santosh Kadam<br/>

          (0) 
            1. santosh kadam
              Hi Siddharth and Raja,

                    I tried using the USER PARAMETER of the iview and it worked.

                    Keep up the good work.

                    Thanks for the help.

              Regards,

              Santosh Kadam

              (0) 
          1. Siddhartha Jain Post author
            Hi Kadam,
            I have tried this code on many systems running EP6 SP9 and a lower Service Pack also,but didn’t get this problem.i’m not sure why this is happening.
            In the link Single Sign-On with SAP Logon Tickets ,it is mentioned that in the ticket we get the Portal userID and at least one mapped user id,Can you please mail me the contents of the mysapsso2 cookie(document.cookie) at jain.siddharthja@hcltech.com.
            Also,what is your EP version?
            User mapping is done by the end user or by administrator?
            nhrvap000300 is a R/3 user only and not in EP?
            If you compare the output with the output i got,you’l notice that the Authentication scheme  chosen is chosen,in my case,as displayed by the cookie as BASIC Authentication,whereas in your case,nothing is shown.
            Have you selected User Mapping using UID/Password for your system?
            Regards,
            Siddhartha
            (0) 
            1. Siddhartha Jain Post author
              HI,
              We can use the App integrator for passing user data if you just want that,as raja has pointed out and as mentioned in the Blog.
              But we should find out the cause for not getting the EP userid in BSP.
              Kadam,my mail ID would be
              jain.siddhartha@hcltech.com
              sorry,it got mis-typed in the previous post.
              Regards,
              Siddhartha
              (0) 
    1. Siddhartha Jain Post author
      Hi Valery,
      In Java/Web Dynpro for Java,it may be easy to Read the Cookie using the API provided,but in BSP/ABAP there is no such API.
      Moreover,this Blog is not just about getting the userid of User Logged in Into the Portal,but to explore the contents of the cookie,as it is meant for tasks like SSO,not just getting userid,for which i have mentioned using the Appintegrator variables as parameters,which requires no coding.
      If we have to validate the cookie,say for Expiration time or issuing System ,or do some Task based on these values in our application,we would have to Read it.
      Also,as raja already mentioned,in case of User mapping,to get the logged in user in Portal in BSP,reading the cookie would be the Solution.
      Regards,
      Siddhartha
      (0) 
      1. Valery Silaev
        First, congrats with becoming an SDN blogger 😉

        Next,
        “In Java/Web Dynpro for Java, it may be easy to Read the Cookie
          using the API provided,but in BSP/ABAP there is no such API”

        “Terrible” was addressed to this issue rather then your post content ;). If this functionality is lacking, then it is very big omission.

        And, finally, it is nothing wrong with reading cookies, but I prefer to avoid low(protocol)-level calls if high-level public API is available. Sadly, not a case here

        VS

        (0) 
  2. Valery Silaev
    Hi,

    I’m not familiar with ABAP / BSP programming, but in WebDynpro for Java this looks as a 2-liner code using UME (User Management Engine) API:

    // ——-
    final IWDClientUser clientUser
      = WDClientUser.forceLoggedInClientUser();

    final String ticket = (String)
      clientUser.getSAPUser().getTransientAttribute
      (
        IPrincipal.DEFAULT_NAMESPACE,
        “MYSAPSSO2_STRING”
      );
    // ——
    AFAIK, almost the same is possible within portlets.

    Does BSP applications _in fact_ require so extraordinary hacks???

