on 07-23-2012 7:40 PM
Hi everyone,
I have been working to enable authentication to our AS Java server using SAML.
1. User hits portal landing page in their browser sap..../irj/portal?SAMLart=...
2. SAP calls our third-party application with the SAML request
3. Our application provides a SAML assertion for the user
4. SAP shows LOGIN.OK in its security log, but the user stays at the login page.
Any ideas why the user is not logged in?
Here are the contents of the security.log file. I don't see any errors.
#1.#...#...#/System/Security/Authentication#sap.com/irj#com.sap.engine.services.security.authentication.logincontext#testuser#123456##n/a##4dde5d8ed4f411e1cacf005056950094#SAPEngine_Application_Thread[impl:3]_2##0#0#Info#1#com.sap.engine.services.security.authentication.logincontext#Plain###LOGIN.OK
User: testuser
Authentication Stack: ticket
Login Module | Flag | Initialize | Login | Commit | Abort | Details |
---|---|---|---|---|---|---|
1. com.sap.security.core.server.jaas.EvaluateTicketLoginModule | SUFFICIENT | ok | false | false | ||
2. com.sap.security.core.server.saml.jaas.SAMLLoginModule | SUFFICIENT | ok | true | true | ||
3. com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule | SUFFICIENT | ok | true | |||
4. com.sap.security.core.server.jaas.CreateTicketLoginModule | OPTIONAL | ok | false | |||
Central Checks | true | # |
Thanks for any assistance.
Jamie
We were able to get this working by changing both the SAMLLoginModule and BasicPasswordLoginModule to OPTIONAL.
Never mind and thanks anyway!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
81 | |
9 | |
9 | |
7 | |
7 | |
6 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.