cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SSO with SAP Logon Tickets

Former Member

on ‎09-15-2008 7:38 AM

0 Kudos

Hello,

we have a portal as a ticket issuing system. We have integrated SAP CRM and SAP BW into our portal. Now the user authenticate himself on the portal. First time the user navigates in the portal to CRM or BW he has to authenticate there with his user-id and password.

This case appears only at the first login to this systems. After the first login SSO will run without problems and the user is automatically authenticated in CRM and BW.

What is our mistake so that every user have to authenticate himself on the CRM or BW if it is his first login?

Please help me!

Regards

Philipp

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎09-15-2008 10:18 AM
0 Kudos

Hello,

thanks to all!

But I found the error in SAP Note 701205.

The parameter ume.logon.security.relax_domain.level was set to 1. But in our case the parameter must be 2 because all systems are in the domain *.companyname.de.

After I changed this and restart the server SSO works fine.

Regards

Philipp

Show replies
Show replies
Former Member
‎09-15-2008 7:47 AM
0 Kudos

Hi Philipp,

Have a look at this check list.

https://www.sdn.sap.com/irj/sdn/wiki?path=/display/ep/sso%2bchecklist

Also refer to

https://www.sdn.sap.com/irj/sdn/wiki?path=/display/ep/single%2bsign-on%2band%2bcookies

https://www.sdn.sap.com/irj/sdn/wiki?path=/display/ep/sso%2bprocedure

https://www.sdn.sap.com/irj/sdn/wiki?path=/display/ep/sso%2btroubleshooting

Cheers,

Sandeep Tudumu

Show replies
Show replies
Former Member
‎09-15-2008 8:00 AM
0 Kudos

Hello Sandeep,

I have checked all documents you have linked to my post. All described things are implemented on our system.

In CRM and BW only the parameter login/accept_sso2_ticket = 1 is set but not the parameter login/create_sso2_ticket = 1. I think this is right because the CRM and BW should only accept sso-tickets. Creating sso-tickets should be done by the portal and the check in transation sso2 is OK.

How can I checkt the both parameters in portal? There I don´t have transaction RZ10. We are running our portal on Java Web AS.

Regards

Philipp

Former Member
‎09-15-2008 8:21 AM
0 Kudos

hi phillip,

While giving user name and password.. is it showinh some error like No switch to HTTPS occurred, so it is not secure to send a password .

If it so then you will need to enter FQDN in your browser while accesing portal.

If you are having the url like http://portalname:50000/irj. don't use that....

It should be http://portalname.company.com:50000/irj

It will resolve your issue.

Regards,

jigar

Former Member
‎09-15-2008 8:24 AM
0 Kudos

Hi jigar,

we don´t use HTTPS and we work with FQDN.

Regards

Philipp

Former Member
‎09-15-2008 8:35 AM
0 Kudos

Philipp,

Looks like the configuration at your end is good.

But,after you made changes to the BW and CRM system in RZ10 did you restart those two machines?

Regards,

Sandeep Tudumu

Former Member
‎09-15-2008 8:38 AM
0 Kudos

Hi Sandeep,

I have done no changes in my backend systems. All parameters are still set so I don´t have to restart the two machines.

Regards

Philipp

Former Member
‎09-15-2008 9:16 AM
0 Kudos

Hi Philipp,

I hope that all your connected systems with portal is on same domain..

regards

parth

Former Member
‎09-15-2008 9:21 AM
0 Kudos

Hello Parth,

yes all systems are on the same domain!

Regards

Philipp

Former Member
‎09-15-2008 9:58 AM
0 Kudos

Hi philipp,

Did you checked the logs, can you share with us so that we can analyze.

Hope all the configurations are done perfectly and all systems including portal on same domain..

regards

Parth

Ask a Question