Make logoff really work for Personas

Let the world know ...Tweet about this on TwitterShare on Google+Share on FacebookEmail this to someoneShare on LinkedIn

This blog mentions personas, but the problem and solution is equal to any WebGUI scenario: you can log on, but never leave. Some changes were introduced in later NetWeaber ABAP version, making it impossible to logoff without further configuration that ensures the cookies and session are really deleted. The cause is that by default, the logoff ICF service is not active and the services like personas do not call the logoff service. You can find more information on this in SAP Note 1777513: WebGUI logoff does not work

Symptom

As an example, I’ll use SAP Screen Personas. Keep in mind the same happens when using WebGui. You log on to Personas and see your main menu: https://server:port/sap/bc/personas

Now you log off and hit F5 to reload the page. And you are logged on automatically. Meaning you were never really logged out of the system. What you want and need is to ensure that logout means logout. The following steps show how to achieve this by configuring the personas service to call the logoff service.

Solution

Logoff service

Transaction: SICF

Make sure the logoff service is active. If not, activate the service. This service is responsible for logging you out and deleting the cookies in the browser.

Personas service

Transaction: SICF

Change the personas service (or webgui service, etc).

Check the logoff settings under “Error Pages” > “Logoff Page”. By default there is no redirect activated, meaning that the logoff service is not called. Because of this you are not logged out, the cookies are not deleted.

Change to edit mode. Activate “Redirect to URL” and set as URL /sap/public/bc/icf/logoff.

Parameter: /sap/public/bc/icf/logoff.

Alternative

The above URL will log you out, but you won’t see any nice page that shows this. It may be a error page (404) or a blank page. To redirect the user again to the personas logon page, use the

Parameter: /sap/public/bc/icf/logoff?redirectURL=/sap/bc/personas.

Save.

Add the change to a request.

Done.

Test

Log on to the system via WebGui and then log off. You should see the logon page next time you try to access a service.

Let the world know ...Tweet about this on TwitterShare on Google+Share on FacebookEmail this to someoneShare on LinkedIn

Personas 3 SP03 – Hide SAP Easy Access label

Let the world know ...Tweet about this on TwitterShare on Google+Share on FacebookEmail this to someoneShare on LinkedIn

After installing SAP Personas 3 SP03 you may not be able to hide the SAP Easy Access. The hide button is deactivated. This can be solved by applying the latest Personas 3 client. Just import SAP Note 2295996.

Symptom

Hide button is deactivated to the SAP Easy Access label.

Solution

After installing Personas 3, you really should run the health check tool and verify if all relevant SAP notes are applied. The tool includes a button to check for SAP notes. Just make sure your ABAP system can connect to SAP Notes and download relevant notes.

Apply SAP Note via SNOTE.

The health tool will show you what to do, next is only to have the right Basis permission and let the system automatically apply the notes. It’s that easy with Personas.

Apply SAP Note manually

In case there is no connection to service market place available, and you cannot download SAP Notes via SNOTE, life is a little bit more complicated.

Download SAP Note

Check the relevant notes for Personas 3 and upload them manually. Download the SAP Note and unzip the contained txt file.

Upload note to SAP system

  • Transaction SNOTE

In case your system is OK and all other notes are already applied, you’ll see an empty screen. Now upload the SAP Note manually.

Goto > Upload SAP Note

Select extracted txt file.

The note is imported. The screen of SNOTE changes and shows you now the uploaded note.

Implement SAP Note

Select the note and go to SAP Note > Implement SAP Note

You may get an information the an RFC connection to SAP is not possible.

Confirm that you have read the SAP Note (you did, right?). This will start the import process.

Confirm that you know what you are doing.

Give a transport request.

Confirm again that you know what you are doing.

The status of the note is changing to processing.

Set processing status

Double click the note and you can see more information, also the implementation state.

If you are happy with it, set the processing status to completed.

Result

Validate result

As you remember, all of this was motivated by the objective to be able to hide the SAP Easy Access text. To test if it now works, go back to the flavor, select the text and hide it.

Now its possible to select the text and the hide button is active. As expected, hiding the lable is now working.

Let the world know ...Tweet about this on TwitterShare on Google+Share on FacebookEmail this to someoneShare on LinkedIn

Install Personas 3.0 SP3

Let the world know ...Tweet about this on TwitterShare on Google+Share on FacebookEmail this to someoneShare on LinkedIn

Pre-requisites

Check that Personas 3 add-on and SP01 and SP02 are already installed. SP03 is a support package, therefore SPAM is used to install it.

Update

  • Transaction: SPAM
  • Client: 000
  • User: user with right permissions

Check that SPAM status is green and no queue is defined.

Upload SAR file: Support Package -> Load packages -> From Front End

Decompress.

Check the uploaded package. Select new support package under directory and then display.

The status needs to be yellow (not yet imported) and the perquisite set 01 all must be green and ok.

Select the package and click on Queue to define a new queue.

This SP03 is not protected with a password.

Select No. This brings you back to SPAM main screen. The status is now yellow and next action is given as import queue.

Import queue. Go to: Support Package -> Import queue.

