cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SSO on NWBC

Go to solution
mandla_ngubane5
Explorer

on ‎09-08-2014 5:19 PM

0 Kudos

Good day,

Please help, we are implementing SSO using Secure Login Server, Secure Login Client, Active Directory, X.509 certificates. We've managed to get the setup to work for SAPGui with the Secure Login Server connected to the AD. However we cannot get nwbc (desktop & html) to work. We've done the nwbcoptions.xml settings, as well as transaction SPNEGO still the logon screen keeps popping up.

Any pointers would be appreciated.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

vijay_kumar49
Active Contributor
‎10-24-2014 3:27 AM
0 Kudos

Hello

There are 2 solutions:

there is the solution with SAP Logon Tickets. This solution is included in SAP Netweaver.

http://help.sap.com/saphelp_nw70ehp3/helpdata/en/4c/5bd4fe97817512e10000000a42189b/content.htm

So this is a solution for SSO for NWBC but you also want to have a Kerberos integration ... this is an issues because only SAP NW Java is suppporting SPNego and not SAP NW ABAP. So this solution is only working if the first request will be send to SAP NW Java server and the user gets then a SAP Logon Ticket. See also:

http://scn.sap.com/people/andre.fischer/blog/2010/03/31/single-sign-on-technologies-supported-by-the...

Furthermore there is the additional product SAP NetWeaver Single Sing-On available which support also NWBC 3.0 and higher: http://help.sap.com/nwsso10 -> installation -> components: secure login client + secure login sever + secure login library. NWBC is supported here via certificates out of the box.

You can find also a how to guide here for SAP NW SSO:

http://scn.sap.com/docs/DOC-29687

See below blogs

Regards

Vijay Kalluri

Show replies
Show replies

Answers (2)

Answers (2)

Former Member
‎10-21-2014 2:09 PM
0 Kudos

Did you check if there are duplicate Service Principal Name being used?

Try this command to check:

setspn –T * -T foo -X

Show replies
Show replies
Former Member
‎09-09-2014 7:30 AM
0 Kudos

See NWBC meets Single Sign-On: Simplify Secure Data... | SCN.

Show replies
Show replies
Ask a Question