cancel
Showing results for 
Search instead for 
Did you mean: 

Expired or initial passwords with SPNego

mario_marschall
Participant
0 Kudos

Hi,

we're implementing a SAP Enterprise Portal right now using SPNego as the method of authentification. The UME of our Portal is connected to our HCM-ABAP-System. In HCM we set the parameter login/password_change_for_SSO to 0 so the status of a PW (e.g. initial or expired) is not relevant when using SSO. This works fine for our HCM, but of course not for the Portal which is only connected to HCM via the UME.

Anybody got an idea how to have our portal react the same way to initial and expired passwords? I couldn't find anything so far...

Accepted Solutions (0)

Answers (2)

Answers (2)

mario_marschall
Participant
0 Kudos

Just in case anybody else is experiencing our problem:

In the UME Provider (Service accessed via Visual Administrator) you have to set "ume.logon.force_password_change_on_sso" to false, that's all...

Former Member
0 Kudos

Hi Mario,

Though I can't provide you the solution, I have a query...

If my guess that you have implemented SPNego authentication, you are trying to implement Kerbero's Authentication.

Please let me know if you are able to configure Portal for Kerbero's authentication. We tried to implement the same with CRM+Portal, we were able to configure SAP GUI for Kerbero's authentication, but with portal, we were not able to implement.

When we changed the UME configuration file, portal went down. We raised an OSS note, and got reply stating that "Kerberos authentication can not be implemented for ABAP+Java stack. For portal to support Kerbero's authentication, it should be a separate installation.

If you are able to configure portal for SPNego, and able to run the SPNego wizard successfully, please let me know.

Regards,

Nrisimhanadh

mario_marschall
Participant
0 Kudos

We are using Kerberos, alright. But our portal IS a separte Installation, so I guess I can't help you, sorry...