Skip to Content
avatar image
Former Member

NW Single Sign-On implementations queries

Dear Team,

We are in the process to implement the NW Single Sign-On for our SAP and non-sap systems.

We have done the implementations as follows :

Implementing Single Sign-On with X.509 Certificates

I) Secure Login Server

  1. We installed NW 7.4 and Secure Login Server 2.0 SP5
  2. Imported Root CA to client
  3. Secure Login Library
  4. Extract Secure Login Library on target SAP system .
  5. SNC configuration
  6. Create AS ABAP SNC X.509 Certificate and Import
  7. Configured UME for MS AD
  8. Initialized the Secure Login Server
  9. Activated SSL
  10. Configure SPNEGO (keyTab)
  11. Activated SPNEGO

II) Secure Login Client 

  1. Applied Policy Registry files (ProfileDownloadPolicy_xxx.reg)
  2. Installed SL Client

III) Configure SNC User Mapping for SAP AS ABAP

Now SSO has been successfully tested on SAP ABAP system using below link and it’s working without any issue.

http://scn.sap.com/community/sso/blog/2012/08/17/how-to-configure-sap-netweaver-single-sign-on-with-certificates-out-of-the-box

But we have some queries on below points :

  1. How to implement the SSO for Java portal ( SAP NW 7.0 EHP 1 ) with AD authentication and using IDP?( FYI already Java portal UME data source is ABAP system and user ID of Java portal and AD are not same)
  2. How Sales force SSO can be added in same AD authentication NW SSO using SAML ?
  3. Is it possible to activate the AD password reset capability through SAP NW SSO 2.0?
  • Could you please guide and provide me any step wise procedure documents other than SAP hep link on all above points  ?

Thank you all in advance !

Regards,

Niu

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • Best Answer
    Sep 29, 2015 at 09:40 AM

    Hello Niu,

    The SAP NW version that you are using is too old and doesn't support SAML 2.0.

    We usually recommend to customers to consider an upgrade if they want to benefit from the new technologies/capabilities we offer.

    If you anyway decide to stay with this SAP NW version, you can simply implement SPNego for SSO to the Portal. See the SAP Note: 1488409 - New SPNego Implementation

    AD password reset service is available with the SAP Identity Management product. See, more details here: SAP Identity Management 8.0 – SAP Help Portal Page

    Regards,

    Donka Dimitrova

    Add comment
    10|10000 characters needed characters exceeded