07-16-2009 1:48 PM
Hi
I have a BI Portal Dual stack with ABAP Persistance, i now need to do SPnego SSO to LDAP Persistance from the Portal part only...My problem is that all users are stored in the ABAP...So when i change persistance on the java side to LDAP the java will not start anymore?
Is there anyway i can copy the users from the ABAP to the java side or something like that?
Regards.
Peter
07-16-2009 1:55 PM
Hi,
You can configure UME on Java stack so that ABAP user store is used. Then you only need to maintain users in ABAP stack and same users can logon to Java stack. I think this is default when dual stack is installed.
When you want SPNEGO / LDAP / Kerberos / Active Directory authentication in dual stack system with ABAP user store configured, I beleive you cannot use the SAP supplied SPNEGO login module. Instead, you need to consider alternative login module that implements SPNEGO, and available from SAP partner.
Thanks,
Tim
07-16-2009 2:09 PM
Hi
This is they way it is: The BI ABAP is installed with its own DB and the BI Java has its own DB but just uses the ABAP as the user persistance...I only need to setup SSO with SPNego for the java side and not from the abap side...So i "only" need a way to get the users from the ABAP side and over to the java side so java no more are using ABAP as persistance...
Regards,
Peter
07-16-2009 2:14 PM
Peter,
As far as I am aware, the SAP suppleid SPNEGO login module is coded to use LDAP as user store so your Java stack needs to be configured to use user store in LDAP directory (e.g. Active Directory). This is a big restriction and the only way I know to solve it is to use a different login module that has been coded differently and doesn't use LDAP connection. You can then use any user store and any persistence.
Tim
07-16-2009 2:19 PM
Hi
I know that SPNego is only used for LDAP and when i have moved the users from ABAP to JAVA persistance i will then via the SPNego tool move it to LDAP
Regards,
Peter