A client has two portals where each Portal uses a different AD as UME and are on different domains. Portal A's user id example 'abc'. Portal B's user id example '123'.
Portal A calls Portal B (as a hyper link) but needs to SSO onto Portal B. currently the logon screen renders.
My thought was to create a Portal System (HTTP or SAP system) and do a usermapping ('abc' to '123') and set this system up to use SAPLOGONTICKET.
But how do I then use this system (URL iView's doesn't have the property to specify a system).
Would Portal B have to be setup to accept Logon tickets? I have imported Portal A's certificate into Portal B.
Another option that I thought of is to setup Portal B to accept NTLM tickets from the Portal A AD. But is it possible to do a user mapping in this case? Since the AD ticket will contain 'abc' it should fail when Portal B tries to accept it. Can one have more than one Principle name in other words?
I don't know if any of this is possible due to the fact that the two portals are on different domains.
Appendix: Portal A (in production) is setup for SSO from AD (NTLM)
Any ideas or solutions would greatly help!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.