    VS

    (0) 
      1. Siddhartha Jain Post author
        HI Valery,
        Adding On,As is mentioned in the introduction of the Blog about the discussion on reading the MYSAPSSO2 cookie in BSP,the link to the discussion[url]Re: EP user credentials as attributes of BSP[/url],apart from some other posts i found on searching the forums as
        [url]Re: MYSAPSSO2[/url]
        and [url]Re: Portal COOKIE[/url] ,
        and
        [url]Re: Get Session-Id of Cookie MYSAPSSO2[/url].
        These links directly/indirectly refer to the problem SDN’ers Have to Read the MYSAPSSO2 cookie in BSP/ABAP.
        This Blog provides just a simple approach on how to handle the cookie in BSP,whats inside it(and whats not) and not any “Extraordinary Hack”.
        The rest is left upto the developers to explore and use.
        Hope that satisfies your question.
        Regards,
        Siddhartha
        (0) 
        1. santosh kadam

          Hi Siddharth,Héù„fú�™ëÐ, Y«ÿö}F<P!PWÒ\³K ¬¥¨Jè ˜á±ËÿÛX †1‚ `0‚ \   0 0 1 0  U    C11  0       +      ]0       *†H†÷       1       *†H†÷   0       *†H†÷       1  051128062403Z0#      *†H†÷       1   ÿÛ_3£ÚQGVÿÙü‘(0ÂȪâš0ݹ0�¦  +    0�œ A “õ\µ”‘©€ )o.º±]zŒ�Î&J     ÿýŸnTCmê cbÿÛTºõ¯ÿÛRf” Ð ÿöÖÛF¨ãÿýŸ@ ýó1m˜Zl      â;P!P ÎÁh¶wV=�  y öaåàZÐ$ ±›ø¤Û¦|tM†i[(¯S  Ь0ç ±yÖE…0 ½Ç¥¶´Z1ÄÿgÝ ¡üŽH Í¢C�RÿÛ[•çL†?F=‰ž�Bó Ð!ÿýµóºIÕ\ %î”@ …Ôq¹ ½{    F¼}ÔbÒ„zh„» ž)Ù È 6<br/><br/><br/>   and cookiedecoded field is displaying:<br/><br/>%021100%01%00%0cNHRAVP000300%02%00%03400%03%00%08Q47+++%04%00%0c200511280624%05%00%04%00%00%00%3c%06%00%01X%09%00%01E%0a%00%0cNHRAVP000300%0b%00%03Q47%0c%00%08Q47+++%0d%00%0c200511280624%0e%00%00%ffg%f0E%c3%08E%80%60%92%a8d%88op%d0%10p%2a%08D%93%08DP%10%13%10%b3%00%90%60R%b0%e00%21%a0P%03%00%b0%60%92%a8d%88op%d0%10p%1a%08%2c%03%08%2b%c3%08%1d%d0%10%03%08%1a%60%60R%b0%e00%21%b3%08%19%c0%24%10%12%2fU%cbR)%1a%98%01%c2%96%f2%eb%ab%15%d7%a8%c8%1c%e2d%a0%92%ff%d9%f6%e5D6%de%a2%066%ff%fd%b5K%afZ%ff%fd%b5%26i%40%7d%01%27%ffmm%b4j%80%de%3b%ff%d9%f4%00%7f%df3%16%d9%85%a6%c0%f0%9e%23%b5%02%15%01%40%dc%ea%dc%16%8bguc%d9%d1%81%07%91%cff%1e%5e%05%ad%02%40%7b%19%bf%8aM%bag%c7D%d8f%95%b2%8a%f50%e0%3d%0a%c3%0eq%bb%17%9d%60%d4XS%00[%dcz[%60%dbE%a3%1c%ff%f6%7d%d1Z%1f%c8%e4%8a%0c%da%249%05%ff%fd%b5%b9%5et%c8c%f2%b4c%d8%99%e90%0e1%0c0%0a%06%03U%04%03%13%03C110%1e%17%0d971001000000Z%17%0d380101000000Z0%0e1%0c0%0a%06%03U%04%03%13%03C110%81%ee0%81