Skip to Content
Technical Articles
Author's profile photo Chander Kararia
Chander Kararia
April 8, 2019 7 minute read

Custom Login Module for SAP NetWeaver Portal 7.5

In this article, I will take you through with creating the custom login module for SAP NetWeaver Portal 7.5 version. Though you can find the details of the process on the help.sap.com but here you will get to know each step in more detailed and exemplary way.

Reason is, when I tried to search for myself, there were no such blog available (or at-least I could not find), so here is the one which would be useful for all.

 

Pre-requisites:

Since we will be creating and deploying custom login module (hereinafter referred to as clm) for Portal 7.5, we will be using the below combinations

Java SE Development Kit 8u201 (64 bit) (any other version will also work)

Download link: https://www.oracle.com/technetwork/java/javase/downloads/jdk8-downloads-2133151.html

Set JAVA_HOME environment variable

jar file (64 bit)

Download link: https://launchpad.support.sap.com/#/softwarecenter/search/java%2520connector visit this link and scroll until you find below mentioned. Obviously, you will need S Id and necessary download authorizations.

Unzip it and then within the unzipped folder go to javadoc -> intro.html. Open this file and then click on Installation link. There you will see all settings need to perform. Will look something like below.

Once environment variables are set as per above link, start command prompt and run following commands.

cd\

echo %classpath%                  (this should return you path of your sapjco3.jar file)

java -version                             (you should see that java is properly set now if below comes)

NWDS 7.5 SP 14 (any other SP level will also work)

Download link: https://wiki.scn.sap.com/wiki/display/Java/NWDS+Download+Links visit this link and bottom you will find 750 link. Obviously, you will need S Id and necessary download authorizations.

 

Building Code for Custom Login Module:

  • Open Developer Studio
  • Windows -> Preferences -> SAP AS Java

Add the SAP system here where you would like your code to deploy. Then click on ‘Apply and Close’.

  • Windows -> Preferences -> Installed JREs. Check here if developer studio is pointing to correct JRE.

  • Windows -> Preferences -> Build Path -> Classpath Variables. Check here if sapjco3.jar is referenced here. If not, add like below.

  • Go to NWDI Under Local Development -> My Components, create 3 development components of type Java, External Library, Enterprise Archive

In my case,

cpbwloginmodule -> is the java dc project

cpbwextlib -> is the external library dc project

cebwear -> is the enterprise archive dc project

  • Working on cpbwextlib
    • Add the below listed jar files to the libraries folder, build the project afterwards.com.sap.security_2.0.0.120131113424.jariaik_jce.jarsap.com~tc~je~clientlib~impl.jarsap.com~tc~logging~java~impl.jarsapjco3.jarservlet-api-2.5.jar

    • Go to Component Properties -> Public Parts tab and create 2 new public parts. One for assembly and another on for compilation.
    • Right click on assembly public part and select Manage Entities. Add all jar files to it. Repeat the same step for compile public part as well. You should see something like below. Also, set permissions as Unrestricted Access for both public parts.

    • Go to Permissions tab and set the Entity Forwarding Allowed checkbox as selected.

    • Build the dc again & done with this dc.
  • Work on cpbwloginmodule
    • Go to Component Properties -> Dependencies tab and add cpbwextlib (External Library project) as dependency to this project.

    • Within the project, create a java class which will hold all the code for your custom login module. In my case, it is like below.Imp: You can keep any name of the java class.Tip: You can use any standard file and customize it for your purpose. This way you will save time to write all root methods which you will need not to touch normally.

    • Right click on project and New -> Other -> XML file.Imp: You must keep the file name as LoginModuleConfiguration.xmlI have shared the basic structure of the file, but you need to provide display-name, class-name, description and any other option if you feel it is required. In my case, this was enough. You can search more on SCN for xml details. If possible, I will share the links 
      <?xml version="1.0" encoding="UTF-8"?><login-modules><!-- holds all login modules --><login-module><!-- describes one login module --><display-name></display-name><!-- holds the display name of the login module --><class-name></class-name><!-- holds the full path to the login module class --><description></description><!-- holds the description of the login module --><options><!-- holds all the options of the login module --><option><name>Rule1.AttributeName</name><value>CN</value></option><option><name>Rule1.getUserFrom</name><value>subjectName</value></option></options></login-module></login-modules>​
    • Build the project and then Export it as JAR file. You can create the JAR file within the project folder structure as below

    • Your project structure will look like something like this afterwards. Build the project.

