Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SSO works only in one direction

Go to solution
Former Member

‎04-14-2011 8:23 AM

0 Kudos

Hi everyone

We have two portals:

Portal A: SAP NetWeaver 7.0

Portal B: SAP NetWeaver CE 7.2

I've exported and uploaded their certificates in both directions to establish a trust between both portals.

Now the SSO should work. I tested it this way:

#1

Login into Portal A (NW7.0). Then enter the url of Portal B. Portal B apperas. SSO works fine here. I'm automatically logged in in Portal B.

#2 (Other direction)

Login into Portal B (NWCE7.2). Then enter the url of Portal A. The login page appears. The SSO does not work here.

Can somebody tell my why #2 fails?

Thanks in advance

Best regards

Klaudio

Edited by: Klaudio Gospic on Apr 14, 2011 9:24 AM

1 ACCEPTED SOLUTION

Go to solution
Former Member

‎04-26-2011 2:50 PM

0 Kudos

Hi

Difference in the cookie thing: Netweaver 7.0 Portal creates additionally a physical cookie file. Netweaver CE 7.2 does not.

I checked the cookies in FIrefox with AnEC Cookie Editor. Both portals create the MYSAPSSO2 cookie.

Does somebody know any other possible reasons?

Thanks a lot in advance

Best regards

Klaudio

5 REPLIES 5

Go to solution
Former Member

‎04-14-2011 11:18 AM

0 Kudos

Hi,

SSO may fail for many a reason.Please ellobarate the error.

Go to solution
Former Member
In response to Former Member

‎04-14-2011 1:34 PM

0 Kudos

Hi

thanks for your answer

I did some further investigations on the browser side.

It looks like the SAP NW CE server does not create a cookie. So the user does not obtain any logon ticket when he logs in to the SAP NW CE portal.

The NW 7.0 creates a cookie and makes it possible to SSOing from NW 7.0 to NW CE.

I'll check now what actions are necessary to make the SAP NW CE portal creating cookies.

Best regards

-Klaudio

Go to solution
Former Member

‎04-26-2011 2:50 PM

0 Kudos

Hi

Difference in the cookie thing: Netweaver 7.0 Portal creates additionally a physical cookie file. Netweaver CE 7.2 does not.

I checked the cookies in FIrefox with AnEC Cookie Editor. Both portals create the MYSAPSSO2 cookie.

Does somebody know any other possible reasons?

Thanks a lot in advance

Best regards

Klaudio

Go to solution
martin_voros
Active Contributor
In response to Former Member

‎04-27-2011 12:21 AM

0 Kudos

Hi,

check tool mentioned in OSS note 1045019. You can use it to trace both systems so it may give additional info why it fails. Also there is note 1257108.

Cheers

Go to solution
Former Member
In response to Former Member

‎05-02-2011 4:15 PM

0 Kudos

Thank you very much!

The note helped me a lot.

I used the diagtool to check the trace.

To problem was:

The time settings were different. The Ticket Issueing server were in the future so I found a trace message like this

Ticket is not valid until Mon May 02 17:47:00 CEST 2011

I had to set the time of the ticket issueing system one hour back. It works well now. Thank you