%a6%06%05%2b%0e%03%02%1b0%81%9c%02A%01%22%f5%5c%b5%22%91%a9%80%1c)o%2e%ba%b1]z%8c%81%ce%26J%09%23%f6%e5D6%de%a2%066%23%e4%ba%f5%af%7e%26i%40%7d%01%27%fa%dbF%a8%0d%e3%ff%d9%ff%40%ff%fd%9f%df3%16%d9%85%a6%c0%f0%9e%23%b5%02%15%01%40%dc%ea%dc%16%8bguc%d9%d1%81%07%91%cff%1e%5e%05%ad%02%40%7b%19%ff%d9%f8%a4%db%a6%7ctM%86i[(%afS%0e%03%d0%ac0%e7%1b%b1y%d6%0dE%850%05%bd%c7%a5%b6%0d%b4Z1%c4%fd%d1Z%1f%c8%e4%8a%0c%da%249%05%23%eb%95%e7L%86%ff%d9%f2%b4c%d8%99%e9%03C%00%02%40%0c%5c%f5r%f79i%16%cdO%b0%a9%b0%08%1d%23%b6%0aF%e5%11%40h%18%dc%c6j%23N%8e%8d%a6%15%98%e4%e9e%e1%0e%ca%13%08%b0%0e%b6%cfsG%ffg%c9%e84OT%3dOqpl[-%a9%9d%f0%93%08%1a%60%60R%b0%e00%21%b3%08%19%c0%24%10%12%2fU%cbR)%1a%98%01%c2%96%f2%eb%ab%15%d7%a8%c8%1c%e2d%a0%92%ff%d9%f6%e5D6%de%a2%066%ff%fd%b5K%afZ%ff%fd%b5%26i%40%7d%01%27%ffmm%b4j%80%de%3b%ff%d9%f4%00%7f%df3%16%d9%85%a6%c0%f0%9e%23%b5%02%15%01%40%dc%ea%dc%16%8bguc%d9%d1%81%07%91%cff%1e%5e%05%ad%02%40%7b%19%bf%8aM%bag%c7D%d8f%95%b2%8a%f50%e0%3d%0a%c3%0eq%bb%17%9d%60%d4XS%00[%dcz[%60%dbE%a3%1c%ff%f6%7d%d1Z%1f%c8%e4%8a%0c%da%249%05%ff%fd%b5%b9%5et%c8c%f2%b4c%d8%99%e9%030%000-%02%14L%3eH%e9%f9%84f%fa%9d%99%eb%d0%2c%03Y%ab%ff%f6%7dF%3cP%21P%0aW%d2%5c%b3K%a0%ac%a5%a8J%e8%01%98%e1%b1%cb%ff%dbX%10%861%82%01%600%82%01%5c%02%01%010%130%0e1%0c0%0a%06%03U%04%03%13%03C11%02%01%000%09%06%05%2b%0e%03%02%1a%05%00%a0]0%18%06%09%2a%86H%86%f7%0d%01%09%031%0b%06%09%2a%86H%86%f7%0d%01%07%010%1c%06%09%2a%86H%86%f7%0d%01%09%051%0f%17%0d051128062403Z0%23%06%09%2a%86H%86%f7%0d%01%09%041%16%04%14%ff%db_3%a3%daQGV%ff%d9%fc%91(0%c2%c8%aa%e2%9a0%dd%b90%81%a6%06%05%2b%0e%03%02%1b0%81%9c%02A%01%22%f5%5c%b5%22%91%a9%80%1c)o%2e%ba%b1]z%8c%81%ce%26J%09%ff%fd%9fnTCm%eacb%ff%dbT%ba%f5%af%ff%dbRf%94%07%d0%12%ff%f6%d6%dbF%a8%0d%e3%ff%fd%9f%40%07%fd%f31m%98Zl%0f%09%e2%3bP%21P%14%0d%ce%ad%c1h%b6wV%3d%9d%18%10y%1c%f6a%e5%e0Z%d0%24%07%b1%9b%f8%a4%db%a6%7ctM%86i[(%afS%0e%03%d0%ac0%e7%1b%b1y%d6%0dE%850%05%bd%c7%a5%b6%0d%b4Z1%c4%ffg%dd%15%a1%fc%8eH%a0%cd%a2C%90R%ff%db[%95%e7L%86%3f%2bF%3d%89%9e%90B%f3%02%d0%21%ff%fd%b5%f3%baI%d5%5c%12%25%00%ee%94%40%02%85%d4q%b9%19%bd%7b%02%15%01%07F%bc%7d%d4b%d2%84zh%84%bb%08%9e)%d9%a0%c8%0c6<br/><br/><br/>      As can be seen from both the fields, the output contains R/3 username nhrvap000300 but nowhere does it display portal username dineshpande.<br/><br/>      Kindly inform me the problem in this case.<br/><br/>Thanks and Regards,<br/><br/>Santosh Kadam<br/>

