Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Single sign-on to integrated ITS

Former Member

‎07-31-2009 8:48 AM

0 Kudos

Hello Mindaugas,

Original thread reference =>

I'm facing the same problem, could you please detail me your solution ?

Thanks a lot.

Edited by: Julius Bussche on Aug 2, 2009 10:16 PM

2 REPLIES 2

tim_alsop
Active Contributor

‎07-31-2009 8:57 AM

0 Kudos

You can use one of two solutions:

1. Use Active Directory / Kerberos / SPNEGO by installing a Java stack somewhere in your landscape and using this to authenticate users when they access Integrated ITS on ABAP stack. This is done using re-direction at the time of logon.

2. Setup a PKI and use client x.509 certificates so that each user can logon to integrated ITS without needing a Java stack. This might work for you, but might mean that users workstation has to be same each time (unless you use smart cards or some kind of certificate deliery during loogn to domain) whereas with option 1 the user can logon to any workstaiton and their AD credentials issued during the logon can be used.

Certainly option1 is more popular in my experience and is much simpler to setup and administer.

Thanks,

Tim

Former Member

‎08-02-2009 9:15 PM

0 Kudos

I split this into your own thread. Mail watches by default are only for 90 days and the thread was old... (2007)

Cheers,

Julius