Marco institucional/administrativo de la participación juvenil

6.3.1 Configuring an SAP R/3 Application

An application should be configured with the Enterprise SSO configuration editor. For SAP R/3 applications, use the SAP application model in Enterprise SSO Studio.

Configuring an Application for SAPGUI Scripting

If you use SAPGUI Scripting window types, the OLE/automation option in the configuration is not required. It should, therefore, be left inactivated.

6.3.2 Configuring the SAPGUI Scripting Window

6.3.2.1 The Detection Tab

The detection of SAP R/3 connections is based on their connection servers or server groups.

To specify an SAP R/3 server or group of servers, use the following options:

 Name (mandatory): server name (SAP R/3 hostname) or server group name for which SSO is to be performed.

 SAP System Name: SAP R/3 name of the system in 3 characters (database ID).

 Direct server connection:

System number: provide the SAP R/3 System Number if the target server is running more than one copies of SAP R/3.

 Group with load-balancing:

Message Server: enter the SAP R/3 message server name as it is configured in the SAPLogon module if there are a several SAP R/3 groups with the same name but with different messages servers.

6.3.2.2 The Actions Tab

 Description of the SAP R/3 parameters: at authentication time, SSOWatch can fill the "language" and "client name" fields as defined in the SAP R/3 application model. These parameters should be declared through the Parameters tab of the application object.

 Automatic validation of the credentials: The user does not have to validate the credentials sent by Quest ESSO to start an SAP session. The Auto validate login page check-box is selected by default.

 Changing the SAP R/3 user’s password: by default, SSOWatch manages the authentication process, and the user cannot change his or her SAP R/3 password at this stage but must use the password change transaction once connected. To avoid the complexity inherent in this procedure, activating this option will result in SSOWatch asking the user if a change of password should be made during connection to SAP R/3; SSOWatch will then manage all the password change processes as required.

 Automatic validation of the connection notification: the SAPGUI Scripting technology causes a message to appear, notifying the user that a script is connecting to SAPLogon. By activating this option, and by declaring the notification window title (by default this is saplogon), SSOWatch will

automatically validate the notification as required. The notification will still appear in non-SSOWatch connections, and therefore for other scripts.

Error messages are detected by SSOWatch so that it can react when there is a password de-synchronization problem, when there is a password change, or if the new password is refused by the SAP R/3 system. In addition to the pre-configured error messages, you can declare your own specific messages:

 By content: enter a message and assign a meaning to it. SSOWatch will look for the message in the status bar or error dialog box. In this case, it is the message string that is looked for. This is dependent, therefore, on the language of the SAP R/3 client.

 By reference: if you also specify the SAP R/3 ABAP reference of the message, SSOWatch will look for the reference of the message, and not its content. Thus, it becomes

independent of the client language. In this case, the content of the ‘message’ field is simply for informative purpose.

The list of message references can be found using the transaction SE16, table T100.

Authentication steps:

 Connection refused: the SAP R/3 system has refused the connection. The user may be locked, or the server unavailable.

 Invalid password: the user password is incorrect. A new password is requested through SSOWatch data collection windows.

 New password refused: the user has just changed the password, but the SAP R/3 system does not accept it. A new password is requested through SSOWatch data collection windows.

7 Terminal Type Applications

Terminal type windows manage SSO in text fields emulating a line mode terminal. The terminal must be displayed in a text-edit control field.

Some emulator windows may not meet these requirements. In this case, the use of some other methods like OLE/Automation interface access could be necessary.

The way this window type works is slightly different from the way other window types work, since the SSO events correspond to the display of messages; in addition, all the SSO states are managed in the same window.

Once connection has been set up, SSO is disabled for this window. Three window types offer the management of terminals:

 Terminal (from Standard plug-in).

 MSTelnet (from Microsoft applications plug-in).

SSOWatch also works with PUTTY

 MSTelnetW2KXP (from Microsoft applications plug-in).

The detection of these window types is the same as for standard Windows.

The Actions part covers all standard window types. It is used to manage the opening of a full session (including bad and new passwords management) running in text mode and in a single Windows control field (in general Edit field). It simulates the user keyboard entries and controls the state of the connection by detecting text banners.