Show TOC Start of Content Area

This graphic is explained in the accompanying text SSO  Locate the document in its SAP Library structure

 

If an SSO ticket was passed with a call, this ticket is checked on the Java EE Application side for its validity.

 

 

To enable the SSO mechanism, you have to perform the following steps:

 

      Configure the called application using the SAP-specific SSO Mechanism for 

     Server calls.

 

Note

For details, see the documentation of the SAP Security Provider service on the J2EE Application Server: Using SAML Assertions for Single Sign-On.

 

      In the calling SAP Application Server, you have to activate the use of the SSO

     tickets with each call via the transaction SM59.

     

If the access to the MDB has to be restricted to specific role, you may add the according restrictions in the ejb-jar.xml, according to the ejb 2.1 specification:

 

<assembly-descriptor>

      <security-role>

         <role-name>Hugo</role-name>

      </security-role>

      <method-permission>

         <description>method-permission</description>

         <role-name>Hugo</role-name>

         <method>

            <ejb-name>MyEjbNameBean</ejb-name>

            <method-name>onMessage</method-name>

         </method>

      </method-permission>

   </assembly-descriptor>

     

End of Content Area