cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Single Sign-On in SAP Fiori using SAP NetWeaver AS ABAP

Go to solution
Former Member

on ‎09-22-2015 7:12 AM

0 Kudos

Hi colleagues,

I have already installed my Fiori Apps in production Server, and I also have installed my SAP Fiori Client in my Ipad.

After using the SAP Fiori Client, I need the SSO login into my Fiori, so I explored my current system.

Currently, my system only using SAP NetWeaver AS ABAP, not with the AS JAVA.

How can I run my SSO in my SAP Fiori Client in my Ipad so I don't need input any user and password everytime when I want to use it.

I cannot found the configuration for SAML 2.0 in SAP NetWeaver AS ABAP. The possible used is using the Kerberos. But Kerberos only used when I access the Fiori in the same network as the server, and I can not use my Ipad using mobile network to access Fiori.

Do someone have some idea(s) for this logon issue??

Regards,

Kris.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

former_member201756
Explorer
‎09-22-2015 8:49 AM
0 Kudos

Hi Alexander,

AS ABAP does support SAML as authentication method. You can deploy ABAP as a SAML Service Provider. Please see here for a detailed instruction. https://help.sap.com/saphelp_nw70ehp2/helpdata/en/4a/b6df333fec6d83e10000000a42189c/content.htm


The limitation you mentioned with AS ABAP only applies for the SAP GUI based logon. There the ´SAML is not supported. But in your scenario you want to use the Fiori client to authenticate to the AS ABAP server, the official document for Mobile SSO should work in your scenario.

You do need an extra AS JAVA server to hold the IDP. And you need to re-buid the Fiori client so that it can work together with the SAP authenticator. Please follow the below link for more detailed information.


Best regards


Xuan

Show replies
Show replies
Former Member
‎09-22-2015 9:17 AM
0 Kudos

Hi Xuan,

Great advices and references!! I'll tried to used those to my system. Hope this answered my issue. Thanks!! I'll update my thread soon.

Regards,

Kris.

Former Member
‎10-02-2015 7:33 AM
0 Kudos

Hi Xuan,

I supposed it needs a certificate to run SAML AS ABAP. It also needed to us to re-build the SAP Fiori Client. Is it another way to keep the SAP Fiori Client as it is but having the SSO ability?

Regards,

Answers (1)

Answers (1)

vijay_kumar49
Active Contributor
‎09-22-2015 7:41 AM
0 Kudos

Alex

Please reffer these documents. i hope it is usefull for you

Link-1 and Link-2

Show replies
Show replies
Former Member
‎09-22-2015 7:51 AM
0 Kudos

Vijay,

Thanks for your respond. But I already read both links. It needs the SAP NetWeaver AS JAVA server to run on it. My system doesn't have the SAP NetWeaver AS JAVA. Currently, my system runs in SAP NetWeaver AS ABAP Platform. As far as I know, AS ABAP only used Kerberos to use SSO, which only runs in same network as the server, not in the internet-facing client. And it needs mapping between windows login users and SAP Logon. Please, correct me if I'm wrong.

vijay_kumar49
Active Contributor
‎09-22-2015 8:07 AM
0 Kudos

it seems your currect

Link and SAP Fiori Client (Single Sign-On) on iPad and SSO for fiori apps

Ask a Question