on 03-11-2017 12:02 AM
Hello,
We have been using logon tickets from our portal to SSO into our ECC system. There is a requirement for an application to activate SNC on ECC, and setup SAP Win GUI with SNC parameters.
We did not find any blogs or SAP Notes as to the compatibility. Does the Logon ticket authentication from Portal to ECC still work, if we enable SNC on ECC/Win GUI?
thanks,
Sudhir
Hi, the SAP CommonCryptoLib must not be used in Single Sign-On scenarios without the need to acquire the SAP Single Sign-On 3.0 solution from SAP. Same applies for the "special" implementation and function-reduced variant SNC Client Encryption, where the same SNC library may be used on your ECC backend - but you are not allowed to combine SNC from client (SAP GUI) to server with SAP Login Tickets, even though it is technically possible to operate such a scenario. Not talking here about any other 3rd party SNC library implementation, not officially supported by SAP SE.
As soon as you drive SAP GUI with SNC, according to the standard, authentication should be done by standardized security token such as Kerberos Tickets or X.509 certificates.
See SAP Note 2117110: Recommendation to Replace SAP Logon Tickets with SAP Single Sign-On Solution.
Regards,
Carsten
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi - I don't believe there is any issue here. Logon tickets will use the System PSE (accessed via transaction STRUSTSSO2) and not the SNC PSE therefore there is no conflict between the two mechanisms. Remember SAP Single Sign On uses the same crypto library SAPCommoncryptolib that is used as standard in the ABAP server.
Regards,
Chris
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I looked at this https://archive.sap.com/discussions/thread/1360538 answer from Tim Alsop, but does not directly answer the question.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
87 | |
10 | |
10 | |
9 | |
7 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.