          (0) 
            1. santosh kadam
              Hi Siddharth and Raja,

                    I tried using the USER PARAMETER of the iview and it worked.

                    Keep up the good work.

                    Thanks for the help.

              Regards,

              Santosh Kadam

              (0) 
          1. Siddhartha Jain Post author
            Hi Kadam,
            I have tried this code on many systems running EP6 SP9 and a lower Service Pack also,but didn’t get this problem.i’m not sure why this is happening.
            In the link Single Sign-On with SAP Logon Tickets ,it is mentioned that in the ticket we get the Portal userID and at least one mapped user id,Can you please mail me the contents of the mysapsso2 cookie(document.cookie) at jain.siddharthja@hcltech.com.
            Also,what is your EP version?
            User mapping is done by the end user or by administrator?
            nhrvap000300 is a R/3 user only and not in EP?
            If you compare the output with the output i got,you’l notice that the Authentication scheme  chosen is chosen,in my case,as displayed by the cookie as BASIC Authentication,whereas in your case,nothing is shown.
            Have you selected User Mapping using UID/Password for your system?
            Regards,
            Siddhartha
            (0) 
            1. Siddhartha Jain Post author
              HI,
              We can use the App integrator for passing user data if you just want that,as raja has pointed out and as mentioned in the Blog.
              But we should find out the cause for not getting the EP userid in BSP.
              Kadam,my mail ID would be
              jain.siddhartha@hcltech.com
              sorry,it got mis-typed in the previous post.
              Regards,
              Siddhartha
              (0) 
    1. Siddhartha Jain Post author
      Hi Valery,
      In Java/Web Dynpro for Java,it may be easy to Read the Cookie using the API provided,but in BSP/ABAP there is no such API.
      Moreover,this Blog is not just about getting the userid of User Logged in Into the Portal,but to explore the contents of the cookie,as it is meant for tasks like SSO,not just getting userid,for which i have mentioned using the Appintegrator variables as parameters,which requires no coding.
      If we have to validate the cookie,say for Expiration time or issuing System ,or do some Task based on these values in our application,we would have to Read it.
      Also,as raja already mentioned,in case of User mapping,to get the logged in user in Portal in BSP,reading the cookie would be the Solution.
      Regards,
      Siddhartha
      (0) 
      1. Valery Silaev
        First, congrats with becoming an SDN blogger 😉

        Next,
        “In Java/Web Dynpro for Java, it may be easy to Read the Cookie
          using the API provided,but in BSP/ABAP there is no such API”

        “Terrible” was addressed to this issue rather then your post content ;). If this functionality is lacking, then it is very big omission.

        And, finally, it is nothing wrong with reading cookies, but I prefer to avoid low(protocol)-level calls if high-level public API is available. Sadly, not a case here

        VS

        (0) 
  3. Valery Silaev
    Hi,

    I’m not familiar with ABAP / BSP programming, but in WebDynpro for Java this looks as a 2-liner code using UME (User Management Engine) API:

    // ——-
    final IWDClientUser clientUser
      = WDClientUser.forceLoggedInClientUser();

    final String ticket = (String)
      clientUser.getSAPUser().getTransientAttribute
      (
        IPrincipal.DEFAULT_NAMESPACE,
        “MYSAPSSO2_STRING”
      );
    // ——
    AFAIK, almost the same is possible within portlets.

    Does BSP applications _in fact_ require so extraordinary hacks???

