cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

EP 7.1 SSO with .Net portal

Former Member

on ‎08-23-2011 5:45 AM

0 Kudos

Hi we have to configure EP 7.1 SSO with .Net portal, information on it as follows:

My portal is getting authenticated by the LDAP (Active Directory) credentails the .Net portal is also getting the authentication by LDAP (AD).

The requirement is that when a user enter's/authenticates this .net portal there is a link inside it which calls my EP (ESS)portal, as soon as the employee clicks on that link my EP portal logon page is displayed. Now the uid and pwd of the EP portal is the same and the user as to reenter the same thing again to access ESS.

How can i configure SSO between them, please if someone can expalin the brief steps to achieve the same or can provide any config doc for the same.

Regards,

Jack.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

tim_alsop
Active Contributor
‎08-24-2011 11:24 PM
0 Kudos

Jack,

You have two options

1 - when you logon to .net portal, you need to generate some kind of 'token' which can be presented to the SAP system and used to recognise who has authenticated.

2 - use the same method to authenticate the user when they access SAP as when they access .net portal, e.g. Integrated Windows Authentication (using Kerberos and HTTP Negotiate protocol).

For 1 - the standar way to do this would be to use SAML, but this will require a lot of work.

For 2 - this is easy and many companies use this method to do same as you want.

Thanks,

Tim

Show replies
Show replies
Former Member
‎08-23-2011 10:59 AM
0 Kudos

Hi Jack,

Did you already consider the setup of SSO to your EP7.1 portal using Kerberos?

SAP Java WAS provides with standard SPNEGO loginmodule that allows this.

Info on Kerberos: http://wiki.sdn.sap.com/wiki/display/Security/SingleSign-OnwithSPNego(NWAS+Java)

Regs,

Geert

Show replies
Show replies
Former Member
‎08-24-2011 7:45 AM
0 Kudos

i dont think we need to do a windows authentication sso for this, it not so easy when we have diffrent OS platforms in an organization, maintainence work is also too much.

as far as i know we do not want to implement SPNego my requirement is different we want to open our EP portal by some third party portal which must be quiet simple if there is a proper guide on how to implement it.

Former Member
‎08-24-2011 10:07 PM
0 Kudos

SPnego is the quite simple option. Why do you not want to use it?

Plan B would be .NET authentication issuing a SAML tocken, which EP accepts for SSO.

Plan C: The link to access the ESS application in the .net portal is anonymous and then prompts the user for UID/PWD but this is the logon page of the EP portal. However this would only be a usefull link for those who only use ESS, so they might as well go directly to the EP.

However you also mention ESS so there is still a 3rd (backend) system behind the EP. How have you configured that to authenticate in the user's context information on the EP via the .Net portal?

That you are not allowed to use SPNego sounds like some office politics issue to me, and not a technical restraint....

Cheers,

Julius

Edited by: Julius Bussche on Aug 24, 2011 11:09 PM

Ask a Question