cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

login/create_sso2_ticket

Former Member

on ‎04-05-2009 7:08 PM

0 Kudos

Hello All,

I have been reading a lot on SSO these days and just trying to understand the concepts better.I have configured SSO in my landscape with no issues but I did that by reading the guides and all.

I have some confusions

what does the parameter login/create_sso2_ticket signifies.

I know that the value of this can be either 0 or 1 or 2

I have configured 2 in my system

but what does these values(0,1,2) signifies.

Please dont refer to the links.I have gone through many links but I want to understand the concept behind this,banking on you all to help me out with this

Thanks

Rohit

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (4)

Answers (4)

Private_Member_739866
Participant
‎09-24-2014 7:41 AM
0 Kudos

Hi,

You can use Single Sign-On (SSO) tickets to allow SSO between SAP systems, and even beyond to non-SAP systems. An SSO ticket can be a logon ticket or an assertion ticket. The logon ticket is transferred as a cookie with the name MYSAPSSO2. The assertion ticket is transferred as an HTTP header variable with the name MYSAPSSO2. Note that this requires additional configuration steps for the issuing and accepting systems.

The issuing system should permit the generation of an SSO ticket

  • login/create_sso2_ticket = 1 : SSO ticket including certificate
  • login/create_sso2_ticket = 2 : SSO ticket without certificate
  • login/create_sso2_ticket = 3 : Generate only assertion tickets

The SSO tickets are significantly smaller without the certificate.

By default kernel value is set to 3

Regards,

PARAMVIRSINH JETAWAT

SAP BASIS CONSULTANT

Show replies
Show replies
Former Member
‎04-06-2009 9:59 AM
0 Kudos

goto RZ11 input you parameter and press info

you will get all the informantion

Samrat

Show replies
Show replies
JPReyes
Active Contributor
‎04-06-2009 9:55 AM
0 Kudos

Values mean,

login/create_sso2_ticket = 0 : Ticket generation deactivated

login/create_sso2_ticket = 1 : SSO ticket including certificate

login/create_sso2_ticket = 2 : SSO ticket without certificate

Regards

Juan

Show replies
Show replies
Former Member
‎04-06-2009 10:02 AM
0 Kudos

Hello Juan,

so suppose if I am configuring SSO between EP and ERP,ticket generation will be done by EP and will be accepted by my ERP system

so in that case wha should be the value of login/create_sso2_ticket ?

Rohit

JPReyes
Active Contributor
‎04-06-2009 10:13 AM
0 Kudos

In some cases comunication is escential between ECC and EP... so value should be set to 2... (for example when using BI bex.)

In any case you can set the value to 0, you'll find out very soon if you need to change the value,

Regards

Juan

Former Member
‎04-05-2009 11:19 PM
0 Kudos

Hi Rohit

login/accept_sso2_ticket should be always set to '1' as the system needs to accept the ticket.

login/create_sso2_ticket :

1. Set login/create_sso2_ticket = 0 unless the server should also be able to issue tickets.

2. If the application server should also be able to create logon tickets, set the profile parameter login/create_sso2_ticket to the value 1 or 2 in instance profile.

You could manage with create* = 0. and why not give it a try !

Bhudev

Show replies
Show replies
Ask a Question