our current customer has installed an instance of SAP Web AS 6.20 in a DMZ. He has another DMZ where the reverse proxy is installed. So, SAP Web AS and reverse proxy are located in different domains.
When we call our BSP-App via Internet we first have to authenticate against the reverse proxy, then a rewrite rule leads us through two firewalls to the SAP Web AS in the other DMZ.
Actually we reach the system/login-page of our BSP. When we enter the logon credentials and press the logon button we are redirected every time not to our own start-page but again to our system/login-page. We are caught in a loop.
It seems that the SSO2 authentication is not valid for the domain of the SAP Web AS but for the reverse proxy.
Has anyone experience with this kind of system landscape or can give any comment?