Skip to Content
0
Jun 20, 2020 at 03:37 PM

Identity Federation Issue on SAP Gateway

89 Views

Hi,

We're trying to set up SSO on our SAP Gateway system so that user authentication for our UI5 apps will be handled automatically. We've followed the steps on this wiki (https://wiki.scn.sap.com/wiki/display/Security/Automatic+User+Account+Creation+and+Update+using+SAML+2.0+in+AS+ABAP#AutomaticUserAccountCreationandUpdateusingSAML2.0inASABAP-ImplementanSAPNote1799402(onlyASABAP7.02SP12)), this SAP help page https://help.sap.com/viewer/f118a8960caf41808bd374e28a834f58/1709.000/en-US/f4a4aa9a3f9e47e09f5cc2eeb017c1ec.html), and have also checked out the SNote 1799402. But, we end up stuck when configuring things on the SAML2 tcode because when we select the option for Persistent users, the option for Automatic Account Creation option is not showing up even if it's already set up as part of the value range of the SAML2_FEDERATION_MODE_NEW domain under the the SAML2_CORE package.

The SAML2 service in SICF is already set up as instructed. The right handler class is configured in the service and active. The BAdI required for automatic user creation and update also already exists in the system.

We need the Automatic Account Creation option to work because we have over 20-30 thousand users for the app, and we can't manually create accounts for all of them.

Can anyone help me out with this?