Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

RFC Connection with Single-Sign-On

Former Member

‎05-27-2011 5:05 PM

0 Kudos

Dear colleagues,

is iit possible to create a RFC with SNC activated without registering the source system in table SNCSYSACL of the target system?

I do not understand what difference it makes whether I logon via SAPLogon with SSO (which works) or if I logon via RFC with SSO. In both cases I expect that I can only logon with users that I am allowed to logon, so I do not see any reason to restrict the RFC logon to specific sourcesystems.

Since I a have one central system with a lot of satelite systems which come and go, it would be very hard to keep table SNCSYSACL up to date.

I created a RFC connection in SM59 and activated SNC with the follwoing parameters

QoP 8 Default (profile parameter snc/data_protection/use)

Partners p/secude:CN=<SID of targetsystem>, O=SAP-AG, C=DE

I get the following error:

When executing a remote function call, an error occurred.

In ST22 of the Target system I get the following information:

Short text

When executing a remote function call, an error occurred.

What happened?

Sysid "BR5 " not allowed in target system in table SNCSYSACL.

SNC-Name="p:CN=BR5, O=SAP-AG, C=DE"

So I would be very grateful for tips using SSO in RFC without having to maintain SNCSYSACL or information on why SNCSYSACL has to be maintained.

Thanks and kind regards

Joachim

5 REPLIES 5

Former Member

‎06-01-2011 12:09 PM

0 Kudos

can anyone help?

mvoros
Active Contributor
In response to Former Member

‎06-02-2011 12:54 AM

0 Kudos

Check note 1028503.

Cheers

Former Member
In response to Former Member

‎03-07-2013 9:15 AM

0 Kudos

Hi Joachim,

Even I'm trying to achieve Single Sign On with RFC connection. When a user performs cross-system comparisons (Role or table comparison) he should be allowed to use SSO to login to target system.

Currently, I have activated SNC in SM59 ,but the user is always prompted to enter his user id and password to login to source system. Is it possible to enable SSO with RFC connection?

Please let me know if had resolved this issue?

Thanks

Anuj

Former Member
In response to Former Member

‎03-07-2013 9:18 AM

0 Kudos

Hi Martin,

Even I'm trying to achieve Single Sign On with RFC connection. When a user performs cross-system comparisons (Role or table comparison) he should be allowed to use SSO to login to target system.

Currently, I have activated SNC in SM59 ,but the user is always prompted to enter his user id and password to login to source system. Is it possible to enable SSO with RFC connection?

Please let me know if had resolved this issue?

Thanks

Anuj

Former Member
In response to Former Member

‎11-19-2013 3:38 PM

0 Kudos

Hi Anuj,

As described in OSS Note 10306033 SSO is not possible via RFC because the calling client is not related to a single user.

But you can use both SNC for encryption and verification of sender and receiver system and trusted rfc connection for avoiding the prompt for user id and password.

Best regards

Andreas