Skip to Content
avatar image
Former Member

Issuer of SSO ticket is not authorized

I have configured EP for Login using Login tickets and I am getting the following message : Issuer of SSO ticket is not authorized.

What do I need to configure

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

6 Answers

  • Best Answer
    Jun 05, 2006 at 09:02 PM

    Single Sign-On (SSO)

    This procedure below, is for the same username in EP and SAP R/3 backend system.

    1) Export Certificate from Portal

    System Administration->System Configuration->Key Store Administration

    2) In SAP R/3 System assign these roles to the user and restart the system.

    SAP_BC_JSF_COMMUNICATION

    SAP_BC_USR_CUA_CLIENT_RFC

    3) go to Transaction -> RZ10

    • Choose Instance profile and Choose Extended Maintenance and Change

    • Set these parameters

    login/accept_sso2_ticket 1

    login/create_sso2_ticket 0

    4) go to Transaction -> STRUSTSSO2

    Give the File path and choose Binary Format (Upload .der file).

    Then Choose Add to ACL

    We can get the WPS System value from Certificate, and WPS Client 000.

    5) Test the Digital Signature

    Go to Transaction -> SS02

    You should be able to see the screen like this.

    Now we can create system in EP and directly access with SSO without providing user name and password.

    -Pavan

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Jun 05, 2006 at 08:31 PM

    Hi Prince,

    There are few things which you need to do

    1) Portal Server identity needs to be entered in the backend system

    2)Also the Portal Server’s public-key information should be made available to the backend system.

    If you are configuring SSO with R/3, check this out

    http://help.sap.com/saphelp_nw04/helpdata/en/d3/41c8ecb31d11d5993800508b6b8b11/frameset.htm

    http://help.sap.com/saphelp_nw04/helpdata/en/d3/41c8ecb31d11d5993800508b6b8b11/frameset.htm

    Regards,

    Piyush

    ps: please mark all useful answers.

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member

      Link Title: Configuring SAP Systems to Accept and Verify SAP Logon Tickets

      Best Regards,

      Christian

  • avatar image
    Former Member
    Jun 05, 2006 at 11:11 PM

    Hi prince,

    I had exactly the same problem and my solution was that in UM Configuration the parameter login.ticket_client=000 was not set.

    I hope this will be useful for you.

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Jun 21, 2006 at 03:19 PM

    Thank you everyone. I had to remove the certificate from R/3 and import it again.It is now working. The problem is it is displaying the login sceen initially.

    How can I remove this final loophole.

    Thank you in advance

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Dec 18, 2006 at 07:43 PM

    I am having trouble with a message when I tried to publish query or template to the portal "Incoming call is not authorized", I was wondering if this is similar to the Issuer of SSO ticket is not authorized" - any ideas and help?

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Feb 25, 2015 at 01:22 PM

    all the above steps are correct sir but still i am facing the same issue is there any deep drill resolution on this activity sir.

    actually the certificate has been implemented in QTY system in 2012 with validity till 2032 and it is present in both the tabs (ACL) also. is there any other possibility to resolve this issue?

    Add comment
    10|10000 characters needed characters exceeded