on 09-30-2010 6:01 AM
Hi,
Could anyone give some input regading best pratice for establishing SSO to ITS.
In our setup we do not have an SAP portal in our environment but an IIS with a few direct links til ITS services on ECC.
We use Active directory. How can we avoid that users get prompted for logiin when accessing ITS Services?
Hi Bruce,
Can you clarify if you are using the ITS 6.20 Standalone or the Integrated ITS 6.40/7.00??
From your description I believe you will need to use X.509 certificates
you can find more information online in SDN in the Security forum.
You wont be able to use "SAP Logon ticket" for SSO implementation.
This solution works with an SAP Portal > ITS.
Can use the two parameters:
login/create_sso2_ticket =2
login/accept_sso2_ticket =1
But if you are only talking about one ITS system without portal, it is not
possible as there is NO ticket issuer system (SAP Portal)!
So, the only possible solution I can see it SSO implementation with
X.509 certificate (SSL),
See also note Number:
[1257108 Collective Note: Analyzing issues with Single Sign|https://service.sap.com/sap/support/notes/1257108]
and review the following documentation:
http://help.sap.com/saphelp_nwpi71/helpdata/en/
b1/07dd3aeedb7445e10000000a114084/frameset.htm
You also can visit the following SCN blogs:
/people/andre.fischer/blog/2010/03/31/single-sign-on-technologies-supported-by-the-sap-netweaver-application-server-as-a-service-provider-in-microsoft-based-environments
and
/people/andre.fischer/blog/2010/05/27/single-sign-on-for-sap-netweaver-leveraging-x509-certificate-auto-enrollment-in-microsoft-active-directory
Regards,
Oisin
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
88 | |
23 | |
11 | |
9 | |
8 | |
5 | |
5 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.