Skip to Content
Author's profile photo Former Member

[Web Dynpro ABAP] Password Reset with Email Authentication

This is a blog post showing how we can make use of Query String aka URL Parameters in Web Dynpro ABAP. Query String is useful for Web Dynpro that needs to be displayed dynamically based on the URL given e.g. URL link to Web Dynpro in email notifications (refer to previous post).

In the previous post, I mentioned that authorization check should be in place at the start of the Web Dynpro for security purposes. However, in some cases, authorization check may not be possible. In this blog, with Password Reset as an example, I am going to show you how we can create a Web Dynpro without such authorization check.

Business Scenario

A Web Dynpro that allows user to reset their SAP account’s password. Below is the authentication process for the password reset:

  1. User key in “User ID” and “Email Address”
  2. Web Dynpro verifies “User ID” and “Email Address”
  3. If correct, Web Dynpro will send an email to authenticate user
  4. User click on the URL link in the email to redirect them to the password reset page

Design Approach

First create a Web Dynpro with fields “User ID” and “Email Address” for user to key in.

Blog002 - Pic01.jpg

When user clicks on the “Submit” button, system will verify the User ID and Email Address against User Master or HR Master depend on your system design. When verified correct, system will generate an authentication key (in this case I used UUID) and append into a customized table for tracking. Below is the function module calling and code:

Blog002 - Pic02.jpg

FUNCTION z_su_reset_auth_table_insert .

*"----------------------------------------------------------------------

*"*"Local Interface:

*"  IMPORTING

*"     REFERENCE(USERNAME) TYPE  XUBNAME

*"  EXPORTING

*"     REFERENCE(UUID) TYPE  SYSUUID_C

*"  EXCEPTIONS

*"      INSERT_ERROR

*"----------------------------------------------------------------------

  DATA: ls_line   TYPE ztbsu008,

              lv_uname  TYPE xubname.

  lv_uname = username.

  SET LOCALE LANGUAGE 'E'.

  TRANSLATE lv_uname TO UPPER CASE.

  SET LOCALE LANGUAGE ' '.

  SELECT SINGLE * INTO ls_line

    FROM ztbsu008

    WHERE uname = lv_uname.

  IF sy-subrc = 0.  "Record already exist

    uuid = ls_line-uuid.

  ELSE.                  "Record not exist; Create record and UUID

    ls_line-uname = lv_uname.

    CALL FUNCTION 'SYSTEM_UUID_C_CREATE'

      IMPORTING

        uuid = ls_line-uuid.

    IF ls_line-uuid IS INITIAL.

      RAISE insert_error.

    ENDIF.

    MODIFY ztbsu008 FROM ls_line.

    IF sy-subrc <> 0.

      RAISE insert_error.

    ELSE.

      uuid = ls_line-uuid.

    ENDIF.

  ENDIF.

ENDFUNCTION.

Below is the customized table – Password Reset Authentication Table:

Blog002 - Pic03.jpg

Blog002 - Pic04.jpg

After authentication key is created and appended to the authentication table, system will email user with the URL and authentication key as one of the query string:

Blog002 - Pic05.jpg

Blog002 - Pic06.jpg

Example of the URL that user will receive:

Above URL links will open the Password Reset Web Dynpro application which will first call “HANDLEDEFAULT” method in the window. In this method, system will verify the username and authentication key against the authentication table. If action is “Y”, system will proceed to reset the password and unlock the account. Else if action is “N”, system will proceed to delete the record from the authentication table.

Blog002 - Pic07.jpg

METHOD handledefault .

  DATA: lv_action   TYPE c,

              lv_username TYPE xubname,

              lv_uuid     TYPE sysuuid-c,

              lv_exist    TYPE boolean.

  DATA lo_componentcontroller TYPE REF TO ig_componentcontroller .

  DATA lo_nd_message          TYPE REF TO if_wd_context_node.

  DATA lo_el_message          TYPE REF TO if_wd_context_element.

  DATA ls_message             TYPE wd_this->element_message.

  lv_action   = action.

  lv_username = username.

  lv_uuid     = uuid.

  "Check whether is Reset Request from email

  IF lv_action IS NOT INITIAL

    AND lv_username IS NOT INITIAL

    AND lv_uuid IS NOT INITIAL.

    "navigate from <CONTEXT> to <MESSAGE> via lead selection

    lo_nd_message = wd_context->get_child_node( name = wd_this->wdctx_message ).

    "get element via lead selection

    lo_el_message = lo_nd_message->get_element(  ).

