Skip to Content
author's profile photo Former Member
Former Member

Multi domain SSO using mdc

Hi,

We have configured multi domain sso using the help.sap link.

The issue we are having now is given below:

1. User logs into SAP EP on http://A.B.C

2. At this instance the entire portal page is loaded, and the MYSAPSSO2

cookie will be generated for A.B.C domain.

3. The hidden iframe will pass the MYSAPSSO2 cookie via POST parameter to

the receiver software in 3rd party portal

http://E.F.G/sendSSO2Cookie.asp, which is mentioned in the

ume.login.mdc.hosts property.

4. 3rd party portal will use this MYSAPSSO2 cookie to create a new

MYSAPSSO2 cookie for the E.F.G domain and send to the end user's browser.

5. At this instance, the end user will see 2 MYSAPSSO2 cookies - one

for A.B.C and another for E.F.G

6. Now if I click on the navigation menu link to open the 3rd party

portal http://E.F.G/index.html in a NEW window, the MYSAPSSO2 cookie with

E.F.G domain will be passed to http://E.F.G/ portal to resolve and

authenticate the user.

7. User LOGS OFF from 3rd party portal. This will invalidate the

MYSAPSSO2 cookie for 3rd party domain E.F.G.

8. User comes back to SAP portal in the old window. MYSAPSSO2 cookie for the A.B.C domain is still alive.

9. Please note that there is no portal page refresh. Now if I click on

the navigation menu link to open the 3rd party

portal http://E.F.G/index.html in a NEW window, there won't be any

MYSAPSSO2 cookie for E.F.G domain as this would only be generated during Portal page refresh. The authentication will fail in this case.

Is there some way we can pass this MYSAPSSO2 cookie as a URL parameter or

call the hidden iframe to generate the cookie for all domains without

page refresh?

Thanks,

Ajay

Add a comment
10|10000 characters needed characters exceeded

Related questions

1 Answer

  • author's profile photo Former Member
    Former Member
    Posted on Apr 29, 2012 at 11:45 PM

    Any help would be appreciated, as we are really looking to make this multi domain SSO work.

    Thanks,

    Ajay

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.