Skip to Content
0
Former Member
Jul 27, 2010 at 06:16 AM

Unable to decrypt cookie in SSO between EP & .net application

75 Views

Hi All

I am trying to implement SSO between SAP EP and .net application.

Thogh .net application is recieving the cookie it is not able to decrypt it.

Please see the steps That I have taken

1. Prepare IIS server to accept and issue new Logon Ticket request

a. Download u201Ciis6_sso.dllu201D (for MS IIS 6.0) u201Ciis_sso.dllu201D (for MS IIS 5.0) and wpsso_v3.dll from SAP Note 442401.

b. Place these dlls in root folder of IIS (C:\Inetpub\wwwroot).

c. Open IIS -> default web site -> properties -> ISAPI filters. Click on add button and browse to C:\Inetpub\wwwroot\iis6_sso.dll. Give a filter name (IIS6 in example) and save it. Restart the IIS server.

d. Again open Open IIS -> default web site -> properties -> ISAPI filters. It should show IIS filter up and green.

2. Prepare asp component to accept and issue new Logon Ticket

a. Download sendSSO2Cookie.asp file from service.sap.com/ep60howtoguides -> u201CPerform Cross Domain Single Sign-On with SAP Logon Ticketsu201D and keep it in C:\inetpub\wwwroot folder.

b. Download verify.pse file from SAP EP and keep it in C:\inetpub\wwwroot folder.

c. Create sso.log file with no cntent in it at C:\inetpub\wwwroot folder.

d. Create verify.properties file with following input in it at C:\inetpub\wwwroot folder.

log_file=C:\Inetpub\wwwroot\sso.log

log_level=3

remote_user_alias=MY_SAP_USER

application=portal

pse_file=C:\Inetpub\wwwroot\verify.pse

3. Create a hidden iView in SAP EP which will send request to this asp

a. Create a new iView by selecting "New From Portal Archive u2013 iView" and select the portal application "com.sap.portal.appintegrator.sap" and the component "Generic" on the subsequent screens.

b. Specify iView name, id and namespace for the new iView, e.g.

SSO2Provider

4. Integrate this iView with SAP EP so that this is called at every time when user logs in

a. Open the framework page which is used for your portal users. By default it is at content administration -> Portal content -> portal content -> Portal user -> Standard portal user -> Default framework page.

b. Add your provider iView (SSO2Provider) to the page.

c. Save the framework page

SSO2Provider

com.sap.portal.howtos.sso

c. Mark the checkbox "Open for editing when wizard completes" and finish creation of the iView by clicking "Finish".

d. Set the iView properties as follows:

Fixed Height (Pixels): 0

Http RequestMethod: POST

Show Tray: No

URL template: http://myiisserver.tcs.in/sendSSO2Cookie.asp?MYSAPSSO2= >

e. Save iView.

f. On SAP edit the UME property ume.login.mdc.hosts to ume.login.mdc.hosts=http:// myiisserver.tcs.in/sendSSO2Cookie.asp

Please help me to resolve this issue.

Regards

Pratyush