on 06-04-2015 11:12 AM
Hi,
We need to configure sso between SMP 3.0 sp7 and NetWeaver gateway server.our architecture is SMP 3.0--NWGW central hub--Backend system Ecc. Ldap configuration has been done between AD and SMP 3.0 (End user will login in to the mobile device using windows AD user account and it will fetch data from backend system via nwgw. I hope sso between NWGW and ECC can be done by StrustSSO, but single signon between SMP 3.0 and NWGW is new to us,Kindly help me by sharing any document for this.
IMO, you have to export certificate of Gateway server and import it into SMP server keystore.
1. You can directly export the certificate from OData service document
2. Go to SMP server installation path, run below command
C:\SAP\MobilePlatform3\Server\configuration>keytool -import -v -alias gw -keystore smp_keystore.jks -storepass changeit -file <GW server certificate>
gw: any name of your choice
changeit: SMP keystore password (you have to enter as per your configuration done while SMP installation)
3. Open Admin cockpit :
select SSO as one of the SSO2 mechanism under Backend tab,
Under Authentication tab, add HTTP/HTTPS authentication security provider
e.g.
(Above scenario doesn't fit for mutual way authentication)
You can verify that security profile settings using (Example 2)
For any SMP related query, feel free to post it at
Regards,
JK
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi JK,
I am testing SSO from SMP 3.0 SP07 with GW.
I have 2 apps abc1 & abc2. abc1 has Basic + HTTP without MYSAPSSO2 cookie. where as abc2 has SSO + HTTP with MYSAPSSO2 cookie as you mentioned above.
I have 2 issues.
1. Even when I log in with different USER credentials, both applications are working fine but only one USERID is getting logged into SAP ECC.
2. Can I test SSO using rest client? Pls see screen shots. For abc1, I see MYSAPSSO2 cookie is coming in rest client but for abc2 MYSAPSSO2 cookie value did not come. Is this how it should work?
Is my ECC system correctly configured for SSO using MYSAPSSO2 cookie?
Thanks
seenu
Hello Seenu,
1. Even when I log in with different USER credentials, both applications are working fine but only one USERID is getting logged into SAP ECC.
What about registration at SMP ? Do you see both users registered for respective apps? Are you able to see data for both apps in REST client (GET method) ?
2. Can I test SSO using rest client? Pls see screen shots. For abc1, I see MYSAPSSO2 cookie is coming in rest client but for abc2 MYSAPSSO2 cookie value did not come. Is this how it should work?
Is my ECC system correctly configured for SSO using MYSAPSSO2 cookie?
This is the correct behavior of SSO2 mechanism with respect to MYSAPSSO2 cookie, i can confirm it.
more info on SSO2:
Regards,
JK
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
84 | |
10 | |
10 | |
10 | |
7 | |
6 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.