Solved: Enabling Single Sign On for Integration to 3rd Par...

Former Member · ‎12-31-2008

Hi Folks,

I need to enable Single Sign On for an integration scenario. The scenario is as below:

On a bsp page (CRM IC WebClient to be specific) there is a URL which points to a document stored in an external 3rd Party Digital Asset Management system (not based on SAP NW). When the user clicks this URL, he/she should not be asked to enter his/her credentials by the external system.

Could you please share any information on how I can go about achieving this?

Regards,

Gaurav

WolfgangJanzen · ‎01-01-2009

In addition to what Tim has asked, I'd like to know how the external 3rd Party Digital Asset Management is accessed: I assume that http is used as protocol - but do you intend to submit web service calls (with the CRM system as WS consumer and thus as http client) or is it intended that the CRM system only creates an URL and that the browser is directly communicating with the external 3rd Party Digital Asset Management (which is then rendering HTML content)?

PS: Happy new Year 2009

tim_alsop · ‎12-31-2008

Gaurav,

The first and perhaps most important step to solve this SSO requirement is to find out what methods of authentication are supported by the 3rd party system. For example, if this system supports only HTTP header authentication, then you will need to configure HTTP header authentication in SAP NW, but if SAML is supported - this could be used instead to provide SSO between SAP and this non-SAP system.

Happy New Year

Thanks,

Tim

WolfgangJanzen · ‎01-01-2009

In addition to what Tim has asked, I'd like to know how the external 3rd Party Digital Asset Management is accessed: I assume that http is used as protocol - but do you intend to submit web service calls (with the CRM system as WS consumer and thus as http client) or is it intended that the CRM system only creates an URL and that the browser is directly communicating with the external 3rd Party Digital Asset Management (which is then rendering HTML content)?

PS: Happy new Year 2009

Former Member · ‎01-04-2009

Thanks Tim & Wolfgang.

Wish you a very Happy 2009 ahead!

About which methods of authentication are supported by the external system, I need to confirm this. I have a call scheduled next week.

There are basically three ways the external system system is accessed.

1. Web Services - We make web service calls to search digital assets in the external system and display the results on the CRM IC Webclient UI. Here also I think I need to think about authentication but I think this should be manageable.

2. Thumbnails - The external system as part of the search result sends back the URL of the thumbnail. This thumbnail URL should not ask for authentication!

3. Asset URL - The system sends back a URL where the digital asset can be accessed. When the user clicks on this URL displayed on the CRM screen he should not be asked to enter his credentials again.

Thanks & Regards, Gaurav

Former Member · ‎01-05-2009

Hi Gaurav,

This is dependent on your 3rd Party system technical architecture.

if Your application (3rd Party) is running on any web server then http://help.sap.com/saphelp_nw70/helpdata/en/b1/07dd3aeedb7445e10000000a114084/frameset.htm

if you are accessing using web services , then

http://help.sap.com/saphelp_nw70/helpdata/en/47/23436c9d652deae10000000a1553f7/frameset.htm

if it is completely NON-SAP application, then

http://help.sap.com/saphelp_nw70/helpdata/en/12/9f244183bb8639e10000000a1550b0/frameset.htm

You can find various Authentication Mechanisms that SAP NW supports from the below link

http://help.sap.com/saphelp_nw70/helpdata/en/12/9f244183bb8639e10000000a1550b0/frameset.htm

Still not supporting, you have to use External Authentication System for SSO.

regards

Anand.M

Former Member · ‎01-05-2009

Hi Anand,

Thanks for the links. I too had a look at these. Will have to find out from the vendor what mechanisms they support.

Thanks & Regards,

Gaurav

Enabling Single Sign On for Integration to 3rd Party System