Skip to Content
0
Oct 27, 2020 at 02:01 PM

SAP SCP Principle propagation with SAP As Java On-premise -- not working

191 Views

Hi,

We need to configure Principle Propagation in SAP Document Center to connect KM Repository on SAP Portal (On-Promise)

Follow the document :

To connect KM-repository:

https://blogs.sap.com/2016/03/14/how-to-connect-an-on-premise-km-repository/

To setup Principle Propagation with KM-repository:

https://blogs.sap.com/2016/03/14/connect-sap-hana-cloud-platform-to-an-on-premise-sap-as-java-using-sap-assertion-tickets/

in comments someone has mentioned about principal propagation with SAP Java.

and

https://help.sap.com/viewer/cca91383641e40ffbe03bdc78f00f681/Cloud/en-US/2e962873ace64b108a58b69d43f09a5e.html

Issue:

To login in Document center we have AZURE AD integration where user is login with username@domain.com

once user is authenticated , it try to access KM documents from on premise , resulting in 500 error with Authentication failed.

after checking trace on SAP Java (Portal) find out that somehow short-live x.509 certificate is not generate for login user , instead of that it's try to authenticate for SAP Cloud connector X.509 certificates and did not find any user for that to authenticate.

Mapping in SAP Portal for Client certificate logon as below:

Rule1.AttributeName = CN, Rule1.UserMappingMode = Email, Rule1.getUserFrom = subjectName

any help will be appreciate,

Thanks & Regards,

Kaushal