    VS

    (0) 
      1. Siddhartha Jain Post author
        HI Valery,
        Adding On,As is mentioned in the introduction of the Blog about the discussion on reading the MYSAPSSO2 cookie in BSP,the link to the discussion[url]Re: EP user credentials as attributes of BSP[/url],apart from some other posts i found on searching the forums as
        [url]Re: MYSAPSSO2[/url]
        and [url]Re: Portal COOKIE[/url] ,
        and
        [url]Re: Get Session-Id of Cookie MYSAPSSO2[/url].
        These links directly/indirectly refer to the problem SDN’ers Have to Read the MYSAPSSO2 cookie in BSP/ABAP.
        This Blog provides just a simple approach on how to handle the cookie in BSP,whats inside it(and whats not) and not any “Extraordinary Hack”.
        The rest is left upto the developers to explore and use.
        Hope that satisfies your question.
        Regards,
        Siddhartha
        (0) 
        1. santosh kadam

          Hi Siddharth,Héù„fú�™ëÐ, Y«ÿö}F<P!PWÒ\³K ¬¥¨Jè ˜á±ËÿÛX †1‚ `0‚ \   0 0 1 0  U    C11  0       +      ]0       *†H†÷       1       *†H†÷   0       *†H†÷       1  051128062403Z0#      *†H†÷       1   ÿÛ_3£ÚQGVÿÙü‘(0ÂȪâš0ݹ0�¦  +    0�œ A “õ\µ”‘©€ )o.º±]zŒ�Î&J     ÿýŸnTCmê cbÿÛTºõ¯ÿÛRf” Ð ÿöÖÛF¨ãÿýŸ@ ýó1m˜Zl      â;P!P ÎÁh¶wV=�  y öaåàZÐ$ ±›ø¤Û¦|tM†i[(¯S  Ь0ç ±yÖE…0 ½Ç¥¶´Z1ÄÿgÝ ¡üŽH Í¢C�RÿÛ[•çL†?F=‰ž�Bó Ð!ÿýµóºIÕ\ %î”@ …Ôq¹ ½{    F¼}ÔbÒ„zh„» ž)Ù È 6<br/><br/><br/>   and cookiedecoded field is displaying:<br/><br/>%021100%01%00%0cNHRAVP000300%02%00%03400%03%00%08Q47+++%04%00%0c200511280624%05%00%04%00%00%00%3c%06%00%01X%09%00%01E%0a%00%0cNHRAVP000300%0b%00%03Q47%0c%00%08Q47+++%0d%00%0c200511280624%0e%00%00%ffg%f0E%c3%08E%80%60%92%a8d%88op%d0%10p%2a%08D%93%08DP%10%13%10%b3%00%90%60R%b0%e00%21%a0P%03%00%b0%60%92%a8d%88op%d0%10p%1a%08%2c%03%08%2b%c3%08%1d%d0%10%03%08%1a%60%60R%b0%e00%21%b3%08%19%c0%24%10%12%2fU%cbR)%1a%98%01%c2%96%f2%eb%ab%15%d7%a8%c8%1c%e2d%a0%92%ff%d9%f6%e5D6%de%a2%066%ff%fd%b5K%afZ%ff%fd%b5%26i%40%7d%01%27%ffmm%b4j%80%de%3b%ff%d9%f4%00%7f%df3%16%d9%85%a6%c0%f0%9e%23%b5%02%15%01%40%dc%ea%dc%16%8bguc%d9%d1%81%07%91%cff%1e%5e%05%ad%02%40%7b%19%bf%8aM%bag%c7D%d8f%95%b2%8a%f50%e0%3d%0a%c3%0eq%bb%17%9d%60%d4XS%00[%dcz[%60%dbE%a3%1c%ff%f6%7d%d1Z%1f%c8%e4%8a%0c%da%249%05%ff%fd%b5%b9%5et%c8c%f2%b4c%d8%99%e90%0e1%0c0%0a%06%03U%04%03%13%03C110%1e%17%0d971001000000Z%17%0d380101000000Z0%0e1%0c0%0a%06%03U%04%03%13%03C110%81%ee0%81