Jun 10, 2004 at 12:07 AM
ITS logon screen
Because of the nature of the way iViews are displayed in the Portal, the ITS server is directly visible to the client for ITS enabled transactions (ESS trasnsactons). The authentication to the ITS server is done via SAP SSO Ticket.
If the user knows his/her ITS credentials, he can then go directly to the ITS server (logon screen), bypassing the Portal completely. This bypasses the role based authentication that the Portal performs.
We want to force the users to go through the Portal to get to any and all ITS transactions. One thought is to potentially configure the ITS server to only accept logons via SSO Ticket, and not via the logon page. If there are better suggestions, I welcome them.