Skip to Content
author's profile photo Former Member
Former Member

Regarding SSO!!

Hello Guru's,

In our production environment we have 2 different group of users

1. Having access to backend ecc system

2. Not having access

Now issue is people whos don't have access to backend ecc system there password is set to initial and we don't have any problem with these users

Now who have access to backend ecc system their password expires every 90 days and because of this the users accessing portal applications are getting login screen for all the applications for which it has to access the backend for example Web Dynpro for ABAP application.

And we did set the parameter login/password_change_for_SSO to 0 which overcomes the login problem.

Now the issue is only with people having access to backend ecc system? How to overcome this issue.

Any inputs are appreciated.

Thanks in advance for your time.

Cheers-

Pramod

Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

3 Answers

  • Best Answer
    Posted on Feb 18, 2009 at 08:31 PM

    Hi,

    I think you should focus on the core problem and not on all the workarounds. You've set the parameter login/password_change_for_SSO that should prevent asking the users to change their passwords.

    There are other parameters that you can configure on you ECC. SAP Help: http://help.sap.com/saphelp_nw04s/helpdata/EN/22/41c43ac23cef2fe10000000a114084/content.htm

    Have you set login/accept_sso2_ticket?

    How is the ECC system and SSO configured in your portal? For the ECC system in question, do you use the SAP Logon Ticket or is there user mapping activated?

    Logon method is set to SAPLOGONTICKET or UIDPW?

    Ticket typ for authentication is SAP Logon Ticket?

    And the user atribution? Is it empry or admin, user or admin,user?

    First check this values. If UIDPW is activated, the users are entering their password for the ECC, meaning: when the password get's changed in the ECC, they cannot login anymore and are getting the "Change Password" screen.

    br,

    Tobias

    Add a comment
    10|10000 characters needed characters exceeded

    • Former Member

      Hey Tobias,

      Thank you for the reply.

      We have configured SSO based on SAP Logon Ticket and user atribution is set to admin, user.

      And without setting login/accept_sso2_ticket this parameter how will lock enabled for the user session?

      Any other ideas?

      Thanks,

      Pramod

  • author's profile photo Former Member
    Former Member
    Posted on Feb 17, 2009 at 11:27 PM

    One option is to deactivate the user passwords in the ECC system for people who use the portal to access ECC. This stops them needing to change their password all the time.

    Add a comment
    10|10000 characters needed characters exceeded

  • author's profile photo Former Member
    Former Member
    Posted on Feb 18, 2009 at 03:12 PM

    You can configure your ECC as user store for portal. All the users with ECC access will stay in ECC but their role assignment will be in portal. With this, they will be prompted to change their password (After 90 days) when they login into portal .

    Add a comment
    10|10000 characters needed characters exceeded

    • Former Member Former Member

      Hi,

      You need not assign any roles or some thing else. The end user is the just chaging the password for the mapped backend system thats it. There is no question of roles and other things.

      Generally our end users do the same thing. In the masthead you will get an option called personalize, they can just change their password.

      Regards,

      Vamshi.

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.