cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to obtain the SAP Logon ticket from SAML token

former_member1297295
Explorer

on ‎09-22-2015 8:26 AM

0 Kudos

Hello Experts,

We are trying to implement SSO authentication for Workmanager 6.2. Since our client doesn't have SAP portal in their landscape, they want us to implement it using their existing SSO provided by Microsoft ADFS. They have implemented the same for their Fiori apps. However, Fiori apps works with HTTP and Workmanager does with RFC connections. Since RFCc don't accept SAML token, is there a way we can achieve this.

Thanks in advance

Regards

Shobha

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

former_member113639
Participant
‎09-22-2015 12:11 PM
0 Kudos

Hi Shobha,

can you provide more details. We have implemented authentication when user details are stored in MS ADFS but the customer had SAP Enterprise Portal which returned SAP SSO Token.

With Regards

Murali

Show replies
Show replies
former_member1297295
Explorer
‎09-22-2015 3:33 PM
0 Kudos

Hi Murali,

Thanks for your response. According to what SAP suggests, if we are having an enterprise portal, then connecting to the same using JAAS will retrieve us the credentials for RFC log on. However, the SAP Enterprise portals are to be decommissioned in the current system landscape. So, we can not use that. So, if we will receive the SAML token from the client's ADFS, how exactly we can authenticate the user for RFC log on?

Regards

Shobha

former_member113639
Participant
‎09-23-2015 1:18 AM
0 Kudos

Hi Shobha,

  As you rightly mentioned SAML is not supported with RFC/SAP GUI. AFAIK below are the authentication mechanisms supported for Agentry Applications (client authentication) in SMP 3.0

1. Basic Authentication (below are the possible authentication providers)

     a. http/https authentication

     b. Directory Service LDAP/AD

     c. No Authentication Challenge

2. Network Edge token based SSO (below are the possible authentication providers)

     a. Populate JAAS Subject from Client

     b. http/https authentication

3. SSO mechanism only basic authentication is supported

4. Kerberos SSO Any authentication provider (need to confirm I have not tried it)

I would also like to take inputs from (@bill can you please provide some comments and correct me if I am wrong and help Shobha)

Regards

Murali

Ask a Question