Skip to Content
author's profile photo Former Member
0
Former Member

Saml bypass /irj

Posted on Aug 06, 2016 at 10:38 AM 350 Views

I had configured Sap Portal /irj with saml but I would like bypass the Saml login module while we tested the configuration. we set the parameter ?saml2=disable in the Url and the headers as this discission and it don't work

this is my stack

EvaluateTicketLoginModule SUFFICIENT
BasicPasswordLoginModule REQUISITE

SAML2LoginModule OPTIONAL
CreateTicketLoginModule OPTIONAL

Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

1 Answer

  • author's profile photo Amy Lv
    Amy Lv
    Posted on Aug 09, 2016 at 04:33 AM
    0

    Hi Gomez,

    The correct parameter should be ?saml2=disabled see SAP Note 1874339 for more details.

    And the correct login module stack for 'ticket' should be:

    1. EvaluateTicketloginModule SUFFIECENT
    2. SAML2LoginModule OPTIONAL
    3. CreateTicketLoginModule SUFFIECENT
    4. BasicPasswordloginModule REQUSITE
    5. CreateTicketLoginModule REQUSITE

    See SAP Note 2273981 for details.

    Hope this could help you!

    Amy

    Add a comment
    10|10000 characters needed characters exceeded

    • Lutz Rottmann Former Member
      Aug 23, 2016 at 02:21 PM

      Hi Raul,

      there are some significant differences between ABAP and JAVA.

      Deactivating SAML via query string parameter saml2=disabled is the same on both ABAP and JAVA.

      Deactivating SAML via HTTP-Header x-sap-saml2: disabled only works in ABAP. I did not find an equivalent HTTP Header for JAVA yet.

      Choosing an IDP via query string saml2idp=MyIDP works for both ABAP and JAVA.

      Choosing an IDP via HTTP-Header is x-sap-saml2idp: MyIDP for ABAP and saml2idp: MyIDP for JAVA.

      Since the x-sap-saml2 header for AS ABAP is not officially documented yet, there might be an unknown equivalent solution for AS JAVA. @ @Dimitar Mihaylov and Former Member : Can you shed more light on this?

      Regards,

      Lutz

      Message was edited by: Lutz Rottmann

    Comment on This Answer

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.