cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SSO enablement

Former Member

on ‎07-14-2004 6:17 AM

0 Kudos

Hi,

I have a BSP application. It is a non portal environment. I have set the login/accept_sso2_ticket and

login/create_sso2_ticket parameters to 1. However it still shows me the login screen and not automatically logging in by SSO.

Can anybody help me what else needs to be done ? Is there any other system setting that needs to be done. Who can be contacted in this regard ?

Ciao

Gansu

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

former_member181879
Active Contributor
‎07-14-2004 8:05 AM
0 Kudos

Gansu,

> Who can be contacted in this regard ?

Nobody. Works as designed.

Let me describe this to you in this way: when you go to the disco, you knock on the door. The guy asks you for money (they always do), and then for some ID (you must be over 18). Then you are allowed in. However, now you go out again. The guys says: "Here, we put this stamp on your hand. Next time you come, show the hand.". You leave, and for rest of the night you come and go, waving the hand each time.

The login is required to know who you are. This is the stand and identify sequence. Only when the server knows who you are, can it set a SSO2 cookie for you, which allows you to come and go.

++bcm

PS: Please limit your questions here to interesting aspects on BSP. When working for the company, you have full access to internal information, plus to the IT group for handling system configuration. I would hate to run OSS support via SDN. Internally you can bypass the login by the use of X.509 certificates (in PSE), which if configured correctly at the server will automatically do the logon for you in HTTPS mode.

Show replies
Show replies
Former Member
‎07-14-2004 8:49 AM
0 Kudos

Gansu,

you said...

"I have a BSP application. It is a non portal environment. I have set the login/accept_sso2_ticket and

login/create_sso2_ticket parameters to 1. However it still shows me the login screen and not automatically logging in by SSO."

In the Portal, when we setup SSO to an SAP system we not only set the parameters in the profile as you described:

login/accept_sso2_ticket

login/create_sso2_ticket

but we also import the verify.der certificate from the Portal and make sure that a valid PSE certificate is maintained.

In the Portal environment SSO (with SAP Logon tickets) to SAP works by you first of being logged onto the Portal and authenticated and you having the same Username in the SAP system as you have in the portal.

You said you have a BSP application in a non-portal environment, this suggests to me that you will have to examine how the authentication works in your non-portal environment and see if there is a way of performing Usermapping of Username and Password by System to your WAS system to execute the BSP or if there is a way of exporting a trusted logontoken from your non-portal environment to the WAS environment.

SSL and x509 certificates is something else, but configuring SSL on your WAS is described in some very nice documents available on SAP Market Place.

It is an interesting topic for me because although we have the EP, the BSP's I am developing will be accessed by people logged into a different vendor's Portal environment - and I am sure at some stage the requirement is going to come my way to get the BSP's to open via the non-SAP Portal with SSO.

Milan.

former_member181879
Active Contributor
‎07-14-2004 1:48 PM
0 Kudos

See also: <a href="https://www.sdn.sap.comhttp://www.sdn.sap.comhttp://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sapportals.km.docs/documents/a1-8-4/sso%20overview.pdf">Single Sign-On (SSO) in a Complex System Landscape</a> which has been on display now nearly two weeks on the very first logon page. Unless one is in such a hurry to get to this forum

Ask a Question