cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Forefront Unified Access Gateway (UAG) and SAP portal

Go to solution
tombo_larsen
Active Participant

on ‎02-10-2010 7:54 PM

0 Kudos

Hi Guys

Do you have experience or knowledge about the integration of UAG as a reverse proxy for SAP Netweaver portal 7.0?

We are trying a setup where the SAP NW portal uses SPNEGO/kerberos authentication (and it is working), but when accessing the SAP NW portal through UAG we get a "HTTP basic authentication" prompt, while SPNEGO login module fails. UAG can be configured to use kerberos contrained delegation, but it does not work for us.

Anyone who have setup UAG - SAP NW portal integration ? Did you succed with any SSO: Which authentication mechanism' did you configure in UAG and i J2EE?

Best regards

Tom Bo

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎01-03-2011 9:41 PM
0 Kudos

Hi Tom,

We also use Spnego and have recently tested and got the UAG to allow a SSO to the Portal. I was able to follow the following instructions to get in working order.

http://blogs.technet.com/b/edgeaccessblog/archive/2010/04/15/sap-netweaver-portal-publishing-with-si...

Hope this helps

Show replies
Show replies

Answers (1)

Answers (1)

Former Member
‎03-17-2010 9:02 PM
0 Kudos

Hi Tom,

I work as a consultant for various customers who seek my companies expertise in Microsoft Forefront security. I published SAP Portal 7.0 for my customers and was able to provide seamless single sign with UAG.

We configured NTLM authentication in UAG. We then configured SPNEGO and enabled fall back to Basic Authentication on SAP. This should work but you may need to write some authentication modification scripts if you are getting username/password errors.

In addition, we did strong 2-factor authentication with RSA for one customer. Some of our customers also ask about enabling endpoint detection to do things like, If you dont have an updated antivirus, then you the user cannot download any documents from SAP.

Thanks!

Dennis Lee

Celestix Networks

Edited by: Dennis Lee CLX on Mar 17, 2010 10:06 PM

Show replies
Show replies
Ask a Question