11-08-2018 10:34 AM
Hi all,
I've founded documenation on how to configure and generate SAML Assertion for SOAP WS.
However now I'm looking for a way to use SAML Asertion with OData to logon a user.
Do you have documentation on this suject ?
Our situation is the following :
The user connect to a third party application using it's own logon process (Azure AD).
This application contact a IBM DataPower with a JWT (JSON Web Token). Once verified the DP should generate a SAML assertion and push the OData request to the SAP NW GW.
For instance the request could by :
GET /sap/opu/odata/SAP/YTBE_SAML_SRV/?$format=json
Any help or guidance will be appreciated as documentation barely exists at SAP.
12-11-2018 2:11 PM
Hello Taryck,
as checked this scenario is currently not supported.
SAML tokens can be used for achieving principal propagation with SOAP Webservices and OAuth2.
Thomas
11-08-2018 10:59 AM
Hi Taryck,
have you tried Google?
https://www.google.de/search?q=saml+sap+gateway&ie=&oe=
The first three hits deliver:
https://wiki.scn.sap.com/wiki/.../Single+Sign-On+with+SAML+2.
Diese Seite übersetzen09.06.2017 - The first is an explanation of how SAML 2.0 based authentication works from the public internet to an SAP NW Gateway server. The second is ...
Availability of SAML 2.0 List of topics SAML 2.0 in AS Java SAML 2.0 in AS ABAP sap saml web dispatcher sap saml log saml identity federation sap sap saml 2.0 abap sap secure login server saml sap sicf saml11-09-2018 1:42 PM
Of course :
With SOAP we've found within note 1254821 the expected SAML assertion format supported by SAP.
We've made the SAML2 configuration for both Trust IDP and STS. Thay are activated however the SSO Failed and we do'nt know why.
That's why I'm looking for a documented how like the one in note 1254821 (that is for SOAP) but for OData SAML.
AND/OR for OData OAuth that seams more complex.
Note 2443156 (SAML 2.0 SSO with AS ABAP - Guided Answers) provide a question tree to trouble shout the SMAL 2.0 SSO but we can't chose and answer to the 2nd question so we do not get any guidance...
12-11-2018 2:11 PM
Hello Taryck,
as checked this scenario is currently not supported.
SAML tokens can be used for achieving principal propagation with SOAP Webservices and OAuth2.
Thomas