Can some one explain the difference between SPNEGO and SAP Single-Sign-On? I see the Identity provider configuration and I am confused that the SAP SSO system will act as the repository of users like AD? Or will it Sync and keep another copy of the users in the SSO system? Please help me understand. Thanks.