cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SSO for Kiosk machines

Former Member

on ‎05-10-2014 3:41 PM

0 Kudos

Hello Everyone:

We have requirement to implement SSO for one of our customer, I was able to implement SSO with Kerberos mechanism for regular SAP users with the help of very good documents in this blog. I had couple more requirements as part of same project to implement SSO on Kiosk(Shared systems) with below requirement. Can you please advise on how to implement this?

For first step , As there will be no secure login client available on Kiosk machines Shared users will be forced to login with password login but how can the same authentication be used for portal login with out login prompt second time and vice versa.

Is  SAP LOGON Ticket implementation between ECC and Portal works for below requirement? I am wondering if this works for requirement 1 ?

Requirement 1 :

User is logged into a kiosk (shared) machine using the Generic ID (domain system user id). User clicks on SAP log on pad on the Kiosk (shared) machine and is prompted to log in using his network ID. User types in his network user ID (i.e.test1) and log into SAP ECC system.User types a URL in the browser (IE 9/10) to access SAP ortal should be able to login without login prompt again.

Requirement 2:

User is logged into a kiosk (shared) machine using the Generic ID (domain system user id).User types a URL in the browser (IE 9/10) to access SAP Portal and is prompted to log in using his network ID. User types in his network user ID (i.e.test1) and log into SAP Portal. User clicks on SAP log on pad on the Kiosk (shared) machine with out login prompt again

Thanks in advance!!!

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎05-13-2014 2:37 AM
0 Kudos

Dear Everyone:

Any suggestions please?

Show replies
Show replies
tim_alsop
Active Contributor
‎05-13-2014 7:40 AM
0 Kudos

I have helped many companies with kiosk workstation user logon when using Active Directory credentials. However, the requirements are not same as yours. Most companies in my experience want the ECC logon to prompt for Active Directory credentials, and for browser based logon to also prompt for Active Directory credentials. Then, the user only has to remember their domain credentials and doesn't need any SAP password to remember.

However, in your description of customer requirements, you are expecting the ECC logon to allow the user to logon using a web browser without being prompted again, and also allowing browser logon to allow ECC logon without prompting again. This makes your requirements different and more challenging to achieve.

Former Member
‎05-13-2014 11:24 AM
0 Kudos

Hi Tim:

Thanks for sharing your experience. I think I need to elaborate my requirement more as my requirement is same as well you described.

In my case as well user is prompted for AD credentials only but not SAP user master credentials in both the cases(LDAP and SAP user master were in synchronized). Its just he/she need to punch in credentials manually for both ECC and portal.

1) User login to Kiosk using shared credentials

2) When user punch AD credentials on logon pad of ECC , He/she should not be asked again credentials for Portal

3) When user punch AD credentials first time for portal system, he/she should not be asked again credentials for ECC system.

Can you please advise on how this can be done?

Thanks a lot .

Ravi

Former Member
‎05-10-2014 4:33 PM
0 Kudos

See for an example Kiosk scenario.

Show replies
Show replies
Former Member
‎05-10-2014 4:40 PM
0 Kudos

Hi Samuli;

I have gone through this earlier but I don't think its applicable to requirements I posted. I am thinking of configuring SAP LOGON tickets between AS ABAP & AS JAVA for this . Any other thoughts appreciated!.

Thanks

Ask a Question