%a6%06%05%2b%0e%03%02%1b0%81%9c%02A%01%22%f5%5c%b5%22%91%a9%80%1c)o%2e%ba%b1]z%8c%81%ce%26J%09%23%f6%e5D6%de%a2%066%23%e4%ba%f5%af%7e%26i%40%7d%01%27%fa%dbF%a8%0d%e3%ff%d9%ff%40%ff%fd%9f%df3%16%d9%85%a6%c0%f0%9e%23%b5%02%15%01%40%dc%ea%dc%16%8bguc%d9%d1%81%07%91%cff%1e%5e%05%ad%02%40%7b%19%ff%d9%f8%a4%db%a6%7ctM%86i[(%afS%0e%03%d0%ac0%e7%1b%b1y%d6%0dE%850%05%bd%c7%a5%b6%0d%b4Z1%c4%fd%d1Z%1f%c8%e4%8a%0c%da%249%05%23%eb%95%e7L%86%ff%d9%f2%b4c%d8%99%e9%03C%00%02%40%0c%5c%f5r%f79i%16%cdO%b0%a9%b0%08%1d%23%b6%0aF%e5%11%40h%18%dc%c6j%23N%8e%8d%a6%15%98%e4%e9e%e1%0e%ca%13%08%b0%0e%b6%cfsG%ffg%c9%e84OT%3dOqpl[-%a9%9d%f0%93%08%1a%60%60R%b0%e00%21%b3%08%19%c0%24%10%12%2fU%cbR)%1a%98%01%c2%96%f2%eb%ab%15%d7%a8%c8%1c%e2d%a0%92%ff%d9%f6%e5D6%de%a2%066%ff%fd%b5K%afZ%ff%fd%b5%26i%40%7d%01%27%ffmm%b4j%80%de%3b%ff%d9%f4%00%7f%df3%16%d9%85%a6%c0%f0%9e%23%b5%02%15%01%40%dc%ea%dc%16%8bguc%d9%d1%81%07%91%cff%1e%5e%05%ad%02%40%7b%19%bf%8aM%bag%c7D%d8f%95%b2%8a%f50%e0%3d%0a%c3%0eq%bb%17%9d%60%d4XS%00[%dcz[%60%dbE%a3%1c%ff%f6%7d%d1Z%1f%c8%e4%8a%0c%da%249%05%ff%fd%b5%b9%5et%c8c%f2%b4c%d8%99%e9%030%000-%02%14L%3eH%e9%f9%84f%fa%9d%99%eb%d0%2c%03Y%ab%ff%f6%7dF%3cP%21P%0aW%d2%5c%b3K%a0%ac%a5%a8J%e8%01%98%e1%b1%cb%ff%dbX%10%861%82%01%600%82%01%5c%02%01%010%130%0e1%0c0%0a%06%03U%04%03%13%03C11%02%01%000%09%06%05%2b%0e%03%02%1a%05%00%a0]0%18%06%09%2a%86H%86%f7%0d%01%09%031%0b%06%09%2a%86H%86%f7%0d%01%07%010%1c%06%09%2a%86H%86%f7%0d%01%09%051%0f%17%0d051128062403Z0%23%06%09%2a%86H%86%f7%0d%01%09%041%16%04%14%ff%db_3%a3%daQGV%ff%d9%fc%91(0%c2%c8%aa%e2%9a0%dd%b90%81%a6%06%05%2b%0e%03%02%1b0%81%9c%02A%01%22%f5%5c%b5%22%91%a9%80%1c)o%2e%ba%b1]z%8c%81%ce%26J%09%ff%fd%9fnTCm%eacb%ff%dbT%ba%f5%af%ff%dbRf%94%07%d0%12%ff%f6%d6%dbF%a8%0d%e3%ff%fd%9f%40%07%fd%f31m%98Zl%0f%09%e2%3bP%21P%14%0d%ce%ad%c1h%b6wV%3d%9d%18%10y%1c%f6a%e5%e0Z%d0%24%07%b1%9b%f8%a4%db%a6%7ctM%86i[(%afS%0e%03%d0%ac0%e7%1b%b1y%d6%0dE%850%05%bd%c7%a5%b6%0d%b4Z1%c4%ffg%dd%15%a1%fc%8eH%a0%cd%a2C%90R%ff%db[%95%e7L%86%3f%2bF%3d%89%9e%90B%f3%02%d0%21%ff%fd%b5%f3%baI%d5%5c%12%25%00%ee%94%40%02%85%d4q%b9%19%bd%7b%02%15%01%07F%bc%7d%d4b%d2%84zh%84%bb%08%9e)%d9%a0%c8%0c6<br/><br/><br/>      As can be seen from both the fields, the output contains R/3 username nhrvap000300 but nowhere does it display portal username dineshpande.<br/><br/>      Kindly inform me the problem in this case.<br/><br/>Thanks and Regards,<br/><br/>Santosh Kadam<br/>

