cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

EP and Active Directory SSO

Former Member

on ‎01-04-2005 4:11 AM

0 Kudos

Hi All,

I know that there are a lot of questions going around with EP and SSO however my question will be more specific.

If we have 2 scenarios: (1) IIS as web front interfacing with EP; (2) EP as web front and accessing MS apps.

Item (2) has been clearly defined by the press release and i like it. However, I need to know a few details.

Scenario (1)

-

If ASP.Net web front is being used, the connector or PDK.Net will be used to authenticate SAP Logon tickets...is this possible? If so, how is the active directory and user mapping to SAP Logon tickets done? and on which end?

Scenario (2)

-

When EP net is used for validation, the IIS server will validate against Active Directory and Exchange using the Ticket Bridge method. Is the ticket bridge another product or do i have to code it using connector or is it part of the PDK.Net? Also how is the SSO ticket and active directory user mapping done(on which end?)?

For (2) OWA is part of the ticket bridge? or is it another producT?

Sorry to trouble you guys on this but there are hardly any installs of 4.7 on webAS 6.2 running where i am..only one or two just started.

Cheers

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

reiner_hille-doering
Active Contributor
‎01-04-2005 8:32 AM
0 Kudos

I don't fully understand what scenarios you have in mind, therefore let me quickly summerize what's possible:

1. Use EP with PDK: This is the best and easiest solution. You .NET app wouldn't run on IIS, but on the special PDK server. Howerver, you can run any ASP.NET app without or with only little changes. Authentication and integration in EP infrastructure is automatically provided by the PDK.

2. EP with IIS loosely coupled: You can integrate ASP.NET pages running on ASP.NET by URL. In this case you can implement SSO using the MYSAPSSO2 ticket from EP with this article: https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.docs/documents/a1-8-4/enabling single sign-on for asp.net applications in enterprise portal 6.article

3. You have an external APP (that you don't develop by your own) that requires NT bases single-sign-on like Microsoft Outlook Web Access (OWA). But you want to use the logon information from EP. In this case you use the MySAPSSO2KerbMap filter.

4. You have a IIS-based Web-Page / Portal in front of EP and want to use it's SSO feature to log on to EP: Use IISProxy (part of EP) or deploy X.509 certificates.

Show replies
Show replies
Ask a Question