on 03-25-2015 10:29 AM
Dear Members,
Need valuable comments and solutions with regards to my question below.
My requirement is to configure Single sign on for ABAP application server. I have 2 requirements
1.) This is my SRM server (EHP2 FOR SAP SRM 7.0) where in ABAP SNC configured based on below document 2 video
http://scn.sap.com/docs/DOC-40178
--> Successfully configured and single sign on working based on AD user id and password.
2.) secondly I want to configure a solution for /sap/bc/nwbc/srm based on 8001 or 8000 ports. Let me make one thing clear this is only ABAP based server.
Always I am getting a pop-up for user id and password. But the problem is now the authentication is done from AD not from the ABAP user master record.
How can I achieve this? I tried the 2 video step by step but still I am facing issue, I traced from SPNEGO transaction and found the below:
SPNegoValidateToken: Error when parsing received SPNego token via sec_kerberos_spnego_ParseToken with error return code:
I am not clear what is missed by me and what yet had to be implemented.
Basically how can I achieve single sign on for 8000 ports on ABAP system.
Appreciate quick response.
Thanks & Regards,
Mohammed Imran
Hello Mohammed,
Assuming you have SSL Server PSE and SSL Client PSE setup and are trusted by your company CA, your company CA will then need to issue a user certificate for the user that you wish to login into SAP with ( I assume this will be your AD userid) .
This user certificate will need to be imported into your browser and some additional steps on ABAP to ensure it recognizes the user certificate when presented by the browser.
Check the following blog for pointers.
Regards,
Siddhesh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Apologies Mohammed,
Ignore my previous message, I noticed that you are trying to use SPNego for authentication with ABAP only.
Check the blog, scroll to the bottom of this blog and check a message from Donka Dimitrova, coincidentally, she has mentioned the pre-requisites that need to be established before you can use SP-Nego for ABAP only scenario.
Regards,
Siddhesh
Yep, when the link is opened I am getting HTTP 401- Unauthorized and in the traces what I can see is
/sap/bc/nwbc/srm ----> Logon Error
/sap/bc/nwbc/srm/ticketissuer ---> Logon Error
Its been so hard to identify the exact cause.
Appreciate your follow up, but need to resolve my dear friend.
Regards,
Mohammed Imran
Hello Mohammed,
I am keen to improve my understanding on SSO functionality, hence I am interested in knowing how this problem can be resolved.
The reason I asked you about trace record
SPNegoValidateToken: Error when parsing received SPNego token via sec_kerberos_spnego_ParseToken with error return code:
Because that is a generic statement, however the statement that follows the above statement generally points to the root cause.
I suppose you have already looked at the following note
1732610 - SPNego ABAP: Troubleshooting Note
if you already have, I'll stay quiet and watch this thread
Regards,
Siddhesh
User | Count |
---|---|
93 | |
11 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.