Skip to Content

Introduction

    I am frequently getting questions around the topic of Single Sign On between the ERP system and the     Duet J2EE Server, especially how to test if SSO is actually working. This blog shows you how you can test your SSO, and gives you some hints     on troubleshooting as well.    

Performing the SSO test

     In order to check SSO from the ERP system to the J2EE engine, here’s a list of steps you should follow in your backend system:    

       

  • Log on to the respective system via SAPGui    
  • Go to transaction se37
  •    

  • Enter the function module name /OSP/GET_RM_INFO
  •    

  • Press F8
  •    

  • Press F8 again
  •    

  • You should get a result screen that looks like this one:
  •    

    image   

If you do get this result and if you are not prompted for a username and password, SSO is working.     

Basic troubleshooting

    What should not happen if you execute this function module is that you are prompted for a username and password.

    image   

    If this happens, it means that the SSO does not work. Most probably, this is because the user that you used for logging on to the system via SAPGui and     executing the function module does not exist as a user in the User Management component of the J2EE server and therefore, the J2EE server rejects the     logon ticket which is sent for this user.

    On the server on which the Duet J2EE is running, you can see the incoming calls to the WebService RMWrapper from the function module using a network sniffer.    

POST /RMWrapper/Config1?style=document HTTP/1.1
content-type: text/xml; charset=utf-8
content-length: 841
accept-language: en
sap-language: E
soapaction: ""
accept: text/xml
sap-srt_id: 20080617/112912/v1.00_final_6.40/DD3C4FD6470C39F19250005056834B06
user-agent: SAP Web Application Server (1.0;700)
host: vmw2154.wdf.sap.corp:50000
accept-encoding: gzip
mysapsso2: AjQxMDMBABhEAE8ARQBTAE4AVABFAFgASQBTAFQAIAACAAYyADIANQADABBFADAANQAgACAAIAAgACAABAAYMgAwADAAOAAwADYAMQA3ADAAOQAyADkABwAEAAAAAggAAQEJAAJFAP8A9DCB8QYJKoZIhvcNAQcCoIHjMIHgAgEBMQswCQYFKw4DAhoFADALBgkqhkiG9w0BBwExgcAwgb0CAQEwEzAOMQwwCgYDVQQDEwNFMDUCAQAwCQYFKw4DAhoFAKBdMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTA4MDYxNzA5MjkxMlowIwYJKoZIhvcNAQkEMRYEFFYKosXYnJ7LrjFhX!vA8VmWgyDsMAkGByqGSM44BAMELjAsAhQ64Cxnbfo9HNo0r!peLxmz8VNbaQIUZOSAy0eZrC06uS2aCf3Y4Fa7Huc=
   

    In case the SSO is not working, you will see a response which says “HTTP/1.1 401 Unauthorized”.    

HTTP/1.1 401 Unauthorized
WWW-Authenticate: Basic realm="RMWrapper/Config1"
Connection: close
Pragma: no-cache
Cache-Control: no-cache
Expires: 0
Content-Type: text/html
Content-Length: 1790
Server: SAP J2EE Engine/6.40
Date: Tue, 17 Jun 2008 09:29:13 GMT
   

    In case SSO is working, you will see a response which says “HTTP/1.1 200 OK”.    

HTTP/1.1 200 OK
Set-Cookie: MYSAPSSO2=AjExMDAgABRwb3J0YWw6QWRtaW5pc3RyYXRvcogAB2RlZmF1bHQBAAACAAMwMDADAANFTUUEAAwyMDA4MDYxNzA5MzMFAAQAAAAICgAA%2FwD0MIHxBgkqhkiG9w0BBwKggeMwgeACAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHATGBwDCBvQIBATATMA4xDDAKBgNVBAMTA0VNRQIBADAJBgUrDgMCGgUAoF0wGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMDgwNjE3MDkzMzI0WjAjBgkqhkiG9w0BCQQxFgQU8E529yxCR53J5!cm73%2FdRuC4zTAwCQYHKoZIzjgEAwQuMCwCFAUWENcYzaKkEnjeA3ouWq8qmEcZAhQgVqSECCbRqSkIIIWhurnup52ckA%3D%3D;path=/;domain=.wdf.sap.corp;HttpOnly
Set-Cookie: JSESSIONID=(J2EE3754400)ID2063922750DB00306167964037588297End; Version=1; Domain=.wdf.sap.corp; Path=/
Set-Cookie: saplb_*=(J2EE3754400)3754450; Version=1; Path=/
Server: SAP J2EE Engine/6.40
Content-Type: text/xml; charset=UTF-8
Content-Length: 2083
Date: Tue, 17 Jun 2008 09:33:24 GMT
   

   

Further reading

    The following note provides you with the so called Web Diagtool, a nice tool to collect and analyze log information. You can use this one to get detailled     information in case you need to troubelshoot your SSO:

    Note 1045019 – Web diagtool for collecting traces

To report this post you need to login first.

Be the first to leave a comment

You must be Logged on to comment or reply to a post.

Leave a Reply