what is the main differences b/w
sap logon ticket and user mapping in sso
You are right. SAP Logon ticket is stored as a cookie on the client and is sent with each request of that client. It can then be used by external applications to authenticate the portal user to those external applications without any further user logons being required. SAP logon ticket doesnot contain any password since passwords are not mapped. On the other hand, SSO done with user id and password needs more security since password is also sent across the network.
For more info, refer to these links. They will give u a clear idea about what is actually happening.
SSO with user id and password:
SSO with SAP Logon ticket:
Hope this helps.