cancel
Showing results for 
Search instead for 
Did you mean: 

SSO Ticket ,it's not working in different Domain

Former Member
0 Kudos

We have a problem with SSO in different domain:

When we login to the portal through Web dispatcher and using different domain then SSO Ticket is not working.This is our situation:

in Domain I we installed :

Nw04 Ep6 SP15

App1

In Domain II (DMZ domain)

SAP WEB Dispatcher

App2

App1 and App2 are using CRM backend that is in Domain I

we have a SSO ticket between our Portal and CRM.

If we login to portal directly from Domain I SSO ticket working properly and we can connect directly to App1 and App2,

but if we login to Portal Through Web dispatcher ,That's in Domain II, SSO ticket is working for App 1 and it's not working for App2.

In portal I set this parameter in UME ume.security.relax.domain.level=2

Could you please let me know ,what should I do to fix the issue?

Thanks,

Maryam

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
0 Kudos

Hi Maryam,

I think there is a SAP note to solve this issue. I think the note no is 588960

Regards

Arun

darrell_merryweather
Active Contributor
0 Kudos

Is the domain for both servers relaxed 2 levels. Not too sure whether you are aware, but the SSO ticket is domain sensitive, i.e. the portal and CRM applications need to be accessed using the same domain, therefore not only the portal needs to have its domain relaxed, but also the applications that you are trying to perform single sign on with

I hope this helps

D

Former Member
0 Kudos

Hi Darrell,

Thanks for your answer,I'm just wondering how can I relax domain on J2ee,I already did in Portal. By the way our Portal and CRM is on the same domain but App2 (ISA, Biller Direct) is on the different domain.

Thanks,

Maryam

Former Member
0 Kudos

Hi Darrell,

Thanks for your answer,I'm just wondering how can I relax domain on J2ee,I already did in Portal. By the way our Portal and CRM is on the same domain but App2 (ISA, Biller Direct) is on the different domain.

Thanks,

Maryam

Former Member
0 Kudos

Hi Darrell,

Thanks for your answer,I'm just wondering how can I relax domain on J2ee,I already did in Portal. By the way our Portal and CRM is on the same domain but App2 (ISA, Biller Direct) is on the different domain.

Thanks,

Maryam

Former Member
0 Kudos

Hi Darrell,

Thanks for your answer,I'm just wondering how can I relax domain on J2ee,I already did in Portal. By the way our Portal and CRM is on the same domain but App2 (ISA, Biller Direct) is on the different domain.

Thanks,

Maryam

Former Member
0 Kudos

Hi Darrell,

Thanks for your answer,I'm just wondering how can I relax domain on J2ee,I already did in Portal. By the way our Portal and CRM is on the same domain but App2 (ISA, Biller Direct) is on the different domain.

Thanks,

Maryam

darrell_merryweather
Active Contributor
0 Kudos

The domain cannot (I don't think) be done directly on the J2EE server, but has to be done in the web application.

To relax the domain the following code will need to be added to any application (not the portal) where required

// Domain relaxing

if ( document.domain.indexOf(".") > 0 ) document.domain = document.domain.substr(document.domain.indexOf(".")+1);

D

Message was edited by:

Darrell Merryweather