Skip to Content

vint_trustedGetUsername=true - SSO works from appserver but not from webserver

What do I need to do on the web server to allow SSO?

I can find documentation for SSO but it all seems to end at the appserver.. nothing on configuring the web server to make it work.

web server, tomcat/app server on Linux

split deployment - apache web server, tomcat on appserver

SSO to /BOE/BI works fine for http://APPSERVER:8080/BOE/BI


- from outside domain i get:

<html><head><SCRIPT>location.replace ( 'VintelaErrorServlet?vint_backURL=%2FInfoView%2Flogon.faces&vint_trustedGetUsername=true');</SCRIPT></head><body></body></html>

- from inside domain I am prompted for a username and password. if i do not give the username/password, I get the above error. If I do provide the username and password, I get the BI login screen, but no SSO happens.

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

2 Answers

  • Best Answer
    Apr 17, 2018 at 01:17 AM

    If you can access SAP support the white papers on setting up SSO all state this (as did the previous reply) our new KBA says

    "Create SPNs (In this example SPN's for CMS, and tomcat server FQDN and hostname are created) To NOTE: more SPN's will be needed if multiple web/apps DNS redirects, load balancers (the rule of thumb is to create FQDN and hostname for each URL that will be accessed by SSO i.e. url = then the corresponding SPN's would be HTTP/loadbalancer and HTTP/"


    Add comment
    10|10000 characters needed characters exceeded

  • Apr 16, 2018 at 01:48 PM

    This is Win AD, right? You probably need an SPN for the web server's host name.

    Add comment
    10|10000 characters needed characters exceeded