We have been reading the forums and have read through some of the available whitepapers, such as Unleash the Power of Single Sign-On with Microsoft and SAP by Andre Fischer, et. al., but we still need advice on which direction to take and which solutions would work in our situation.
We need to implement SSO between our SharePoint system(s) and our SAP Portal system(s). Our SharePoint 2007 servers (soon to be migrated to SharePoint 2010) authenticate against Active Directory. Our SAP Portal environment (SAP NW 7.00 EhP1) also authenticates against AD (all systems in our SAP Portal landscape are on Windows 2008). SSO is already set up between the SAP Portal systems (issuer of SAP logon tickets) and the back-end SAP ERP systems.
We want to continue allowing our users to directly log on to the SAP Portal if they choose. However we now also want to allow the option for our users to perform their initial login on our SharePoint system.
Once logged on to SharePoint, we want to provide some convenient links within the SharePoint Portal that open a new browser Window and take the user directly inside the SAP Portal to access a specific application, without requiring the user to log on to the SAP Portal. The user should then be able to navigate around the SAP Portal as usual, as if he/she had initially logged on to the SAP Portal. For these users who initially log on to SharePoint Portal, and then get to the SAP Portal via a link from SharePoint, an SAP logon ticket must be issued to the user as well.
We have some limitations because the majority of our user population is university students: 1) We cannot assume that a useru2019s system is a member of the AD Domain; 2) Our solution must work for both Windows and Mac OS clients, running either of the currently supported Web Browsers, Internet Explorer and Firefox.
I appreciate any help you can provide.