Our customer has a web application which uses SAML2 to authenticate users in its Identity Provider (e.g. AD FS). This web application is accessed from a custom ABAP program in ECC which uses the component SAP HTML Viewer to open the web application.
Our customer wants to achieve Single Sign On with this scenario. His requirement is:
1. User logs in his computer providing its user/password.
2. User access SAP ECC
3. User executes the ABAP Program transaction, which opens the web application. User should not need to type user and password again, because he is already authenticated (Step 1).
At this moment, we have the following situation: user is able to access the web application, but he has to type his credentials. If the user does not leave the ABAP Program transaction and tries to access the web application again, he does not need to type the credentials again. However, if he leaves the transaction and then access it again, the web application asks for the user/password.
I believe this is the standard behavior of the lifetime management of the component HTML Viewer, but I was wondering if anyone can suggest a solution to allow SSO in this scenario.