You can now go get a coffee or follow the status messages in the status bar.

At the end of the import, a dialog is shown. It should be a nice “success!!” dialog, I got this:

What happened is that I applied a Personas 3 note that changed some standard objects. The dialog is SAP’s polite reminder to check if I want to keep these changes or discard them and let Personas 3 SP03 overwrite them. I want to not keep them and let Personas 3 use its own repository objects, so I selected continue. At the end you’ll see a short walkthrough what you should do (analyse the stuff, etc), although this isn’t possible in my demo system, as I do not have a SAP Note connection – something needed to run the validation.

Status is now: Confirm queue

You can and want, please send the data back to SAP.

SPAM finished updating Personas 3 to SP02 and the status is green -> all OK.

Check the installed Personas 3 version.

Personas 3 SP03 is installed.

SPAU

When installing Personas, for sure you’ll apply some SAP Notes. When upgrading to a newer service pack, you’ll have to decide if you want to keep the adjustments done by the imported SAP Note or if you want to go back to the original version. As long as the service pack going to be installed contains the changes of the SAP Note, you can revert the changes. To do this:

  • Transaction SPAU

You see a list of SAP Notes. To get a better understanding, try to run the comparison tool. Be aware that SNOTE must be configured to download notes from SAP for this to work.

Select the option to reset the object. In case SNOTE can download the note from SAP, this should work.

Locked objects

Another part to consider when installing a new service pack is that the objects that are part of a transport request are locked. If so, SPAM will show the following dialog:

Click on the request number to see the locking requests.

First, release the tasks. (A check icon must be behind them)

Then, release the transport request.

Done.

Let the world know ...Tweet about this on TwitterShare on Google+Share on FacebookEmail this to someoneShare on LinkedIn

Reset password for SAP Web Dispatcher user

Let the world know ...Tweet about this on TwitterShare on Google+Share on FacebookEmail this to someoneShare on LinkedIn

It happened. You do not remember anymore the password created by SAP Web Dispatcher (WD) during bootstrap operation. While this is not bad (who can remember a password like aR$#¨%_09fms!” anyway?) and normally your browser safes it for you (hm, maybe not so good) or your password safe (better). But the password is gone, you cannot log on anymore to WD admin interface. No worries, if you have access to the computer where WD is running, you can either

  1. Get the icmauth.txt file and try to hack the password or
  2. Create a new password for your user.

I prefer option b.

The documentation at SAP Help for this gives you some options, like recreate the configuration (bootstrap) and you’ll get a new password for the icmadm user.

  • Creating Administration Users SAP Help

The online documentation for this section only mentions icmon, but for Web Dispatcher you have to use wdispmon. The authors explain this at the parent page of the topic and justify it that this makes things easier. I am not sure to whom, but definitely not for the person reading the guide, as you have to read the parent page to find out why icmon is not available for WD. Note: the page is for WD and still the documentation is using commands for ICM for NetWeaver ABAP #yay.

Content of the icmauth.txt file looks like:

# Authentication file for ICM and SAP Web Dispatcher authentication

icmadm:{SHA384}z3Lq992UB3lmK3F5dND266RBGU1S2xflxQOtSJn4irawcIce+Xo:admin

Field 1 Field 2 Field 3
icmadm is the user {SHA384}z3… is the encrypted password of the user admin is the group of the user.

To change the password of the user icmadm you have to use the wdispmon command with the –a flag. Also provide the path to the WD profile file.

Command: wsdispmon –a pf=sapwebdisp.pfl

Enter c to change the password of an existing user.

Inform the new password. As of now, the new password will not be available to WD, as it is not saved to icmauth.txt. To persist the new password you have to save it. To do so, select s from the menu.

Do not worry, a copy of the old file will be created (in case your co-worker still has the old password). With this done, you can exit the program. Select q from the menu.

(Not sure if you have to restart WD, but I did.) Now you can log on using the new password to WD. Access your WD admin page and log on using icmadm and the new password.

https://localhost:4300/sap/wdisp/admin/public/default.html

Let the world know ...Tweet about this on TwitterShare on Google+Share on FacebookEmail this to someoneShare on LinkedIn

Install SAP OCB Retail – 5 – Starting the application

Let the world know ...Tweet about this on TwitterShare on Google+Share on FacebookEmail this to someoneShare on LinkedIn

Three types of applications were installed by SAP Omnichannel Retail Banking:

  • business central
  • business banking
  • retail banking

Each one of those is accessed by a URL and browser.

Business Central

Access: https://localhost:8081/bc/servlet/bc/global.jsp

Select your language (most probably, it will be English). In the next screen, enter user name: admin

Enter password Pass1234.

Welcome to business central.

Business Banking

Access: https://localhost:8081/cb/pages/jsp-ns/login-corp.jsp

Inform the user name jtech

Inform the password Pass1234

Retail Banking application

Access: https://localhost:8081/cb/pages/jsp-ns/login-cons.jsp

User: tbowman

Password: Pass1234

Home screen on online banking.

Let the world know ...Tweet about this on TwitterShare on Google+Share on FacebookEmail this to someoneShare on LinkedIn