cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP ABAP Single sign on

Former Member

on ‎03-25-2015 10:29 AM

0 Kudos

Dear Members,

Need valuable comments and solutions with regards to my question below.

My requirement is to configure Single sign on for ABAP application server. I have 2 requirements

1.) This is my SRM server (EHP2 FOR SAP SRM 7.0) where in ABAP SNC configured based on below document 2 video

http://scn.sap.com/docs/DOC-40178

--> Successfully configured and single sign on working based on AD user id and password.

2.) secondly I want to configure a solution for /sap/bc/nwbc/srm based on 8001 or 8000 ports. Let me make one thing clear this is only ABAP based server.

Always I am getting a pop-up for user id and password. But the problem is now the authentication is done from AD not from the ABAP user master record.

How can I achieve this? I tried the 2 video step by step but still I am facing issue, I traced from SPNEGO transaction and found the below:

SPNegoValidateToken: Error when parsing received SPNego token via sec_kerberos_spnego_ParseToken with error return code:

I am not clear what is missed by me and what yet had to be implemented.

Basically how can I achieve single sign on for 8000 ports on ABAP system.

Appreciate quick response.

Thanks & Regards,

Mohammed Imran

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

former_member185954
Active Contributor
‎03-25-2015 12:43 PM
0 Kudos

Hello Mohammed,

Assuming you have SSL Server PSE and SSL Client PSE setup and are trusted by your company CA, your company CA will then need to issue a user certificate for the user that you wish to login into SAP with ( I assume this will be your AD userid) .

This user certificate will need to be imported into your browser and some additional steps on ABAP to ensure it recognizes the user certificate when presented by the browser.

Check the following blog for pointers.

Regards,

Siddhesh

Show replies
Show replies
former_member185954
Active Contributor
‎03-25-2015 12:55 PM
0 Kudos

Apologies Mohammed,

Ignore my previous message, I noticed that you are trying to use SPNego for authentication with ABAP only.

Check the blog, scroll to the bottom of this blog and check a message from Donka Dimitrova, coincidentally, she has mentioned the pre-requisites that need to be established before you can use SP-Nego for ABAP only scenario.

Regards,

Siddhesh

Former Member
‎03-25-2015 1:02 PM
0 Kudos

Thanks a lot for the links, but I have already configured SPNEGO in ABAP scenario. It is working fine. But the same is not authenticated for 8000 ports in SICF, always User id and password popping out. This configuration not working in this scenario. Regards, Mohammed Imran

former_member185954
Active Contributor
‎03-25-2015 1:45 PM
0 Kudos

Hello Mohammed,

Is there any trace record after the line: 

SPNegoValidateToken: Error when parsing received SPNego token via sec_kerberos_spnego_ParseToken

There must be something else also mentioned below the above line in the trace.

Regards,

Siddhesh

Former Member
‎03-25-2015 1:51 PM
0 Kudos

Yep, when the link is opened I am getting HTTP 401- Unauthorized and in the traces what I can see is

/sap/bc/nwbc/srm ----> Logon Error

/sap/bc/nwbc/srm/ticketissuer ---> Logon Error

Its been so hard to identify the exact cause.

Appreciate your follow up, but need to resolve my dear friend.

Regards,

Mohammed Imran

former_member185954
Active Contributor
‎03-25-2015 2:07 PM
0 Kudos

Hello Mohammed,

I am keen to improve my understanding on SSO functionality, hence I am interested in knowing how this problem can be resolved.

The reason I asked you about trace record

SPNegoValidateToken: Error when parsing received SPNego token via sec_kerberos_spnego_ParseToken with error return code:

Because that is a generic statement, however the statement that follows the above statement generally points to the root cause.

I suppose you have already looked at the following note

1732610 - SPNego ABAP: Troubleshooting Note

if you already have, I'll stay quiet and watch this thread

Regards,

Siddhesh

Former Member
‎03-25-2015 2:15 PM
0 Kudos

Thanks for the prompt reply, I've checked the note and every point in it. Let's see who will reply with an appropriate solution. Regards, Mohammed Imran

Ask a Question