Skip to Content
0
Former Member
Apr 16, 2007 at 03:50 PM

Issuing SSO with different domain

184 Views

Hi to everyone,

I have done the configuration for multiple domains like decribed in the blog Issuing the Logon Tickets for Multiple Domains in EP6 (we have no sub domains so domain relaxing does not work in our case). We are using sap portal NW04s (domain 1) in combination with mySAP ERP 2005 (domain 2) and an IIS (domain2).

Everyone was done succesfully, the ISAPI Filter shows a green status and I have created all points like in this blog. I have also uploaded a par file from an sap note (SSOSupport.zip) to check if the cookie is working succesfully in portal and it shows correct parameters on getting portal user, sap backend user and so on from created cookie.

But if I switch from user mapping to ticket in jco destinations (for ESS) they all show an error:

<b>com.sap.mw.jco.JCO$Exception: (103) RFC_ERROR_LOGON_FAILURE: issuer of SSO ticket is not authorized</b>

Although the user is existing exactly in portal and sap backend with sap_all and sap_new role. I also have deleted and created these destinations again, with no success.

Any ideas, what could be the problem? Helpful answers will be rewarded.

Regards,

Frank