on 11-12-2012 9:31 PM
Hi,
We are having issues using SPNego even though we have configured as mentioned in the guide attached to the note 1488409.
I don't see component under 'Policy Configuration '"com.sun.security.jgss.accept" at all. Also there is no separate directory structure under usr\sap\j2ee\sys\global\kerberos (I've read somewhere this directory structure is not available with the newer version).
Also when we logon to SPNego wizard it always shows error: "System does not provide a model for authentication management" with a button "Migrate"(this is seen everytime we logon to http://<servername:port>/spnego)
Could you please provide us any suggestions. We are on NW 7.02, J2ee was upgraded but SPNego was never configured before, Windows vista OS(web client) and AD on Windows 2003 server.
Thanks in advance.
Hi, I have one more question. Is there impact of Clicking option "Migrate". Doest it disable the existing SSO configuration or it just allows to configure new SSO configuratio. We are using an 3rd party application for SSO(ADAM) and want to migrate to SPNEGO configuration. And i am seeing an Migrate option in /spnego lonk. I just want to make sure my existing SSO is not disabled when i click on Migrate option. Thanks Manish
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
Please read the section in the pdf attached to the Note 1488409 - New SPNego Implementation.
Upgrade with the original SPNego
In case the AS Java engine was upgraded from an older version and the original SPNego was configured, meaning
you never used the add-on solution from SAP Note 1457499, follow the instructions in this section.
In order to finish the migration you need to perform several steps:
1. Open the SPNego wizard at http://<host>:<port>/spnego and log on with a user with administrator privileges
2. Hit the “Migrate” button that is displayed at the top of the page
3. SPNego should now work
Thanks
Rishi Abrol
Hi,
I think you dint read it correctly.
In case the AS Java engine was upgraded from an older version and the original SPNego was configured, meaning
you never used the add-on solution from SAP Note 1457499, follow the instructions in this section.
In order to finish the migration you need to perform several steps:
1. Open the SPNego wizard at http://<host>:<port>/spnego and log on with a user with administrator privileges
2. Hit the “Migrate” button that is displayed at the top of the page
3. SPNego should now work
So if you are not going to active the spnego addon components them it should work. Another thing as you are trying to use third part application so its better to test you test system than production directly or do it over the weekend so that you have lead time to fix it if issues.
Thanks
Rishi abrol
Hi, I am having exactly the same issue. Did anyone happen to fix it? Thanks Manish
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Manish/Jack,
Please follow the instructions provided in the guide attached to ossnote#1488409. Please make sure you use the latest guide, refer the above note for supported versions.
Below are the brief steps to be followed:
1) Create the below service users - on LDAP
2) Register SPN name in AD of all domains - on LDAP
3) Export LDAP attributes for all domains - on LDAP
4) Generate Keytab files- http://<servername:port>/spnego
5) Adding the Kerberos realms - http://<servername:port>/spnego
6) Authentication Stack Adjustment - Visual Admin
If required adjust the datasource xml file and upload - Config tool.
Let me know if you have any questions.
-Bob
Hi,
Please provide the patch level that your portal are at.
Some timed user get exception when they click on migrate.
Note 1539743 - NullPointerException in SPNego Wizard
What happens when you click on migrate.
Thanks
Rishi Abrol
Hi Bobby,
We are having the exact same issue, Are you able to provide and detail towards a resultion ?
Thanks
Jack
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Bobby,
Is this still an issue?
I'm guessing that you are on 7.02 SP6 or above as that's the pre-requisite? We have the same environment as you and have configured this according to the Guide first time, without issues.
Regards,
Graham
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Graham,
Thanks for your reply. Yes we are above the required level. I have more concern about the error displayed when we access http://<servername:port>/spnego
Error: "System does not provide a model for authentication management" with a button "Migrate"
Please share your views.
Thanks
any suggestions or ideas??
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
84 | |
25 | |
12 | |
9 | |
6 | |
6 | |
5 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.