on 06-28-2016 8:49 AM
Hello All,
I have a new SAP Portal 7.31 installation and my plan is use LDAP as Data Source in UME SAP Portal,
and configurer SSO between SAP Portal And LDAP by using SAML 2.0.
Is it any bedste practices for this configuration?
I have seen a lot of explanation and I am quit confused.
Any help?
Thanks
Reza
Hello Reza,
For such scenario you need a SAML Identity Provider and you can get such with the SAP Single Sign-On product (license required).
REgards,
Donka Dimitrova
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Reza,
You can simply configure an LDAP Directory as a Data Source for the AS JAVA UME:
Configuring the UME to Use an LDAP Directory as Data Source - Identity Management - SAP Library
This way you will be able to configure the applications, running on AS JAVA Server (like the SAP Portal), to use the LDAP credentials. But this is simply authentication (no SSO).
SSO - single sign-on means the user to authenticate once to an identity provider (for example MS Domain or SAML IDP) and then to have SSO based on tokens (for example Kerberos/SAML) to all applications that trust this identity provider. This is SSO and if you need SSO for SAML 2.0 based applications (as you mentioned in your very first post), then you need a SAML Identity Provider.
If you don't need SAML 2.0 based SSO, you can simply go with configuring authentication based on the LDAP credentials.
Regards,
Donka Dimitrova
Hello Donka,
Thanks for Replay, I am just confused, I have this SAP Portal and I want to configure SSO connection
Between SAP Portal and LDAP server, to use AD as Data Source in Portal UME.
For this solution i want to use spnego, do you know what is different to start spnego from:
http://java-server.port/spnego
or
Http://java-server:port/nwa -> sonfiguration and spnego from there?
I find this solution on sap note 994791.
Thanks
Reza
Hello Reza,
Please, find here in the documentation how to implement SSO based on Kerberos/SPNEGO for applications running on AS JAVA server:
Kerberos and SAP NetWeaver AS for Java - User Authentication and Single Sign-On - SAP Library
Here is also the wiki on this topic:
SPNego Kerberos Authentication - SAP Netweaver Application Server Java - SCN Wiki
Regards,
Donka Dimitrova
User | Count |
---|---|
86 | |
10 | |
10 | |
9 | |
7 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.