Description:

Within the ERP Agent configuration file "SmWebAsSSO.conf", the documentation (Agent Guide for SAP Web AS r5.6 SP4) mentions the "Resource" configuration parameter. The question is whether multiple 'Resource=<realm>' values must be specified within "SmWebAsSSO.conf", (e.g. /webdynpro/, /logon/, /testapp/), for every protected SAP resource.

Solution:

The only necessary resource (indeed, the only one that should be specified) is "Resource=/smwebasagent/". No other resources should be specified within "SmWebAsSSO.conf". Within the Policy Server configuration, a "smwebasagent" protected realm must be created, associated with a User Attribute response set to a variable name WASUSERNAME. Set this response to the attribute (e.g. "uid") that should be presented to SAP for SSO2 ticket generation.

[EXAMPLE CONFIGURATION FILE - "SmWebAsSSO.conf"]===================================================================# Where should the log data go? LogFile=/erpconn/log/smwebasagent.log    # Log level is an integer between 0 and 3 # Level       Meaning #   0          None #   1          Errors #   2          Information #   3          Debug LogLevel=3    # These setting dictate how I communicate with the Policy Server PolicyServer=192.168.1.10,44441,44442,44443 Failover=yes AgentName=webasagent SharedSecret=secret Resource=/smwebasagent/    # Enter the license string in a single line here #License=[NDSEnc-A]C......    # Mention the full URL for the Error page # User will be redirected to this page if SiteMinder Login Module authentication fails # If this is not mentioned, a standard error message is displayed ErrorURL=/errorpage.html===================================================================