Show TOC Anfang des Inhaltsbereichs

Diese Grafik wird im zugehörigen Text erklärtBasicPassword  Dokument im Navigationsbaum lokalisieren

This type is handled by the interface javax.resource.spi.security.PasswordCredential.

For the first web application access you will need to enter your User/Password in the browser Pop-Up. The User/Password you enter should also be configured in the security provider on your Java EE Application Server.

Application descriptors should have additional entries to enable this authentication mechanism. Here are some examples:

 

web-j2ee-engine.xml descriptor:

 

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE web-j2ee-engine SYSTEM "web-j2ee-engine.dtd">

<web-j2ee-engine>

    <resource-ref>

      <res-ref-name>MyConnFactory</res-ref-name>

      <res-link>MyConnFactory</res-link>

    </resource-ref>

     <security-role-map>

      <role-name>Everybody</role-name>

      <group-name>Guests</group-name>

      <group-name>Administrators</group-name>

    </security-role-map>

  <login-module-configuration>

    <login-module-stack>

        <login-module>

           <login-module-name>

BasicPasswordLoginModule

</login-module-name>

           <flag>SUFFICIENT</flag>

        </login-module>

    </login-module-stack>

  </login-module-configuration>

  </web-j2ee-engine>

 

web.xml descriptor:

 

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"

                         "http://java.sun.com/dtd/web-app_2_3.dtd">

<web-app>

    <display-name>VeriClientServletBasic</display-name>

    <servlet>

        <servlet-name>VeriClientServletBasic</servlet-name>

        <display-name>VeriClientServletBasic</display-name>

        <servlet-class>

     com.sap.mw.jco.jra.tests.client.auth.basic.VeriClientServletBasic

  </servlet-class>

    </servlet>

    <servlet-mapping>

        <servlet-name>VeriClientServletBasic</servlet-name>

        <url-pattern>/VeriClient</url-pattern>

    </servlet-mapping>

    <session-config>

        <session-timeout>30</session-timeout>

    </session-config>

    <security-constraint>

        <web-resource-collection>

            <web-resource-name>test1</web-resource-name>

            <url-pattern>/VeriClient</url-pattern>

        </web-resource-collection>

        <auth-constraint>

            <role-name>Everybody</role-name>

        </auth-constraint>

        <user-data-constraint>

            <transport-guarantee>NONE</transport-guarantee>

        </user-data-constraint>

    </security-constraint>

    <login-config>

        <auth-method>BASIC</auth-method>

        <realm-name>JRAAuthentication</realm-name>

    </login-config>

    <security-role>

        <role-name>Everybody</role-name>

    </security-role>

    <resource-ref>

        <res-ref-name>MyConnFactory</res-ref-name>

        <res-type>javax.resource.cci.ConnectionFactory</res-type>

        <res-auth>Container</res-auth>

    </resource-ref>

</web-app>

 

Please be aware that the application (EJB or Server) container should be notified through the entry

<res-auth>Container</res-auth>

that it needs to use one of the Container Managed Authentication methods

and through the entry

<login-module-name>BasicPasswordLoginModule</login-module-name>

that it should use the BasicPassword authentication mechanism.

 

In the above example the User/Password you supplied via browser pop-up will also be passed to the SAP system to establish the connection.

You can also use user mapping mechanisms via the security provider service in your application server. In this case, the credentials (User/Password) of the Initiating Principal and not the Caller Principal will be passed to the SAP system for connection creation.

Further Information

For further details, see:

      Security Provider Service

 

 

Ende des Inhaltsbereichs