Skip to Content
0

Authenticate HCP apps using the Corporate User Store without any Identity Provider

Jan 20, 2017 at 10:26 AM

201

avatar image

Hello all,

We have a customer who are not having Cloud Identity Service.

They would like to use the Hana Cloud Platform, by connecting their AD(note: no on-premise Identity Provider as well)

But, all the information that I have suggests that for AD user authentication to take place, one needs the Cloud Identity Service or an Identity Provider on-premise which is SAML 2.0 compliant.

We referred https://archive.sap.com/discussions/thread/3709349

https://help.hana.ondemand.com/cloud_identity/frameset.htm?461d71c148594608b9c8b6d016e0a0c5.html#loio2c3ede1d7c454b8a8f820248ee3b705c


Is there any way I can integrate AD user store with HCC and from there, it will connect to HCP??

I found there is switch to LDAP authentication in Configuration section of HCC; but I believe that option is only for logging onto the HCC console using LDAP credentials only.(please correct if wrong)

Could this authentication work for taking user information?

Please suggest!

BR

Suraj N

10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

3 Answers

Radostina Kasova Jan 26, 2017 at 11:57 AM
0

Plese find the information here:

https://help.hana.ondemand.com/help/frameset.htm?71fdf1c0aaf141d18dd5ae2b41c86da3.html

A drawback of this scenario is that you won't have SSO.

Show 1 Share
10 |10000 characters needed characters left characters exceeded

Hi Radostina, many thanks for your reply.

The link that you shared is for

'Using an SAP System as an On-Premise User Store' but my use case is 'Using an Microsoft Active Directory as an On-Premise User Store'.

Is it applicable?

0
Radostina Kasova Jan 27, 2017 at 09:51 AM
0
Show 1 Share
10 |10000 characters needed characters left characters exceeded

Hi Radostina,

We have tried using https://help.hana.ondemand.com/help/frameset.htm?28a03e44bb2f49278e0fecc246726d5c.html

for this and deployed an app , but with no luck..

The deployed app was not asking for any login

in the screenshot attached you can see is after that step.

I believe using AD user store still requires an Identity Provider with SAML 2.0 compliance on top of AD.Your thoughts?

0
Bertram Ganz
Feb 01, 2017 at 01:38 PM
0

Dear Suraj Nair,

you should take a look at the very new SAP HANA Cloud Platform Identity Provisioning Service and see whether it fulfills your client's business requirements:

Wishes, Bertram Ganz

Share
10 |10000 characters needed characters left characters exceeded