We are trying to use SAP .NET NCo 3.0 to implement single sign on from .net application to SAP System. In the configuration set up method we are fetching user name and password along with other configuration information from configuration file.
E.g.
RfcConfigParameters rfcConfig = new RfcConfigParameters();
rfcConfig.Add(RfcConfigParameters.User, ConfigurationSettings.AppSettings["SAP_USRNAME"]);
rfcConfig.Add(RfcConfigParameters.Password, ConfigurationSettings.AppSettings["SAP_PWD"]);
rfcConfig.Add(RfcConfigParameters.Client, ConfigurationSettings.AppSettings["SAP_CLIENT"]);
We are looking for a way that we can implement SSO with windows authentication where will ne NO need to pass user id and password explicitly. We also have SNC configuration and other required file available with us.
Any relevant code snippet or pointer addressing this will be of great help.
Thanks in advance
You need to make a http request to the SAP portal from the client. This will give you the SAPSSO2 token (parse it out of the http headers you receive, sample in VB):
Public Function GetSAPSSOTicket(sPortalURL As String, ByRef Ticket As String, ByRef ErrorMsg As String) As Boolean
Dim offset As Long
GetSSOTicket = False
ErrorMsg = ""
Ticket = ""
Const MYSAPSSO2 As String = "MYSAPSSO2="
On Error GoTo Err1
'contact the sap portal
Dim req As New WinHttp.WinHttpRequest
req.Open "GET", sPortalURL, False
req.SetAutoLogonPolicy AutoLogonPolicy_Always
req.Send
Dim S As String
S = req.GetAllResponseHeaders()
'parse the ticket out of the response
offset = InStr(1, S, MYSAPSSO2, vbTextCompare)
If offset <= 0 Then
ErrorMsg = "The Portal Server returned an empty ticket. Authentication failed."
GoSub Cleanup
Exit Function
End If
S = Mid(S, offset + Len(MYSAPSSO2))
offset = InStr(1, S, ";")
S = Left(S, offset - 1)
Ticket = S
'complete
On Error GoTo 0
'success
GoSub Cleanup
GetSSOTicket = True
Exit Function
Cleanup:
Set req = Nothing
Return
Err1:
'some error
GoSub Cleanup
ErrorMsg = Err.Description
End Function
Next, transport this token to your SAP.NET connector code where you make your destination and connection, and assign the value you obtained to the destination's SAPSSO2 property (sample in c#):
var destX = new SAP.Connector.Destination();
destX.Type = "3"; /* meaning R/3 */
destX.AppServerHost = "hostname";
destX.Client = (short)99; /* your client number here */
destX.SystemNumber = (short)42; /* your system number here */
/* single sign-on token passed in from SAPSSO2 header value in sapCookie parameter */
destX.MySAP_SSO2 = System.Web.HttpUtility.UrlDecode(sapCookie, Encoding.UTF8);
destX.Language = "DE";
destX.MsgServerHost = "message server (if needed, otherwise blank)";
destX.LogonGroup = "group name (or blank)";
destX.AbapDebug = false;
destX.Trace = true;
sap.Connection = new SAP.Connector.SAPConnection(destX);
sap.Connection.Open();
We have this code in production since 2004 and it survived many releases, up to and including SAP HANA with Unicode.