Hi Avishek,
In reponse to both your direct email and to your forum question, based on my experience:
- Logon tickets was not an option for us because the calling system was a non-SAP system and could not generate SAP Logon tickets. Therefore, it would still have to authenticate against PI then PI would issue the SAP logon ticket to authenticate to the receiver SAP system - which doesn't solve our issue.
- One option is to use x.509 certificates. This means however, that each user would need a certificate. In my case, this was not feasible because of the large number of users but if the amount of users is small, this may be an option for you.
- Another option we tried and got working was using Kerberos Authentication much like how Portal does authentication. This was done by modifying the Login Modules for the SOAP adapter service. However, we could not get it to work with Password fallback despite an ongoing message with SAP. This means all SOAP calls into PI had to use kerberos authentication which was not feasible in my case.
So that is currently where we are at at the moment... and hoping that PI soon supports Holder-of-Key SAML authentication.
Joy
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.