  • Work on cpbwear
    • Go to Component Properties -> Dependencies tab and add cpbwloginmodule (java project) as dependency to this project.

    • Build the project. This will generate the ear file.

    • Open the ear file using WinRar and add the jar and the xml file created within java project to this ear file.

    • Deploy the ear file Imp: DO NOT BUILD the ear project again or else a new ear will be generated. You will lose jar file and xml file added. In case if you need to, you need to redo addition of these files every-time

 

Configuration

  • Go to potal netweaver administrator (nwa) -> configuration -> Authentication and Single Sign-on

  • Inside this, go to Authentication -> Login Modules. Search your custom login module either by using Display Name or Class Name which you have entered in the xml file.

  • Below you will see the same options and values you have added in the xml file. So this confirms your custom login module has been deployed correctly.

  • Now, go back to Components, select ticket and click on edit button.

  • Add your newly created custom login module as shown below and set Flag as Optional. These flags and other module flags can be changed based on your requirements. Afterwards, click Save.

And that’s it. Your done with developing and configuring your custom login module. Try to login and see if all works as planned.

 

Troubleshooting

To see if your login module is working fine, you can go to Troubleshooting -> Logs and Traces -> Security Troubleshooting Wizard. There, select Authentication from the drop-down and start the diagnostics. Try to use your custom login module now. Once done, stop the diagnostics and see the error log. It will show all the required information.

 

In this blog, I have tried to be as explanatory as possible. Still, there could be more ways to do any specific action but this one works perfectly. Please do let me know in comments if you seek code help as well.

 

 

 

 

 

 

 

 

Assigned Tags

      6 Comments
      You must be Logged on to comment or reply to a post.
      Author's profile photo Julio Alberto Martinez Real
      Julio Alberto Martinez Real

      Amazing job!!

      There is a lack of EP articles in this place.

       

       

      Author's profile photo Chander Kararia
      Chander Kararia
      Blog Post Author

      Thanks Julio.

      Author's profile photo GOVARDAN RAJ SHAMANNA
      GOVARDAN RAJ SHAMANNA

      Hi Chander Karari,

      Nice Info, i need a few more inputs, like how shall we control the page redirect i.e. in logon page dc, we have different jsp pages, for example how can we navigate to a changepassword.jsp after user has entered his credentials.

       

       

      Author's profile photo Chander Kararia
      Chander Kararia
      Blog Post Author

      Hi Govardhan, I have just read your comment and will get back to you on this asap.

      Author's profile photo Chris van de Wouw
      Chris van de Wouw

      Nice blog!

      However, I didn't like the manual manipulating of the ear file, as we use NWDI for build and delivery and not being able to rebuild the ear-file renders this solution useless for us.

      So I tried a few things and it seems to be easy to setup so no fiddling with the earfile is necessary;

      • The java dc project requires a public part of type ASSEMBLY containing the package to your login class
      • For the earfile set a build dependency to that public part of the java DC. This will copy the jarfile into the resulting ear file in the build process
      • The LoginModuleConfiguration.xml file can be placed in the META-INF folder of the ear project. The SAP docs tells it must be in the root of the earfile, but this folder will work as well

      Build the earfile and deploy it, NW will pick it up.

      My next step now is to implement the correct logics, for which I need to access the queryparameters of the http request from the loginmodule. Haven't found out how yet, so I'd be happy if someone could point me the right direction. If I find out myself I'll add it here.

      Author's profile photo Chris van de Wouw
      Chris van de Wouw

      Ok, found out about the queryparameters. Instead of the NameCallback class, HttpGetterCallback must be used

          HttpGetterCallback tokenCallback = new HttpGetterCallback();
    tokenCallback.setType(HttpGetterCallback.REQUEST_PARAMETER);
    tokenCallback.setName("token");

      Then after invoking the callback, the getValue method will contain the value(s)

          String[] tokens = null;
    if (tokenCallback.getValue() != null) {
      tokens = (String[])tokenCallback.getValue();
    }