使用SAP.NET Connector 3.0实现从.NET应用程序到SAP系统的单点登录

时间:2014-12-10 13:09:55

标签: iis single-sign-on sap

我们正在尝试使用SAP.NET NCo 3.0实现从.net应用程序到SAP系统的单点登录。在配置设置方法中,我们从配置文件中获取用户名和密码以及其他配置信息。

E.g。

RfcConfigParameters rfcConfig = new RfcConfigParameters();
rfcConfig.Add(RfcConfigParameters.User, ConfigurationSettings.AppSettings["SAP_USRNAME"]);
rfcConfig.Add(RfcConfigParameters.Password, ConfigurationSettings.AppSettings["SAP_PWD"]);
rfcConfig.Add(RfcConfigParameters.Client, ConfigurationSettings.AppSettings["SAP_CLIENT"]);

我们正在寻找一种可以通过Windows身份验证实现SSO的方法,其中不需要显式传递用户ID和密码。我们还提供SNC配置和其他必需文件。

任何相关的代码段或指针都会对此有所帮助。

提前致谢

1 个答案:

答案 0 :(得分:0)

您需要从客户端向SAP门户发出http请求。这将为您提供SAPSSO2令牌(从您收到的http标头中解析出来,在VB中示例):

Public Function GetSAPSSOTicket(sPortalURL As String, ByRef Ticket As String, ByRef ErrorMsg As String) As Boolean
    Dim offset As Long
    GetSSOTicket = False
    ErrorMsg = ""
    Ticket = ""
    Const MYSAPSSO2 As String = "MYSAPSSO2="
On Error GoTo Err1
    'contact the sap portal
    Dim req As New WinHttp.WinHttpRequest
    req.Open "GET", sPortalURL, False
    req.SetAutoLogonPolicy AutoLogonPolicy_Always
    req.Send
    Dim S As String
    S = req.GetAllResponseHeaders()
    'parse the ticket out of the response
    offset = InStr(1, S, MYSAPSSO2, vbTextCompare)
    If offset <= 0 Then
        ErrorMsg = "The Portal Server returned an empty ticket. Authentication failed."
        GoSub Cleanup
        Exit Function
    End If
    S = Mid(S, offset + Len(MYSAPSSO2))
    offset = InStr(1, S, ";")
    S = Left(S, offset - 1)
    Ticket = S
    'complete
On Error GoTo 0
    'success
    GoSub Cleanup
    GetSSOTicket = True
    Exit Function
Cleanup:
    Set req = Nothing
    Return
Err1:
    'some error
    GoSub Cleanup
    ErrorMsg = Err.Description
End Function

接下来,将此令牌传输到您创建目的地和连接的SAP.NET连接器代码,并将获得的值分配给目标的SAPSSO2属性(c#中的示例):

var destX = new SAP.Connector.Destination();                   
destX.Type = "3"; /* meaning R/3 */
destX.AppServerHost = "hostname";
destX.Client = (short)99; /* your client number here */
destX.SystemNumber = (short)42; /* your system number here */
/* single sign-on token passed in from SAPSSO2 header value in sapCookie parameter */
destX.MySAP_SSO2 = System.Web.HttpUtility.UrlDecode(sapCookie, Encoding.UTF8);
destX.Language = "DE";
destX.MsgServerHost = "message server (if needed, otherwise blank)";
destX.LogonGroup = "group name (or blank)";
destX.AbapDebug = false;
destX.Trace = true;
sap.Connection = new SAP.Connector.SAPConnection(destX);
sap.Connection.Open();

自2004年以来,我们已将此代码投入生产,并在许多版本中幸存下来,包括带有Unicode的SAP HANA。

相关问题
最新问题