on 08-05-2012 11:19 AM
Hi Experts,
There are 2 SAP Java stack systems in our landscape. Following are the details about the system:
Java stack 1 : Secure Login Server and Identity Federation component (Domain A)
Secure Login server issues X.509 certificates to provide SSO to ABAP systems.
Identity Federation compoenent i.e Identity Provider to provide cross domain SSO
Java stack 2 : SAP IDM system (in a different domain & company). (Domain B)
I've configured Service Provider on Java stack 2 to trust Identity Provider of Java stack 1.
Requirement:
When a user from Domain A tries to access resources on Java stack 2 (Domain B) using https://<IP>:<port>/idm he should be redirected to Java stack 1 (Identity Federation component) for authentication.
If a user has valid X.509 certificate issued from Secure Login Server, he should be authenticated to Identity Federation in java stack 1 with out entering password and SAML2.0 assertion should be sent back to Java stack 2 . Then Java stack 2 will create a session for authenticated user.
Question:
2. Is it possible to use X.509 certificate to autheticate with Identity Provider? Is this a limitation with SAP Identity Provider product?
Please advice if I'm on the correct track.
Note:
IDM is just an example. I want to extend this design to to other Java stack systems which are out of our domain
This question was answered in http://scn.sap.com/thread/3217854 thread.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
89 | |
10 | |
9 | |
9 | |
9 | |
6 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.