on 09-22-2015 7:12 AM
Hi colleagues,
I have already installed my Fiori Apps in production Server, and I also have installed my SAP Fiori Client in my Ipad.
After using the SAP Fiori Client, I need the SSO login into my Fiori, so I explored my current system.
Currently, my system only using SAP NetWeaver AS ABAP, not with the AS JAVA.
How can I run my SSO in my SAP Fiori Client in my Ipad so I don't need input any user and password everytime when I want to use it.
I cannot found the configuration for SAML 2.0 in SAP NetWeaver AS ABAP. The possible used is using the Kerberos. But Kerberos only used when I access the Fiori in the same network as the server, and I can not use my Ipad using mobile network to access Fiori.
Do someone have some idea(s) for this logon issue??
Regards,
Kris.
Hi Alexander,
AS ABAP does support SAML as authentication method. You can deploy ABAP as a SAML Service Provider. Please see here for a detailed instruction. https://help.sap.com/saphelp_nw70ehp2/helpdata/en/4a/b6df333fec6d83e10000000a42189c/content.htm
The limitation you mentioned with AS ABAP only applies for the SAP GUI based logon. There the ´SAML is not supported. But in your scenario you want to use the Fiori client to authenticate to the AS ABAP server, the official document for Mobile SSO should work in your scenario.
You do need an extra AS JAVA server to hold the IDP. And you need to re-buid the Fiori client so that it can work together with the SAP authenticator. Please follow the below link for more detailed information.
Best regards
Xuan
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Vijay,
Thanks for your respond. But I already read both links. It needs the SAP NetWeaver AS JAVA server to run on it. My system doesn't have the SAP NetWeaver AS JAVA. Currently, my system runs in SAP NetWeaver AS ABAP Platform. As far as I know, AS ABAP only used Kerberos to use SSO, which only runs in same network as the server, not in the internet-facing client. And it needs mapping between windows login users and SAP Logon. Please, correct me if I'm wrong.
it seems your currect
Link and SAP Fiori Client (Single Sign-On) on iPad and SSO for fiori apps
User | Count |
---|---|
90 | |
10 | |
10 | |
10 | |
7 | |
7 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.