Description:
Within the ERP Agent configuration file "SmWebAsSSO.conf", the documentation (Agent Guide for SAP Web AS r5.6 SP4) mentions the "Resource" configuration parameter. The question is whether multiple 'Resource=<realm>' values must be specified within "SmWebAsSSO.conf", (e.g. /webdynpro/, /logon/, /testapp/), for every protected SAP resource.
Solution:
The only necessary resource (indeed, the only one that should be specified) is "Resource=/smwebasagent/". No other resources should be specified within "SmWebAsSSO.conf". Within the Policy Server configuration, a "smwebasagent" protected realm must be created, associated with a User Attribute response set to a variable name WASUSERNAME. Set this response to the attribute (e.g. "uid") that should be presented to SAP for SSO2 ticket generation.
[EXAMPLE CONFIGURATION FILE - "SmWebAsSSO.conf"]===================================================================# Where should the log data go? LogFile=/erpconn/log/smwebasagent.log # Log level is an integer between 0 and 3 # Level Meaning # 0 None # 1 Errors # 2 Information # 3 Debug LogLevel=3 # These setting dictate how I communicate with the Policy Server PolicyServer=192.168.1.10,44441,44442,44443 Failover=yes AgentName=webasagent SharedSecret=secret Resource=/smwebasagent/ # Enter the license string in a single line here #License=[NDSEnc-A]C...... # Mention the full URL for the Error page # User will be redirected to this page if SiteMinder Login Module authentication fails # If this is not mentioned, a standard error message is displayed ErrorURL=/errorpage.html===================================================================