cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Launch Webdynpro Application from Fiori under different user

Go to solution
mikegoalie
Explorer

on ‎10-24-2023 1:49 PM

0 Kudos

Hi experts

Currently our organization has a Webdynpro Application that uses a system user ID via SSO to authenticate the user. This was done as a means to give access to all employees in the department access to this tool without needing them to have an SAP account. People typically access the Webdynpro Application via URL directly in their browser. The Webdynpro Application is built to only accept the system user ID.

As we migrate more "legacy" apps to Fiori, we'd like to create a tile for this Webdynpro Application. Some users will continue to not have SAP accounts and use the browser link, but we have a subset of users who are SAP users and will be using the FLP.

The issue I'm facing is: if the Webdynpro Application is launched via the FLP while the user is logged in, the Webdynpro Application uses that user's log in credentials and eventually the user hits an issue.

Is there any way to configure the Webdynpro Application (either on the Fiori side, the ICF side or the application itself) to force the SSO with the system user ID, even if it's launched while a user is logged in with their own account?

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

mikegoalie
Explorer
‎11-06-2023 4:29 PM
0 Kudos

Found the answer to my own question, so will post it in the hopes of helping someone else 🙂

Our application already had a system user and password set in ICF service, however we had logon procedure set to "Standard". The standard procedure uses this order to determine user credentials (source: Standard Logon Order (SAP Library - Components of SAP Communication Technology) 😞

1. Logon using HTTP fields

2. Logon with SSL certificates

3. Logon using SAP Logon Ticket (‘SSO’)

4. HTTP Basic Authentication

5. Logon using SAP user password (SAP RFC logon)

6. Logon using SAML

7. Logon using user data stored in the service

Ironically, the credentials I needed were last on the list 🙂

To resolve the issue, I switched the logon procedure to "Required with Logon Data". This forces the user identified in the ICF service

After the change, I have tested both scenarios of launching the application directly via URL as well as the new method via Fiori tile and the system user is being used in both scenarios.

Show replies
Show replies

Answers (1)

Answers (1)

mamartins
Active Contributor
‎10-25-2023 10:53 AM
0 Kudos

I'm sorry to say this, but your Organization isn't compliant with the SAP licensing agreement.

If you want to identify individually an user, then you need to create an account.

Show replies
Show replies
Ask a Question