on 12-08-2006 11:41 PM
We have a problem with SSO in different domain:
When we login to the portal through Web dispatcher and using different domain then SSO Ticket is not working.This is our situation:
in Domain I we installed :
Nw04 Ep6 SP15
App1
In Domain II (DMZ domain)
SAP WEB Dispatcher
App2
App1 and App2 are using CRM backend that is in Domain I
we have a SSO ticket between our Portal and CRM.
If we login to portal directly from Domain I SSO ticket working properly and we can connect directly to App1 and App2,
but if we login to Portal Through Web dispatcher ,That's in Domain II, SSO ticket is working for App 1 and it's not working for App2.
In portal I set this parameter in UME ume.security.relax.domain.level=2
Could you please let me know ,what should I do to fix the issue?
Thanks,
Maryam
Hi Maryam,
I think there is a SAP note to solve this issue. I think the note no is 588960
Regards
Arun
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Is the domain for both servers relaxed 2 levels. Not too sure whether you are aware, but the SSO ticket is domain sensitive, i.e. the portal and CRM applications need to be accessed using the same domain, therefore not only the portal needs to have its domain relaxed, but also the applications that you are trying to perform single sign on with
I hope this helps
D
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
The domain cannot (I don't think) be done directly on the J2EE server, but has to be done in the web application.
To relax the domain the following code will need to be added to any application (not the portal) where required
// Domain relaxing
if ( document.domain.indexOf(".") > 0 ) document.domain = document.domain.substr(document.domain.indexOf(".")+1);
D
Message was edited by:
Darrell Merryweather
User | Count |
---|---|
80 | |
24 | |
11 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.