Setting up a Web Dynpro Application for a Logon Ticket 

Use

You want to configure a Web Dynpro application that receives data from a SAP system with an adaptive RFC model so that it logs onto the SAP system with the user’s logon ticket.

If you use an adaptive RFC model in a Web Dynpro application, two JCo destinations are automatically created in the Web Dynpro Content Administrator. You must maintain these JCo destinations with this tool.

·        With the first connection, the Web Dynpro application receives the metadata that is not user-specific and that is therefore the same for all users. It must be available to all users.

·        With the second connection, the Web Dynpro application receives the application data, which is normally user-specific.

The JCo destinations for an adaptive RFC model have the following default names:

·        WD_MODELDATA_DEST for application data

·        WD_RFC_METADATA_DEST for metadata.

When you create JCo destinations, you can also give them different names. When the data for further adaptive RFC models is loaded from other SAP systems, you may not use the default names; you must define unique names for the JCo destinations.

The JCo destinations are displayed in the Web Dynpro Content Administrator when you select the corresponding development component or local Web Dynpro application in the Browse and Search Area.

Prerequisites

You have administration permission for the J2EE Engine or SAP Enterprise Portal.

You set up the SAP system so that the logon tickets that are sent by the Web Dynpro application are accepted. These logon tickets can be issued by either the J2EE Engine on which the Web Dynpro application was deployed or another system, such as an SAP Enterprise Portal. For more information see Configuring the SAP Web AS ABAP to Accept Logon Tickets from the J2EE Engine.

Procedure

...

       1.      Open the Web Dynpro Content Administrator from the URLs

                            a.      directly with the URL http://<YourHost>:50000/webdynpro/dispatcher/tc~wd~tools/explorer

                            b.      from the home page of the J2EE Engine with the following URL http://<YourHost>:50000/webdynpro/welcome by choosing Content Administrator.

       2.      Or in the top-level navigation of SAP Enterprise Portal select Content Administration  →  Web Dynpro  →  Web Dynpro Content Administrator.

       3.      Select the required development component or local Web Dynpro application in the corresponding level in the Browse and Search Area. The first level local contains all the locally deployed Web Dynpro applications. The second level contains all the development components and is specified with the vendor name, e.g. sap.com.

       4.      On the tab page JCO Connections select the JCo destination you want to maintain and choose Edit in the detailed view.

       5.      A wizard with which you can define the JCo destination in individual steps opens.

                            a.      Define the general data
At runtime the JCo connection is implemented with a JCo pool. You must define the largest possible pool size. This is the maximum number of connections that can be set up at runtime. You also define the client.

                            b.      Define the message server
You can define the message server below. If you are using a SAProuter, you can also define the SAProuter string in this step. For more information about the SAProuter, see the SAP Library under SAP NetWeaver → Security → SAPNetWeaver Security Guide → Network Infrastructure → Firewalls → SAProuter.

                            c.      Define the security settings

You have to take security matters into consideration and define the security settings when you specify a JCo destination.
For user authentication select the required authentication method:
When defining the JCo destination for application data, select authentication method Ticket. The user’s logon ticket is sent to the SAP system.

When defining the JCo destination for metadata, only authentication method User/Password is supported.

The user is predefined for authentication method User/Password and cannot be changed. This user is a technical user who does not need dialog authorization. The name and password assigned to this user must be known in the backend. The authorizations for this user must be set in the backend so that this user can access all DDIC function modules.

                            d.      Overview of the defined parameters

       6.      End the wizard with Finish.

       7.      Then perform the same steps for the second JCo destination. The order in which you process the JCo destinations is of no importance.

Result

You maintained the necessary JCo destinations for an adaptive RFC model. If data is loaded from the backend for the user of the Web Dynpro application that contains this model, the user is logged on with Single Sign-On with logon ticket.