    "Verify authenticity of Reset Request

    CALL FUNCTION 'Z_SU_RESET_AUTH_TABLE_VERIFY'

      EXPORTING

        username = lv_username

        uuid     = lv_uuid

      IMPORTING

        exist    = lv_exist.

IF lv_exist = abap_true. "Reset Request verify correct

      SET LOCALE LANGUAGE 'E'.

      TRANSLATE lv_action TO UPPER CASE.

      SET LOCALE LANGUAGE ' '.

      IF lv_action = 'Y'. "User click "YES" in email, process password reset

        "Reset Password

        wd_comp_controller->resetpassword( username = username ).

      ELSE. "User click "NO" in email, cancel password reset

        "Insert Cancel Audit Trail

        CALL FUNCTION 'Z_SU_RESET_AUDIT_TABLE_INSERT'

          EXPORTING

            username     = lv_username

            datestamp    = sy-datum

            timestamp    = sy-uzeit

            action       = 'C'

          EXCEPTIONS

            insert_error = 1

            OTHERS       = 2.

        "Delete record in Authentication table

        CALL FUNCTION 'Z_SU_RESET_AUTH_TABLE_DELETE'

          EXPORTING

            username = lv_username.

        ls_message-header = wd_assist->if_wd_component_assistance~get_text( 'RH3' ).

        ls_message-body   = wd_assist->if_wd_component_assistance~get_text( 'RS2' ).

        ls_message-showbackbutton = abap_true.

        ls_message-showtryagain   = abap_false.

        lo_el_message->set_static_attributes(

          EXPORTING

            static_attributes = ls_message ).

      ENDIF.

*--------------------------------------------------------------------*

    ELSE. "Reset Request verify wrong

      ls_message-header = wd_assist->if_wd_component_assistance~get_text( 'RH2' ).

      ls_message-body   = wd_assist->if_wd_component_assistance~get_text( 'RE3' ).

      ls_message-showbackbutton = abap_false.

      ls_message-showtryagain   = abap_true.

      lo_el_message->set_static_attributes(

        EXPORTING

          static_attributes = ls_message ).

    ENDIF.

    wd_this->fire_to_message_plg( ).

  ENDIF.

ENDMETHOD.

Once password is reset successfully, system will send the new password to the user email and VOILA, password reset with email authentication completed. šŸ˜Ž

Hope this blog post will give you a detailed idea on how to use Query String in Web Dynpro ABAP. Do feel free to share with us on how you use Query String for different scenarios. Cheers! šŸ™‚

Assigned Tags

      6 Comments
      You must be Logged on to comment or reply to a post.
      Author's profile photo David Seetao
      David Seetao

      I am searching for a solution that I could insert a "Forgot Your Password" link on the SAPGUI.  Once the user click on the button then it asks for some sort of verification, say UserID & Employee Number and then the password is reset and sent to the user. 

      Any suggestions?

      Author's profile photo Former Member
      Former Member

      Hi Yi Qing New thanks very much for the tutrials. This feature is very helpfull for CRM WEBUI users. Do you mind to explain some more details in the design aproach: how to create the default webdynpro screen with username and e-mail address + verification code when pressing submit?

      I am able to create the screens with input parameters and buttons, but the verification is quite hard.

      I hope you can help.

      Thanks and regards,

      Wouter



      Author's profile photo Dominic Thompson
      Dominic Thompson

      HI Yi Qing New, I just created a reset password application.  Thanks for your guidance.  But now I am having a issue trying to get the NWBC logon page access to the application without the user entering in there password.  If they don't know there password how can I get the link for the reset password to authenticate?

      Thanks

      Dominic Thompson

      Author's profile photo Dominic Thompson
      Dominic Thompson

      I think I figured it out.  The logon data for the new application needs to have a system user assigned to it in sicf.

      Thanks

      Author's profile photo KUMAR ANURAG
      KUMAR ANURAG

      DearĀ Former MemberĀ ,

      Thanks for the wonderful information shared.

      We are also doing same kind of activity. For that we need some support.

      What exactly we are verifying in - Verify authenticity of Reset Request and what was your approach forĀ Reset Password inĀ wd_comp_controller->resetpassword( username = username ) system generated password or self made password.

       

      Regards,

      Anurag

      Author's profile photo KUMAR ANURAG
      KUMAR ANURAG

      DearĀ Former MemberĀ ,

      Could you please guide how we get login in SAP with run time user name and UUID. When i am calling a webdynpro application for changing password this is asking me for user name and password.

      Could you please guide how to auto login with run time user and password. So that password can be generated and sent to user ID.

       

       

      Regards,

      Anurag