02-21-2007 9:29 AM
hi,
please any one tell how to configure sso between two sap netweaver portals.
If u can give me step by step guide i would be thank ful .
thanks in advance to all
02-21-2007 3:17 PM
Hay Vivek,
this link tell you how to enable SSO using logon tickets, you can also use logon ticket verification between two java WAS.
http://help.sap.com/saphelp_nw04s/helpdata/en/a0/88a340fa432b54e10000000a1550b0/frameset.htm
sorry, don't have a step-by-step,
best of luck,
Uri Lifshitz.
02-23-2007 12:08 PM
hi uri lifshitz,
Thanks for the reply.
I am trying to configure sso.i have two portals and i want to access web application deployed in j2ee engine of one portal through other portal using sso.
Both portals are in same domain.
i followed the following steps:
step 1
a. Using the Key Storage service on the ticket-issuing server, select the
TicketKeystore view and the SAPLogonTicketKeypair-cert entry.
b. Choose Export.
c. Specify a filename. Use the file type X.509 Certificate with the extension
.crt and choose OK.
step 2
a. Using the Key Storage service on the accepting server, select the
TicketKeystore view.
b. Choose Load.
c. Select the file from the file system and choose OK.
step 3
a. Using the Security Provider service, choose Policy Configurations.
b. Select the ticket (or evaluate_assertion_ticket) template or the
application that is to accept logon tickets.
The login module stack for the template or application appears.
c. Select the EvaluateTicketLoginModule (or
EvaluateAssertionTicketLoginModule) entry and choose Modify.
d. Under Options, make the following entries for each ticket-issuing server from
which the J2EE Engine should accept logon tickets:
trustedsy1 J2E,000
trustediss1 CN=J2E (From the certificate i imported ie, from issuer DN)
trusteddn1 CN=J2E(From the certificate i imported ie, from owner DN)
step 4 i adjusted the login module ticket to web application
And both portals are in same domain.
When i logged into the issuer portal and try to acess the web appliaction in other portal it still prompts me for the username and password.