          (0) 
            1. santosh kadam
              Hi Siddharth and Raja,

                    I tried using the USER PARAMETER of the iview and it worked.

                    Keep up the good work.

                    Thanks for the help.

              Regards,

              Santosh Kadam

              (0) 
          1. Siddhartha Jain Post author
            Hi Kadam,
            I have tried this code on many systems running EP6 SP9 and a lower Service Pack also,but didn’t get this problem.i’m not sure why this is happening.
            In the link Single Sign-On with SAP Logon Tickets ,it is mentioned that in the ticket we get the Portal userID and at least one mapped user id,Can you please mail me the contents of the mysapsso2 cookie(document.cookie) at jain.siddharthja@hcltech.com.
            Also,what is your EP version?
            User mapping is done by the end user or by administrator?
            nhrvap000300 is a R/3 user only and not in EP?
            If you compare the output with the output i got,you’l notice that the Authentication scheme  chosen is chosen,in my case,as displayed by the cookie as BASIC Authentication,whereas in your case,nothing is shown.
            Have you selected User Mapping using UID/Password for your system?
            Regards,
            Siddhartha
            (0) 
            1. Siddhartha Jain Post author
              HI,
              We can use the App integrator for passing user data if you just want that,as raja has pointed out and as mentioned in the Blog.
              But we should find out the cause for not getting the EP userid in BSP.
              Kadam,my mail ID would be
              jain.siddhartha@hcltech.com
              sorry,it got mis-typed in the previous post.
              Regards,
              Siddhartha
              (0) 
    1. Siddhartha Jain Post author
      Hi Valery,
      In Java/Web Dynpro for Java,it may be easy to Read the Cookie using the API provided,but in BSP/ABAP there is no such API.
      Moreover,this Blog is not just about getting the userid of User Logged in Into the Portal,but to explore the contents of the cookie,as it is meant for tasks like SSO,not just getting userid,for which i have mentioned using the Appintegrator variables as parameters,which requires no coding.
      If we have to validate the cookie,say for Expiration time or issuing System ,or do some Task based on these values in our application,we would have to Read it.
      Also,as raja already mentioned,in case of User mapping,to get the logged in user in Portal in BSP,reading the cookie would be the Solution.
      Regards,
      Siddhartha
      (0) 
      1. Valery Silaev
        First, congrats with becoming an SDN blogger 😉

        Next,
        “In Java/Web Dynpro for Java, it may be easy to Read the Cookie
          using the API provided,but in BSP/ABAP there is no such API”

        “Terrible” was addressed to this issue rather then your post content ;). If this functionality is lacking, then it is very big omission.

        And, finally, it is nothing wrong with reading cookies, but I prefer to avoid low(protocol)-level calls if high-level public API is available. Sadly, not a case here

        VS

        (0) 
  4. allan faure
    Hi,

    Your blog is very helpful, because there are lots of people that wonder how to read User Info Portal within BSP.

    Thank you for your good job.
    Best Regards.

