Skip to Content
0

SMP 3.0 - SSO with Basic Authentication

Apr 02 at 08:23 AM

45

avatar image
Former Member

Hi Experts,

We are facing a weird issue while configuring SSO on SMP Server using Basic Authentication.

Our back-end data needs to be accessed over Rest web-services having basic authentication enabled. We are able to interact with the web-service using "Technical User(Basic)" as the SSO mechanism in the HTTP destination, for the odata development. However, when we tried using "Basic" authentication, and access the link through 8081 (one-way SSL port for client), we are not able to retrieve the data from the web-service.

We tried configuring the below security profiles.

  • Security Profile with only Directory Service (LDAP/AD) Provider in the stack.
  • Security Profile with only HTTP/HTTPS Authentication Provider

    in the stack.

In both the cases, we are able to successfully register using the credentials that was mentioned within Technical User(Basic), however, if "Basic" is used inside SSO mechanism, it does not work.

Is there any additional configurations that needs to be done for Basic Authentication to work to retrieve headers from Security Profiles?

Looking forward for a quick solution.
Cheers,
Vigil Geroge

10 |10000 characters needed characters left characters exceeded
Former Member

Hi Jitendra Kansal/Daniel Van Leeuwen/Former Member,

Looking to assistance on this topic. We are not able to interact using Basic SSO Mechanism, however, Technical User(Basic) is working fine.


Cheers,
Vigil George

0
* Please Login or Register to Answer, Follow or Comment.

1 Answer

Best Answer
Jitendra Kansal
Apr 04 at 01:49 PM
0

Vigil Jacob

I would suggest you to test it first via REST client and see what do you get when you make a GET call ?

in general,

For SSO Mechanism as BASIC >> Connects to the back end with the end user's user name and password. The provider that is configured in the security profile must authenticate the end user with a user name and password, for example, HTTP/HTTPS Authentication, Directory Service (LDAP/AD), or System Login (Admin Only).

reference: https://help.sap.com/viewer/313e7789125149b3b5bb6f1c7e1ea322/3.0.14/en-US/f42d4d70a886473997968f308505a62e.html?q=SSO%20mechanism

for example, if you choose "System Login (Admin only)" as authentication in Security profile with BASIC as SSO mechanism, during user registration you should be authenticated via SMP Admin user (e.g. smpAdmin) and when you make a GET call, you should be asked to enter backend id and password.

If there are still issues in this regard, i would recommend you to raise an OSS ticket. Hope this helps.

Regards,

JK

Show 1 Share
10 |10000 characters needed characters left characters exceeded
Former Member

Hi Jitendra Kansal ,

Thank you for the update. We tried what you suggested, but it was still not able to pass the basic auth headers to the backend. Meanwhile, we tried using Message.setHeader() function at groovy level, and explicitly tried passing the Basic Auth header and it worked for us.

Not sure why the default configurations did not work for us, but custom Groovy did the trick.

Thank you for your assistance as always!

Cheers,
Vigil George

1