on 02-10-2010 7:54 PM
Hi Guys
Do you have experience or knowledge about the integration of UAG as a reverse proxy for SAP Netweaver portal 7.0?
We are trying a setup where the SAP NW portal uses SPNEGO/kerberos authentication (and it is working), but when accessing the SAP NW portal through UAG we get a "HTTP basic authentication" prompt, while SPNEGO login module fails. UAG can be configured to use kerberos contrained delegation, but it does not work for us.
Anyone who have setup UAG - SAP NW portal integration ? Did you succed with any SSO: Which authentication mechanism' did you configure in UAG and i J2EE?
Best regards
Tom Bo
Hi Tom,
We also use Spnego and have recently tested and got the UAG to allow a SSO to the Portal. I was able to follow the following instructions to get in working order.
Hope this helps
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Tom,
I work as a consultant for various customers who seek my companies expertise in Microsoft Forefront security. I published SAP Portal 7.0 for my customers and was able to provide seamless single sign with UAG.
We configured NTLM authentication in UAG. We then configured SPNEGO and enabled fall back to Basic Authentication on SAP. This should work but you may need to write some authentication modification scripts if you are getting username/password errors.
In addition, we did strong 2-factor authentication with RSA for one customer. Some of our customers also ask about enabling endpoint detection to do things like, If you dont have an updated antivirus, then you the user cannot download any documents from SAP.
Thanks!
Dennis Lee
Celestix Networks
Edited by: Dennis Lee CLX on Mar 17, 2010 10:06 PM
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
90 | |
10 | |
10 | |
10 | |
7 | |
7 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.