on 07-08-2015 3:44 PM
Hello Community,
with 4.1 SP6 it should be possible to use SSO to login to the CMC. Does this feature work for anyone? SSO (WinAD) to the BI Launchpad is working fine, but when trying to open the CMC the standard login window shows up.
Do we need to configure anything to get this work?
Thanks in advance!
BR,
Michael
I have not tried it yet. But there are supporting SAP knowledgebase ( 2128490 - Unable to logoff the CMC for winAD SSO) that it works in SP6.
Following steps are mentioned in SP6 Admin Guide to configure the same.
---------------------------------------------------------------------------------------------------------------------
9.1.3.1.1 Enabling Single sign-on for CMC
To enable SSO for CMC, follow the below mentioned steps:
On the client side, cache has to be cleared before the initial CMC setup. Else, the Enterprise authentication method will be cached.
On Tomcat server, perform the below mentioned steps:
1. On a system already configured for SSO for BILP, go to C:\Program Files (x86)\SAP BusinessObjects\tomcat\webapps\BOE\WEB-INF\config\custom.
2. Create a file CmcApp.properties and mention ○ sso.supported.types=vintela, trustedIIS, trustedHeader, trustedParameter, trustedCookie, trustedSession, trustedUserPrincipal, trustedVintela, trustedX509, sapSSO, siteminder ○ authentication.default=secWinAD in that file.
3. Restart tomcat. SSO for CMC is enabled.
---------------------------------------------------------------------------------------------------------------------
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Roberto,
according to the admin guide the current supported auth types are:
sso.supported.types=vintela, trustedIIS, trustedHeader, trustedParameter, trustedCookie, trustedSession, trustedUserPrincipal, trustedVintela, trustedX509, sapSSO, siteminder
SAP would recommend to raise an idea on the ideaplace for additional types.
BR,
Michael
Hi Roberto,
I believe it should work with the other authentication types as well since SAP has allowed the parameters "sso.types.and.order=" and "sso.supported.types=" for CMC.
You can try to configure trusted authentication using query string method and later you can test SSO with CMC using the enterprise authentication.
Query String Trusted Authentication will use the enterprise authentication. You can follow the SAP note:1593628 to configure TA with query string method.
Please consider following risks before configuring SSO with CMC.
~Swapnil
Hi Roberto,
A Good News !!!
I have just tested SSO using the enterprise authentication and it worked with both BILaunchpad and CMC.
I have used TA(QUERY_STRING) method to configure SSO with CMC and BILaunchpad in BI4.1SP06.
I have used the below two URLs:
In the admin guide it is nowhere mentioned that only Windows AD authentication is supported with CMC SSO. I guess it is just an example that they have used Windows AD authentication in the admin guide to describe steps to configure SSO with CMC.
Hope this helps.
~Swapnil
Sorry,
i have anoter question.
in the Administration guide are parameters described from CmcApp.properties.
But you have described the Parameter value HTTP_VALUE and this is normal a value from parameter trusted.auth.user.retrieval in global.properties
I'm not quite sure what paraters I need. And in wich files
chris
User | Count |
---|---|
84 | |
25 | |
12 | |
9 | |
6 | |
6 | |
5 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.