Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

Single Sign On - Portal dual Stack - LDAP Active Directory

Former Member
0 Kudos

Hi

I have a BI Portal Dual stack with ABAP Persistance, i now need to do SPnego SSO to LDAP Persistance from the Portal part only...My problem is that all users are stored in the ABAP...So when i change persistance on the java side to LDAP the java will not start anymore?

Is there anyway i can copy the users from the ABAP to the java side or something like that?

Regards.

Peter

4 REPLIES 4

tim_alsop
Active Contributor
0 Kudos

Hi,

You can configure UME on Java stack so that ABAP user store is used. Then you only need to maintain users in ABAP stack and same users can logon to Java stack. I think this is default when dual stack is installed.

When you want SPNEGO / LDAP / Kerberos / Active Directory authentication in dual stack system with ABAP user store configured, I beleive you cannot use the SAP supplied SPNEGO login module. Instead, you need to consider alternative login module that implements SPNEGO, and available from SAP partner.

Thanks,

Tim

Former Member
0 Kudos

Hi

This is they way it is: The BI ABAP is installed with its own DB and the BI Java has its own DB but just uses the ABAP as the user persistance...I only need to setup SSO with SPNego for the java side and not from the abap side...So i "only" need a way to get the users from the ABAP side and over to the java side so java no more are using ABAP as persistance...

Regards,

Peter

0 Kudos

Peter,

As far as I am aware, the SAP suppleid SPNEGO login module is coded to use LDAP as user store so your Java stack needs to be configured to use user store in LDAP directory (e.g. Active Directory). This is a big restriction and the only way I know to solve it is to use a different login module that has been coded differently and doesn't use LDAP connection. You can then use any user store and any persistence.

Tim

Former Member
0 Kudos

Hi

I know that SPNego is only used for LDAP and when i have moved the users from ABAP to JAVA persistance i will then via the SPNego tool move it to LDAP

Regards,

Peter