Skip to Content
avatar image
Former Member

sso for agentry.(sapwm61)

Dear Gurus:

                   I am trying to configure SSO for agentry (SAPWM61). I am supposed to do authtication using the SAP Portal(uses ldap) and then I get redirected to ECC backend and we have trusted relation between portal and backend ECC.

In SAPWM6.1 document I see a few changes have to be done in the javaBE.ini files.

Am just wondering if any has done something like this?

Below is what is mentioned in the install document:

[USER_AUTH_SSO] ;referenced when LOGON_METHOD=USER_AUTH_SSO ; SSO related

information for user in LoginModuleSSO to facilite Login to ; an SAP system

using tickets from a message server. ;

;PORTAL_URL=https://ldciszd.wdf.sap.corp:4431/sap/bc/webdynpro

;PORTAL_URL=http://ldjcis49.wdf.sap.corp:5100/irj/portal

;PORTAL_URL=https://localhost/irj/portal/

PORTAL_URL=https://localhost/irj/portal.client/verifier/

; verification file from the portal. Not required, but if portal names are

different from the authenticated user name, it will be needed to decode the

name. VERIFICATION_USE=true VERIFICATION_FILENAME=szb.verify.pse

;VERIFICATION_PASSWORD=rzdrj1<9~gyqdv0?6r}f

;VERIFICATION_PASSWORD_ENCODED=true

; keystore for client authentication to the server, if required.

KEY_STORE_USE=true ;KEY_STORE_TYPE=WINDOWS-MY KEY_STORE_TYPE=jks

KEY_STORE_FILENAME=local.client.certificate.keystore

;KEY_STORE_FILENAME=client.p12 KEY_STORE_PASSWORD=simplepass

;KEY_STORE_PASSWORD_ENCODED=false

; trust store for server authentication to the client (accepting only trusted

servers to prevent MIM attacks) TRUST_STORE_USE=true

;TRUST_STORE_TYPE=WINDOWS-ROOT TRUST_STORE_TYPE=jks

TRUST_STORE_FILENAME=local.certificate.truststore

TRUST_STORE_PASSWORD=simplepass ;TRUST_STORE_PASSWORD_ENCODED=false

COOKIE=MYSAPSO2 HTTPTYPE=https SSL_VERSION=SSLv3 JAVA_SECURITY_DEBUG=true

JAVA_NET_DEBUG=true

Ravi

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • Jan 06, 2015 at 04:44 PM

    Ravi,

    Yes you need to follow configuration steps  as specified in the documentation.  One of the step is to modify JavaBE.ini  as indicated by you.  Do you have any specific question or issue that your  having ?

    Please also refer some of the OSS notes relevant for SSO set-up.

    Thanks

    Manju.

    Add comment
    10|10000 characters needed characters exceeded