Entering content frame

This graphic is explained in the accompanying text Examples of Portal Web Services Security Locate the document in its SAP Library structure

Exchanging User information

A secured scenario of an exchange of the user information between a client and a portal Web service:

...

       1.      Send HTTP request containing SOAPMessage with user/pass attached to HTTP header

       2.      Receive calls from the PRT dispatcher, and call user management, which logs in the corresponding user and returns IUserContext

       3.      After a successful call to the right portal service, construct the answer SOAPResponse, return it to the dispatcher. Credentials are added in the cookie SSO2 attached to the httpResponse

       4.      Construct a new SOAP message if necessary, adding the cookie that was returned by back by the portal

       5.      Identify the user using SSO2

Portal Applications and External Web Services

This is another approach on the security side for the portal. The portal is principally done for receiving requests and not generating them. There is a solution based on the existing system landscape/ user mapping that is used in the connectors/JCO service to contact backend systems. This solution is based on SSO2 cookies in addition to the SOAPMessage request.

When a proxy service is generated from the WSDL definition (URL or files), some automatic fields are added to portalapp.xml. One of these fields is called SystemAlias:

This graphic is explained in the accompanying text

..

<services>

 <service alias="GoogleWEBService" name="Google">

  <service-config>

     ….

   <property name="startup" value="false"> </property>

   <property name="WebEnable" value="false"> </property>

   <property name="WebProxy" value="true"> </property>

     ….

   </property>

  </service-config>

  <service-profile>

   <property name="SystemAlias" value="Default_System_Alias"> </property>

  </service-profile>

 </service>

</services>

This example shows how PRT uses the two parameters IUser and SystemAlias:

This graphic is explained in the accompanying text

IUserMappingService mappingService =

   (IUserMappingService) mm_serviceContext.getService(

      "com.sap.portal.usermapping.user_mapping");

if (mappingService != null) {

   IUserMappingData usermapping =

      mappingService.getMappingData(systemAlias, user);

   if (usermapping != null) {

      usermapping.enrich(msg);

   }

}

Getting a Secured Proxy

To get a secured proxy service with generated proxy classes:

This graphic is explained in the accompanying text

public void doContent(

   IPortalComponentRequest request,

   IPortalComponentResponse response) {

   ITestClient client =

      TestClient) PortalRuntime.getRuntimeResources().getService(

         "GoogleWEBService");

 

   // Get  the secured connection  

   ITestClient clientsecurised =

      client.getSecurisedServiceConnection(request.getUser());

   clientsecurised.echoString("Hello");

}

The System_Alias can be edited by the portal’s service properties editor.

Getting the Current User

To get the current user logged on to a portal Web service:

This graphic is explained in the accompanying text

import com.sapportals.portal.prt.service.soap.SOAPRuntimeContext;

 

public String getUser() {

   IUserContext user = SOAPRuntimeContext.getCurrentUser();

   return user.toString();

}

 

 

Leaving content frame