cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SSO does not work with DNS change

Former Member

on ‎12-05-2005 9:39 PM

0 Kudos

Hi all,

I have an ITS service which works fine on intranet but do not work on internet. But the same service when put on internet (ofcourse with a different DNS i.e. abc.mycompany.co.uk) and it breaks down. When clicking on a webgui service or webrfc service it opens up the logon screen asking for password. In the whole ITS service there is no cross domain service.

The same thing works fine on intranet with different domain name.

Is there any other settings to be changed to accomodate for the new domain to work on the internet?

Thanks in advance for your replies.

Surendar

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

Strehle
Advisor
Advisor
‎12-07-2005 9:21 AM
0 Kudos

Hi Surendar,

cross domain support is from security point not a proper solution.

The ITS issues a MYSAPSSO2 cookie. The cookie specification says that the browser rules who is getting cookies. Normally only site with the corresponding DNS name will get.

Possible solution would be:

If you switch your application, the service which creates the ticket must be connect with another DNS name. Your DNS server allows to configure aliases. So just connect your WebServer with WGate with this new (alias) name, then you will get a cookie with another entry in DOMAIN property of the cookie.

See ITS parameters:

http://help.sap.com/saphelp_webas620/helpdata/en/4b/0c00273d6d11d480aa00c04f99fbf0/frameset.htm

regards,

-markus

Show replies
Show replies
Ask a Question