Skip to Content
avatar image
Former Member

Creating MYSAPSSO2 credential outside of WebAS?

Is it possible to generate a MYSAPSSO2 credential outside of WebAS?

We're developing a number of .Net connector objects that leverage MYSAPSSO2 for single sign-on. These objects don't live within WebAS. I'd like to find a way to give users the MYSAPSSO2 cookie without making them first log into an EP portal, WebAS service, etc. Can this be done?

--Craig

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • avatar image
    Former Member
    May 25, 2004 at 07:24 PM

    I just thought of an alternative that might work as well.

    Within our Intranet, we make use of Netegrity's SiteMinder product. Every web user has a SiteMinder cookie similar to SAP's SSO cookie.

    I wonder if it'd be possible to leverage this SiteMinder cookie for SAP .Net authentication? That is, maybe I could customize the WebAS backend to intercept the SiteMinder cookie (passed through the .Net connector), validate it and resume the "normal" SAP authentication process (possibly resulting in a MYSAPSSO2 cookie being created as well).

    --Craig

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member Former Member

      Hi Craig,

      Did you find a way of doing this? If so, can you share it with us?

      I have struggled with same issue. The problem is that SAP Logon tickets can only (officially) be created by SAP technology, i.e. Portal, ITS (with backend systems) and Web AS.

      And I don't know if someone from SAP will advance a solution for this, since it will allow you now to deploy web applications without having to use their web technology.

      Unless someone from SAP corrects me.

      Now a hypothetical alternative is that:

      You configure the SAP technology (be it Web AS or Portal or ITS whichever you have license for) with integrated windows authentication and therefore if users are already logon to their Windows, they will get an SAP Logon ticket generated and then the trick is to use some kind of redirect mechanism to hide the fact that a portal or ITS or WAS is used and let the SAP Logon ticket be redirected to your .Net Connector based applications. Remember to configure your SAP system to trust the SAP technology that generates the Logon ticket.

      Regards,