cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP ABAP stack SSO using SAML 2.0 using Identiy provider as ADFS

palaniappan_shanmuganatha
Discoverer

on ‎10-29-2015 6:20 PM

0 Kudos

Hi All,

We are planning to implement SSO for ABAP stack using SAML 2.0 as service provider and ADFS as the Identity provider.

Could you pls share across some links or the documents to start up with the SSO configuration.


Will the above procedure will enable the enduser will be able to logon thru SAP GUI with out prompting for password.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

donka_dimitrova
Contributor
‎10-30-2015 9:13 AM
0 Kudos

Hello Palaniappan,

SAML is a public standard for Web applications and SAP GUI for Windows is not such application.

You can implement this scenario by using the Secure Login Server (SAP Single Sign-On product – license required).

Please, find a blog on this topic: SAML 2.0 and SAP GUI Single Sign-On in one and the same scenario

Please, find also a blog how to configure SAML authentication for Secure Login Server, relevant for this scenario:Configuring SAML 2.0 Authentication for your Secure Login Server

Please, find also the documentation how to configure AS ABAP as SAML Service Provider:

http://help.sap.com/saphelp_nw75/helpdata/en/4a/b6df333fec6d83e10000000a42189c/content.htm?frameset=...

Please, find also this wiki with some guides regarding SAML support:

http://wiki.scn.sap.com/wiki/display/Security/Single+Sign-On+with+SAML+2.0

Best Regards,

Donka Dimitrova

Show replies
Show replies
palaniappan_shanmuganatha
Discoverer
‎11-02-2015 5:30 PM
0 Kudos

Thanks a lot Yuksel and Donka ..

If the customer wants to use SAP WEB GUI rather than SAP GUI .. still we can implement ABAP single sign on using SAML as the service provider and ADFS as Identity provider over the internet .Pls correct me if my understanding is wrong...

Just came across the below link .If i follow the below link for configuraiton wil the customer will be able to access the system using SAP web gui with single sign on using saml protocol.

Pls correct me if i am worng.

http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/b078814a-49f9-3110-21a6-f5436e5f0...

donka_dimitrova
Contributor
‎11-03-2015 8:00 AM
0 Kudos

Hello Palaniappan,

Yes, the AS ABAP supports SAML as a Service Provider and the SAML scenario is working streignt forward when customers are using SAP GUI for HTML and a standard SAML Identity Provider like the one from Microsoft or our SAP SAML IDP (SAP Single Sign-On product).

Regards,

Donka Dimitrova

yakcinar
Active Contributor
‎10-29-2015 9:51 PM
0 Kudos

Hello,

If you are using SAML you must install SSO Server (NW + SSO 2.0 Add-on).

You can check below links,

Single Sign-On with SAML 2.0 - Security and Identity Management - SCN Wiki

https://websmp210.sap-ag.de/~sapidb/012002523100009396052014E.pdf


1808526 - Release Note SAP NetWeaver Single Sign-On 2.0


You can read below blog also;


Yes, end users will loin to systems without entering additional passwords.

Regards,

Yuksel AKCINAR

Show replies
Show replies
Ask a Question