    PS : Could you tell where you can find all the Global objects available in Portal, like “User” and “Request” in our case ?

    (0) 
    1. rajiv kasera
      Hi,

      I have to retrieve the userID from the MYSAPSSO2 cookie in a java servlet in a non-SAP application. The idea is to provide a link to the user once he has logged into the portal, which will take him to a non-sap web application. I am getting the cookie value, but not able to make sense out of it.

      please advise!!

      thanks,
      rajiv

      (0) 
  5. allan faure
    Hi,

    Your blog is very helpful, because there are lots of people that wonder how to read User Info Portal within BSP.

    Thank you for your good job.
    Best Regards.

    PS : Could you tell where you can find all the Global objects available in Portal, like “User” and “Request” in our case ?

    (0) 
    1. rajiv kasera
      Hi,

      I have to retrieve the userID from the MYSAPSSO2 cookie in a java servlet in a non-SAP application. The idea is to provide a link to the user once he has logged into the portal, which will take him to a non-sap web application. I am getting the cookie value, but not able to make sense out of it.

      please advise!!

      thanks,
      rajiv

      (0) 
  6. allan faure
    Hi,

    Your blog is very helpful, because there are lots of people that wonder how to read User Info Portal within BSP.

    Thank you for your good job.
    Best Regards.

    PS : Could you tell where you can find all the Global objects available in Portal, like “User” and “Request” in our case ?

    (0) 
    1. rajiv kasera
      Hi,

      I have to retrieve the userID from the MYSAPSSO2 cookie in a java servlet in a non-SAP application. The idea is to provide a link to the user once he has logged into the portal, which will take him to a non-sap web application. I am getting the cookie value, but not able to make sense out of it.

      please advise!!

      thanks,
      rajiv

      (0) 
  7. Max v. Weißenborn
    Hi,

    I am trying to use the same logic in my own BSP-Application, but the cookie is not delivered back. I am getting the values for  “sap-hostid”, “SAPWP_active”, “JESESSIONID”, “sap-ssolist” und “sap-usercontext” but not for MYSAPSSO2. I see that in the “content administration” the cookie is sent by the server. 
    We have a WebAS 7.0 with SAPKB70011.
    I heard rumors that in WebAS 7.0 a downgrade concerning the javascript functionality took place. Is that true?
    I am using a bsp-page with flow-logic as entrypage. The page is stateful and I am using the code that is mentioned in note 996854 to handle the session.

    Any help would be appreciated!

    Regards,
    Max

    (0) 
  8. Max v. Weißenborn
    Hi,

    I am trying to use the same logic in my own BSP-Application, but the cookie is not delivered back. I am getting the values for  “sap-hostid”, “SAPWP_active”, “JESESSIONID”, “sap-ssolist” und “sap-usercontext” but not for MYSAPSSO2. I see that in the “content administration” the cookie is sent by the server. 
    We have a WebAS 7.0 with SAPKB70011.
    I heard rumors that in WebAS 7.0 a downgrade concerning the javascript functionality took place. Is that true?
    I am using a bsp-page with flow-logic as entrypage. The page is stateful and I am using the code that is mentioned in note 996854 to handle the session.

    Any help would be appreciated!

    Regards,
    Max

    (0) 
  9. Max v. Weißenborn
    Hi,

    I am trying to use the same logic in my own BSP-Application, but the cookie is not delivered back. I am getting the values for  “sap-hostid”, “SAPWP_active”, “JESESSIONID”, “sap-ssolist” und “sap-usercontext” but not for MYSAPSSO2. I see that in the “content administration” the cookie is sent by the server. 
    We have a WebAS 7.0 with SAPKB70011.
    I heard rumors that in WebAS 7.0 a downgrade concerning the javascript functionality took place. Is that true?
    I am using a bsp-page with flow-logic as entrypage. The page is stateful and I am using the code that is mentioned in note 996854 to handle the session.

    Any help would be appreciated!

    Regards,
    Max

    (0) 

Leave a Reply