Show TOC Start of Content Area

This graphic is explained in the accompanying textBasicPassword  Locate the document in its SAP Library structure

This type is handled by the interface javax.resource.spi.security.PasswordCredential.

For initial Web application access you will need to enter your user/password in the browser pop-up. The user/password you enter should also be configured in the security provider on your Java EE Application Server.

Application descriptors should have additional entries to enable this authentication mechanism. Here are some examples:

 

web-j2ee-engine.xml descriptor:

 

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE web-j2ee-engine SYSTEM "web-j2ee-engine.dtd">

<web-j2ee-engine>

    <resource-ref>

      <res-ref-name>MyConnFactory</res-ref-name>

      <res-link>MyConnFactory</res-link>

    </resource-ref>

     <security-role-map>

      <role-name>Everybody</role-name>

      <group-name>Guests</group-name>

      <group-name>Administrators</group-name>

    </security-role-map>

  <login-module-configuration>

    <login-module-stack>

        <login-module>

           <login-module-name>

BasicPasswordLoginModule

</login-module-name>

           <flag>SUFFICIENT</flag>

        </login-module>

    </login-module-stack>

  </login-module-configuration>

  </web-j2ee-engine>

 

web.xml descriptor:

 

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"

                         "http://java.sun.com/dtd/web-app_2_3.dtd">

<web-app>

    <display-name>VeriClientServletBasic</display-name>

    <servlet>

        <servlet-name>VeriClientServletBasic</servlet-name>

        <display-name>VeriClientServletBasic</display-name>

        <servlet-class>

     com.sap.mw.jco.jra.tests.client.auth.basic.VeriClientServletBasic

  </servlet-class>

    </servlet>

    <servlet-mapping>

        <servlet-name>VeriClientServletBasic</servlet-name>

        <url-pattern>/VeriClient</url-pattern>

    </servlet-mapping>

    <session-config>

        <session-timeout>30</session-timeout>

    </session-config>

    <security-constraint>

        <web-resource-collection>

            <web-resource-name>test1</web-resource-name>

            <url-pattern>/VeriClient</url-pattern>

        </web-resource-collection>

        <auth-constraint>

            <role-name>Everybody</role-name>

        </auth-constraint>

        <user-data-constraint>

            <transport-guarantee>NONE</transport-guarantee>

        </user-data-constraint>

    </security-constraint>

    <login-config>

        <auth-method>BASIC</auth-method>

        <realm-name>JRAAuthentication</realm-name>

    </login-config>

    <security-role>

        <role-name>Everybody</role-name>

    </security-role>

    <resource-ref>

        <res-ref-name>MyConnFactory</res-ref-name>

        <res-type>javax.resource.cci.ConnectionFactory</res-type>

        <res-auth>Container</res-auth>

    </resource-ref>

</web-app>

 

Be aware that the application (EJB or Server) container should be notified through the entry

<res-auth>Container</res-auth>

that it needs to use one of the Container-Managed Authentication methods

and through the entry

<login-module-name>BasicPasswordLoginModule</login-module-name>

that it should use the BasicPassword authentication mechanism.

 

In the above example, the user/password you supplied by browser pop-up will also be passed to the SAP system to establish the connection.

You can also use user mapping mechanisms by the security provider service in your application server. In this case, the credentials (user/password) of the Initiating Principal and not the Caller Principal will be passed to the SAP system for connection creation.

 

 

End of Content Area