cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Multiple ABAP clients using saml2 to authenticate against adfs

brian_walker
Active Participant

on ‎02-10-2017 8:57 PM

0 Kudos

We have followed the documentation at http://www.sap.com/documents/2014/07/4e233a50-5a7c-0010-82c7-eda71af511fa.html and successfully setup login authentication in an ABAP client using SAML2 and ADFS. In some of our ABAP systems we have multiple clients (400, 410, etc) for testing. We have been unable to setup more than one client in each ABAP system.

In ADFS, we get the error that the relying party trust must be unique when trying to add the second ABAP client. I opened an SAP incident and the recommendation of SAP support was to use a virtual hostname to get around the uniqueness restriction in ADFS.

Is there any example documentation for setting up SAML2/ADFS authentication for multiple ABAP client numbers in the same SAP system?

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (3)

Answers (3)

steffen_schmid
Explorer
‎03-06-2020 12:40 PM
0 Kudos

Hi Brian,

We have the same problem described by you, but as I can see when I start transaction SAML2 in the second client, I get the "Local Provider" of the first client, therefore I think it's not possible to configure a second Local Provider in the second client inside ABAP system. From the perspective of the ADFS, the ABAP system is therefore one service provider regardless of how many clients it contains.

But the metadata.xml file I export from the SAML2 transaction and import into the ADFS ends up with the first client in the redirect links back to SAP system. How can I change my SAML2 configuration so that the ADFS sends the user back to the correct client? How should a virtual hostname solve this problem? Thanks for any information.

Kind regards
Steffen

Show replies
Show replies
rajagunasekaran
Discoverer
‎07-30-2019 3:03 PM
0 Kudos

Hallo,

Is anyone has any solution on this topic?

Regards,

Raja. G

Show replies
Show replies
rolfc_weber
Contributor
‎02-24-2017 9:19 PM
0 Kudos

Hi,

Sorry no answer to your question, but did you get working? Or could you elaborate on the answer you got from SAP support?

We are facing the same issue (using saml2 authentification from 2 ABAP clients in the same system against a adfs)

Thanks in advance

Rolf Weber

Show replies
Show replies
Ask a Question