cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

regarding SSO setting

Go to solution
Former Member

on ‎04-24-2009 1:34 AM

0 Kudos

hi all,

Can you suggest me how to make SSO setting for IDM,EP and ABAP?

Do we need to make SSO setting for below combination of systems.

1) IDM - EP

2) IDM - ABAP

3) EP - ABAP

or SSO setting for Just IDM -EP and IDM- ABAP is enough

please confirm.

regards

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎04-29-2009 3:13 PM
0 Kudos

Hi Jai,

Only IDM UI can be configured for SSO either using kerberos authentication or certificates, but not for full solution(IC MMC)

SSO needs to be configured for ABAP & EP as per Netweaver Guidelines.

NW IDM is to manage identities means provisioning & deprovisioning users to ABAP or EP.

regards

Anand.M

Show replies
Show replies

Answers (1)

Answers (1)

bastian_kromer
Explorer
‎04-27-2009 7:34 AM
0 Kudos

Hi Jaichan,

usually your IDM will be configured to manage identities of the EP and your ABAP Systems. Then you can use SSO for the Portal itself (mostly by using Kerberos authentification); and SSO for ABAP Systems by enabling ticket (certification-) exchange from EP to the ABAP backend.

Hope this covers your question..

regards,

Bastian

Show replies
Show replies
tim_alsop
Active Contributor
‎04-27-2009 8:10 AM
0 Kudos

> 

> usually your IDM will be configured to manage identities of the EP and your ABAP Systems. Then you can use SSO for the Portal itself (mostly by using Kerberos authentification); 
yes, I agree. Using Kerberos authentication allows Active Directory domain to be used as authentication server.
> and SSO for ABAP Systems by enabling ticket (certification-) exchange from EP to the ABAP backend.
If you want SSO for SAP GUI logon to ABAP systems, then SSO2 ticket trust for SSO is not sufficient. Instead, a lot of companies configure SNC authentication to ABAP systems, also using Kerberos - then the user logged onto workstation is authenticated to ABAP systems as well as Poral and other web enabled SAP applications. Obviously, if your Portal application communicates with ABAP system then SSO2 ticket trust method is also required.

Ask a Question