Purpose - To provide custom authentication screen to access a web dynpro java application deployed on SAP portal. Whenever the application page is opened, instead of the standard SAP portal authentication/login page a custom view should be displayed bypassing the initial portal authentication screen. 

Business Requirement - When an employee applies for leave, an email is triggered to his superior requesting an action to be taken on the request. The approve / reject operation to be performed on the request is provided in the email itself. On taking either of the actions an iview should be opened which can authenticate the user based on portal credentials as well as capture remarks for taking the respective action. 

Approach - With the given process, if we use SAP portal’s standard authentication that pops up whenever any portal application is accessed, then it would have been a two step process for the end user.

1. Input the login id and password

"

2. Provide the remarks if necessary or mandatory and then submit the response.

To avoid additional efforts of user we have chosen the methodology of portal authentication using security api and thus achieving both authentication and remarks on single screen.

 Pre-requisite - A web dynpro application with at least one view to capture the login id, password and remarks.During application development the security API SDA (com.sap.security.api) should be added to list of used DCs User Ids should be maintained on portal server. 

Procedure

1. First we have to disable the default authentication of our web dynpro application. This will prevent the standard login screen from appearing.                                                               This can be achieved by setting the authentication parameter of application properties to false. Follow the steps given in below screenshots.

"

Go to the application properties tab of the application and click on new.

"  

Browse the parameter Authentication.

Set the value to FALSE.

2. Incorporate the code to use the security api of SDA. The login id and password captured on the custom view should be passed to the methods to check and confirm that the user exists in portal and the given credentials are correct.                                                                                   The code shown below does the following·         Validates login ID entered by user against existing set of valid portal logins (method .getUserAccountByLogonId)·         Validates password entered by user stored against the login ID validated in the previous step (method .checkPassword) 

import com.sap.security.api;   

IUserAccountFactory iuaf;    IUserAccount iua;  iuaf = UMFactory.getUserAccountFactory();      

iua = iuaf.getUserAccountByLogonId( “Pass the User ID provided as input by user” );