cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SSO Between AS-JAVA Portal 7.02 and Microsoft ADS

Go to solution
Former Member

on ‎09-17-2014 9:31 AM

0 Kudos

Hello,

I wonder if there's any document describing how to install single sign on between HR portal based on AS-JAVA 7.02 SP3 and Microsoft ADS 2008.

We want users to be able to log in to HR portal using their ADS users. Hence that they have users created on the portal already so, i'll have to map them.

Thanks in advance.

Mohamed M.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

donka_dimitrova
Contributor
‎09-17-2014 9:45 AM
0 Kudos

Hello Mohamed,

Please, find the documentation how to implement Single Sign-On with Kerberos/SPNego:

Using Kerberos Authentication for Single Sign-On - User Authentication and Single Sign-On - SAP Libr...

Here you will be able to find the documentation about the users mapping:

Configuring the UME - User Authentication and Single Sign-On - SAP Library


Best regards,

Donka Dimitrova

Show replies
Show replies
Former Member
‎09-18-2014 6:20 PM
0 Kudos

Thank you very much, the links were very useful .

I've followed all the procedure but, we are having hard time using the LDAP as a datasource (can't find LDAP in our list of data sources) as we were using ABAP datasource before.

I can not find any guide to put both together to be our datasource for the java instance.

Please, if you have any idea on how to do this, share it!

Have a nice day.

davefitzgibbon
Advisor
Advisor
‎09-23-2014 11:23 AM
0 Kudos

Hello Mohamed,

Unfortunately, if your data source is currently ABAP then as per note 718383, a change to ldap or UME only data source is not supported. In a dual stack environment, ABAP data source is mandatory.

It can be possible to change this however, it can lead to many issues and inconsistencies with User and roles etc.

Alternatively, you can still achieve SPNego authentication vai AD with an ABAP data source.

Please have a look at the following Blog explaining the procedure to setup SPNego with ABAP Datasource

http://scn.sap.com/people/holger.bruchelt/blog/2008/03/10/configuring-spnego-with-abap-datasource

That should get you started with configuring this.

Hope this helps.

Regards,

Dave

Former Member
‎09-26-2014 4:51 PM
0 Kudos

Hi Mukhtar,

As David Pointed out , you can achive SSO with AD keeping the UME as ABAP.

But in case you want to change it to LDAP Datasource, it is a 2 step process.

1) You have to change the Datasource to Database ( Using the Visual Administrator )

Change the property ume.persistence.data_source_configuration of Service com.sap.security.core.ume.service to dataSourceConfiguration_database_only.xml

2) SAVE

3) Restart the AS Java

4) Now , when you navigate to UME Configuration , you shall be able to see the LDAP options in the Drop Down.

Regards,

Ashish .A. Poojary

Answers (0)

Ask a Question