on 02-08-2010 6:55 AM
Hi,
I would like to know , till how much time SSO ticket generated in STRUSTSSO2 is valid? I tried to search in sdn but did not get this information.
I know for Web AS Java (eg portal scenario) ticket generated is valid for 8 hrs (by default) and it is possible to change this value.
How is it for ticket generated in R/3 ? Can we set custom value for its validity (say 2 Hrs)?
Regards,
Apurva
Hi,
the ticket you import into SSOTRUST2 is the server ticket. This ticket is issued by a PKI to a server and is basically a server SSL certificate. This ticket is used to identifify the server. The lifetime of this ticket is defined by the PKI and can range several years.
The portal ticket you're referring to is the logon ticket. This ticket is issued to a user and is different from the server ticket. The logon ticket gets issued from the Java server and can therefore be verified by the other systems where the server certificate is imported (trust).
br,
Tobias
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Tobias,
Thanks for your reply.
I am setting up connection between BW ABAP and EP Java system. I have exchanged certificates between systems.
So, in this scenario logon tickets will be exchanged between systems for authentication. I know that logon ticket generated EP(Java) is by default valid for 8 hours. I wanted to know logon ticket generated by BW(ABAP) is valid for how much time ?
Regards,
Apurva
Hi Apurva,
after you created a trust between the 2 systems, your BI systems trust the portal. This means, that the portal user can access the BI system from the portal as long as the logon ticket from the portal is valid. After the portal logon ticket is invalidaded, the user cannot access anymore the BI system.
As the BI system accepts the portal logon ticket and won't issue a proprietary one, you control the BI logon ticket via the portal logon ticket. Therefor, to enforce a logon time of, let's say, 2 hours, you'll have to configure the portal logon ticket to a life time of 2 hours.
br,
Tobias
Hi Apurva,
in a portal <-> BEx/BI setup normally you only have 1 ticket issuing system, and that is normally the portal. You can configure your J2EE server to accept or issue a logon ticket. If the logon ticket of the BI Java isn't accepted from your portal, you can try to configure the portal to accept the BI logon ticket: http://help.sap.com/saphelp_nw04s/Helpdata/EN/94/f2503ede925441e10000000a114084/content.htm
If you are talking about ABAP acessing Java and the SSO isn't working: try to configure the ABAP system to issue a logon ticket (not sure if this will work): http://help.sap.com/saphelp_nw04s/Helpdata/EN/61/42897de269cf44b35f9395978cc9cb/content.htm
br,
Tobias
User | Count |
---|---|
92 | |
11 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.