Skip to Content

Archived discussions are read-only. Learn more about SAP Q&A

Java Single Sign On

A client has two portals where each Portal uses a different AD as UME and are on different domains. Portal A's user id example 'abc'. Portal B's user id example '123'.

Portal A calls Portal B (as a hyper link) but needs to SSO onto Portal B. currently the logon screen renders.

My thought was to create a Portal System (HTTP or SAP system) and do a usermapping ('abc' to '123') and set this system up to use SAPLOGONTICKET.

But how do I then use this system (URL iView's doesn't have the property to specify a system).

Would Portal B have to be setup to accept Logon tickets? I have imported Portal A's certificate into Portal B.

Another option that I thought of is to setup Portal B to accept NTLM tickets from the Portal A AD. But is it possible to do a user mapping in this case? Since the AD ticket will contain 'abc' it should fail when Portal B tries to accept it. Can one have more than one Principle name in other words?

I don't know if any of this is possible due to the fact that the two portals are on different domains.

Appendix: Portal A (in production) is setup for SSO from AD (NTLM)

Any ideas or solutions would greatly help!

Former Member
Former Member replied

Hi,

Try using Application Integrator I Views instead of URL I Views for your Option 1.

Regards,

Santhosh

0 View this answer in context
Not what you were looking for? View more on this topic or Ask a question