cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Using IDM 8 as identity provider

Go to solution
Former Member

on ‎12-03-2015 1:26 PM

0 Kudos

Hello Team,

I need some guidance over here.

refer below scenario.

1. I have NW SSO 2.0 server and IDM 8.

2. We DONT have any other other user source for authentication (Ex. AD, LDAP etc..)

3. Hence we are planning to use IDM 8 as user authentication source.

So, the system architecture will be that IDM will be treated as user source and connected to SSO 2.0.

Once the user is authenticated they will be allowed to use SAP ECC.

So based on this, we were planning to use SAML 2.0 method.

However. I would like to know if I can use this method, if not which other configuration method  is applicable over here?

Regards,

Yatin Phad

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

donka_dimitrova
Contributor
‎12-03-2015 1:50 PM
0 Kudos

Hello Yatin,

As I already mentioned, it is possible to achieve such requirement, see the details in my post to your question here:

Configuring SAML 2.0 Authentication for your Secure Login Server

Regards,

Donka Dimitrova

Show replies
Show replies
Former Member
‎12-03-2015 1:56 PM
0 Kudos

Hello Donka,

Thank you for the quick response.

From the standard documentation, I found that that to establish assertion the user needs to be available both in IDM (identity provider) and SLS (service provider).

Please correct me on this understanding.

Regards,

Yatin Phad

donka_dimitrova
Contributor
‎12-03-2015 2:08 PM
0 Kudos

Hello Yatin,

These two providers are responsible for two different authentication types but both could be configured to use the AS JAVA UME as user store. For both will be ok when you provision your SAP IDM users to AS JAVA UME. What you need to decide is which technology to choose X.509 client certificates or SAML. AS ABAP server could be configured for both but if your company is still using SAP GUI, you have to go for X.509 client certificates.

If you are interested I can organize a remote session for you and your team and we can discuss the details and I will be able also to show you a demo. If you are interested just send me a message on donka.dimitrova at sap.com

Regards,

Donka Dimitrova

Answers (0)

Ask a Question