Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Single Sign-On Netweaver Portal with Cornerstone On Demand

junmei
Participant

‎01-25-2012 10:04 AM

0 Kudos

Hi

Does someone experiences with Single Sign-On between SAP Netweaver Portal and the Learning Management System of Cornerstone On Demand?

The options are:

- SAML: but at this moment we don't have SAML provider. Is it easy to use this with Netweaver 7.01 SP6 ?

- standard SSO : encrypted string between SAP portal and LMS: client sends encrypted string with userid...based on encryption algorithm.: Has someone developed this (java code) for SSO to an other system?

But can they use Sap Login Tickets?

Best regards

Luc

4 REPLIES 4

former_member182254
Active Participant

‎02-27-2012 7:32 PM

0 Kudos

Hi Luc,

Is the requirement about SAML 1.1 or SAML 2.0? For SAML 2.0 you may use NW AS Java 7.2/7.3 as an identity provider to issue SAML 2.0 assertions to the LMS system. For that purpose you just need to configure the NW AS Java 7.2/7.3 system to trust the SAP Logon Tickets issued by your NW 7.01. Let me know if you need further details and I can upload some slides about the setup on SAPMats.

Regards,

Dimitar

martin_voros
Active Contributor

‎02-27-2012 10:19 PM

0 Kudos

Hi,

I just recently implemented SSO between SAP system and on demand solution from 3rd party provider. We didn't have any guy with Java skills so we implemented HTTP handler in SICF that generates web page with redirection to the 3rd party system. ABAP does not have a good support for various encryption algorithms so we used javascript interpreter available in ABAP AS. Portal just points to ICF service on ECC system that redirects to on demand solution. Implementation took one day. Obviously, in this case all users had to have account in ECC system.

Cheers

former_member182254
Active Participant
In response to martin_voros

‎02-28-2012 5:10 AM

0 Kudos

Hi Martin,

What is the SSO token that the 3rd party site accepts and which system in your case issues it? Are you able to issue SAML 1.1/2.0 assertions with a Javascript?

Regards,

Dimitar

martin_voros
Active Contributor
In response to martin_voros

‎02-28-2012 7:26 AM

0 Kudos

Hi Dimitar,

3rd party provider required POST request to their site and one of the POST parameters was name plus time stamp encrypted with 3DES with secret key. There is no implementation of 3DES in ABAP that I know so I used javascript implementation. Of course the javascript was executed on server side.

Cheers