12-31-2008 10:47 AM
Hi Folks,
I need to enable Single Sign On for an integration scenario. The scenario is as below:
On a bsp page (CRM IC WebClient to be specific) there is a URL which points to a document stored in an external 3rd Party Digital Asset Management system (not based on SAP NW). When the user clicks this URL, he/she should not be asked to enter his/her credentials by the external system.
Could you please share any information on how I can go about achieving this?
Regards,
Gaurav
01-01-2009 12:44 PM
In addition to what Tim has asked, I'd like to know how the external 3rd Party Digital Asset Management is accessed: I assume that http is used as protocol - but do you intend to submit web service calls (with the CRM system as WS consumer and thus as http client) or is it intended that the CRM system only creates an URL and that the browser is directly communicating with the external 3rd Party Digital Asset Management (which is then rendering HTML content)?
PS: Happy new Year 2009
12-31-2008 6:33 PM
Gaurav,
The first and perhaps most important step to solve this SSO requirement is to find out what methods of authentication are supported by the 3rd party system. For example, if this system supports only HTTP header authentication, then you will need to configure HTTP header authentication in SAP NW, but if SAML is supported - this could be used instead to provide SSO between SAP and this non-SAP system.
Happy New Year
Thanks,
Tim
01-01-2009 12:44 PM
In addition to what Tim has asked, I'd like to know how the external 3rd Party Digital Asset Management is accessed: I assume that http is used as protocol - but do you intend to submit web service calls (with the CRM system as WS consumer and thus as http client) or is it intended that the CRM system only creates an URL and that the browser is directly communicating with the external 3rd Party Digital Asset Management (which is then rendering HTML content)?
PS: Happy new Year 2009
01-04-2009 3:08 AM
Thanks Tim & Wolfgang.
Wish you a very Happy 2009 ahead!
About which methods of authentication are supported by the external system, I need to confirm this. I have a call scheduled next week.
There are basically three ways the external system system is accessed.
1. Web Services - We make web service calls to search digital assets in the external system and display the results on the CRM IC Webclient UI. Here also I think I need to think about authentication but I think this should be manageable.
2. Thumbnails - The external system as part of the search result sends back the URL of the thumbnail. This thumbnail URL should not ask for authentication!
3. Asset URL - The system sends back a URL where the digital asset can be accessed. When the user clicks on this URL displayed on the CRM screen he should not be asked to enter his credentials again.
Thanks & Regards, Gaurav
01-05-2009 4:50 AM
Hi Gaurav,
This is dependent on your 3rd Party system technical architecture.
if Your application (3rd Party) is running on any web server then http://help.sap.com/saphelp_nw70/helpdata/en/b1/07dd3aeedb7445e10000000a114084/frameset.htm
if you are accessing using web services , then
http://help.sap.com/saphelp_nw70/helpdata/en/47/23436c9d652deae10000000a1553f7/frameset.htm
if it is completely NON-SAP application, then
http://help.sap.com/saphelp_nw70/helpdata/en/12/9f244183bb8639e10000000a1550b0/frameset.htm
You can find various Authentication Mechanisms that SAP NW supports from the below link
http://help.sap.com/saphelp_nw70/helpdata/en/12/9f244183bb8639e10000000a1550b0/frameset.htm
Still not supporting, you have to use External Authentication System for SSO.
regards
Anand.M
01-05-2009 4:58 AM
Hi Anand,
Thanks for the links. I too had a look at these. Will have to find out from the vendor what mechanisms they support.
Thanks & Regards,
Gaurav