Sometimes things in your Alloy landscape just don’t want to behave like they should. One good start to find out what’s going on in your Alloy landscape is by checking the connections between AS Java and AS ABAP, as well as between AS Java and Lotus Domino Server.
Check connection from AS Java to AS ABAP
Alloy requires a trusted relation between AS Java and AS ABAP. Therefore both systems must exchange certificates during setup. We can use SAP NetWeaver Administrator to check whether the required trusted connection is working properly: Open SAP NetWeaver Administrator on your AS Java by entering:
in your Web browser.
SAP NetWeaver Administrator will show up. Click on Configuration and then on Trusted Systems to see all the systems your AS Java trusts.
In the given screenshot system E05 is our AS ABAP and we want to check whether we are still able to reach it. Click on Check Against Issuing System and select By Querying Issuing System.
Fill out the connection details on the pop up that will appear.
Afterwards press Next.
The AS Java will now try to connect to the AS ABAP and if this succeeds, it will verify the certificate.
This is what it looks like, if the trust is established correct and the communication
between AS Java and AS ABAP works fine.
<u>Check connection from AS ABAP to AS Java</u>
So knowing that the AS Java is able to call the AS ABAP is a good start. But is the ABAP also configured right that the Alloy components on the AS ABAP are also able to connect to the AS Java?
There’s a very simple way to find this out. Log on to your AS ABAP system and call transaction se37: The Function Builder.
Enter the Function Module: */OSP/GET_RM_INFO *
What this function module basically does is, connect to the AS Java and get all configured Alloy users and roles. So if that function module is working fine, all other Alloy parts on the AS ABAP are also doing fine in regards to the AS Java connection.
Press F8 twice and you should see a result like this:
6 Alloy roles and 171 Alloy users were successfully retrieved from the AS Java.
With that we can be pretty sure that the communication between AS Java and AS ABAP is doing fine. But what about the connection from AS Java to Lotus Domino where the Alloy Web Service is running?
<u>Check connection from AS Java to Lotus Domino</u>
Let’s see if the AS Java is able to call the Lotus Domino Server (_better:_ the Alloy Web Service Application via the HTTP Service running on the Lotus Domino).
Open the Visual Administrator of your AS Java.
Navigate down the tree: Server -> Services -> Destinations
Expand HTTP Destinations on the right side and select Domino.
This is the connection the AS Java uses for SAML authentication with the Lotus Domino Server. Click on Save and Test in order to perform a connection test.
The result should look like this
Even though the Content type null might scare you, it’s correct. If your response contains Content type text/html;charset=UTF=8 instead of *Content type null *
!https://weblogs.sdn.sap.com/weblogs/images/972/J2EE_SAML_ConnectionOK.jpg|height=118|alt=SAML User authentication failed|width=284|src=https://weblogs.sdn.sap.com/weblogs/images/972/J2EE_SAML_ConnectionOK.jpg|border=0!
AS Java was able to reach the Lotus Domino Server, but the SAML authentication failed. Make sure the username and password which are defined for this HTTP Domino connection are set correctly. The required user name here is the full qualified Alloy Domino User name as given during Alloy landscape setup.
In case the AS Java couldn’t get a connection to the Lotus Domino server at all, you’ll get an error message popup with some more details on what exactly went wrong.
In this case make sure the given URL is correct in the HTTP Domino destination. You could also try to ping the Lotus Domino host from the AS Java host to check the basic network connection.
Also try to call the Lotus Domino HTTP Service from the AS Java host via your Web browser. This should result in some Lotus Domino (or Lotus Sametime if installed) log in page.
<u>Check connection from Lotus Domino to AS Java</u></p><p style=”margin: 0cm 0cm 0pt” class=”MsoNormal”> </p><p style=”margin: 0cm 0cm 0pt” class=”MsoNormal”>The same connection test we just did from AS Java to the Lotus Domino could also be done from the Lotus Domino Server to AS Java. Like in the test before, we’ll also verify whether the SAML authentication from the Lotus Domino to the AS Java is setup correct.</p>Open a Web browser and enter the following URL:<br />http[s]://<DominoHost>:<DominoHTTPPort>//NDERPWs.nsf/TestSAMLService?openAgent&username=<Alloy SAP User> <p style=”margin: 0cm 0cm 0pt” class=”MsoNormal”> </p><p style=”margin: 0cm 0cm 0pt” class=”MsoNormal”>!https://weblogs.sdn.sap.com/weblogs/images/972/DOMINO_SAML_Check.jpg|height=1|alt=SAML Check|width=1|src=https://weblogs.sdn.sap.com/weblogs/images/972/DOMINO_SAML_Check.jpg|border=0!!https://weblogs.sdn.sap.com/weblogs/images/972/DOMINO_SAML_Check.jpg|height=400|alt=SAML Check|width=623|src=https://weblogs.sdn.sap.com/weblogs/images/972/DOMINO_SAML_Check.jpg|border=0! </p><p style=”margin: 0cm 0cm 0pt” class=”MsoNormal”> </p><p style=”margin: 0cm 0cm 0pt” class=”MsoNormal”><u>Heads up on this:</u> The username that is required in the URL parameter is the Alloy SAP User name created during Alloy setup on the AS ABAP. </p><p style=”margin: 0cm 0cm 0pt” class=”MsoNormal”>The user that is required for the Lotus Domino login, is the full qualified Alloy Domino user. Something like this</p><p style=”margin: 0cm 0cm 0pt” class=”MsoNormal”> </p><p style=”margin: 0cm 0cm 0pt” class=”MsoNormal”>!https://weblogs.sdn.sap.com/weblogs/images/972/DOMINO_SAML_OK.jpg|height=1|alt=SAML OK|width=1|src=https://weblogs.sdn.sap.com/weblogs/images/972/DOMINO_SAML_OK.jpg|border=0!!https://weblogs.sdn.sap.com/weblogs/images/972/DOMINO_SAML_OK.jpg|height=260|alt=SAML OK|width=700|src=https://weblogs.sdn.sap.com/weblogs/images/972/DOMINO_SAML_OK.jpg|border=0!</body>