Skip to Content
0
Former Member
Jun 29, 2011 at 05:51 PM

SSO between NetWeaver Portals with FPN - consuming WebDynpro Applications.

25 Views

Hi,

We are not beeing able to configure Single Sign-On between our NetWeaver portals, and we are in need of some help to figure out what we are missing.

Our goal

We need to configure single user authentication between a NetWeaver Portal 7.0 and the WebDynpro applications executing in a CE 7.2. In other words, if the user is already logged in the Portal, his authentication on the CE/WebDynpro will be handled by configuration.

Scenario

We have a Portal 7.0 and CE 7.2. Both portals are already configured in a FPN within the same domain. The FPN is working well, and we are able to acess WebDynpro provided by the producer, if we are logged into both portals. But if we are only logged on the Portal 7.0, the consumed WebDynpro from the producer fails with the following error:

Failed to load the object: pcd:consumer_content/com.sap.portal.fpnGuestUserIview with user Guest 
[EXCEPTION]
com.sapportals.portal.pcd.gl.PermissionControlException: Access denied (Object(s): consumer_content/com.sap.portal.fpnGuestUserIview)

Configuration

After we configured the FPN between the portals, we followed SAP documentation to configure SSO:

1. We exchanged the portal 7.0 certificate with success to the 7.2 environment (We tested it on the option "Check against issuing system" within the "Trusted Systems" service)

[http://help.sap.com/saphelp_nw70/helpdata/en/43/2235260b413fe1e10000000a11466f/content.htm]

2. We also made the configurations in the stack to accept logon tickets

[http://help.sap.com/saphelp_nw70/helpdata/en/aa/bf503e1dac5b46e10000000a114084/content.htm]

All our applications have the "ticket" configuration to authenticate, which is also a subject of the link above.

After that configuration the single sign-on did not work. As we are doing a review on the documentation, we would like to ask some help if anyone have already configured single sign-on between netweaver portals. We are going to keep this thread updated if we make any kind of progress, and also ask me if I missed some information in the post.

Any help will be very appreciated!