cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SSO using SAML 2.0 with SAP Portal as service as identity provider and third party application as service provider

former_member183915
Active Contributor

on ‎09-06-2016 10:22 PM

0 Kudos

Hi,

I am trying to configure SSO between SAP portal and third party application using SAML 2.0. Basically end user will login to SAP portal post authentication which will act as the identity provider and click on links which will re direct to third party applications (Service provider) with the help pf SSO. I have already referred below links :

Configuring the Identity Provider - Identity Provider for SAP Single Sign-On and SAP Identity Manage...

https://wiki.scn.sap.com/wiki/display/Security/Single+Sign-On+with+SAML+2.0+and+ABAP+Systems+Support...

Can some one please let me know the step by step process to configure SSO in such a scenario for 7.0 and 7.3 portal ?

Regards,

Navya.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

former_member183915
Active Contributor
‎09-16-2016 10:52 PM
0 Kudos

Hi,

Absolutely any inputs anyone?

Regards,

Navya.

Show replies
Show replies
former_member183915
Active Contributor
‎09-07-2016 8:08 PM
0 Kudos

Hi All,

Any inputs anyone?

I have seen the steps below in one of the thread but where exactly in portal do we do these configurations steps.

1. Users authenticate at the SAP Portal and SAP Logon ticket is issued

2. User clicks a link which points to the third-party system (service provider).

3. As there is no session yet, the service provider sends authentication request to the identity provider (NetWeaver Java system 7.3).

4. The NetWeaver Java system 7.3 (identity provider) authenticates the user based on the SAP Logon ticket issued by the SAP Portal 7.01 (Java system trusts the portal) and returns SAML 2.0 response to the third-party system (service provider).

5. Service provider(third-party system) evaluates the SAML 2.0 response, authenticates the user and returns the requested resource.

Regards,

Navya.

Show replies
Show replies
donka_dimitrova
Contributor
‎09-07-2016 8:21 PM
0 Kudos

Hello Navya,

SAP Portal is not offering a SAML Identity Provider. The SAP SAML Identity Provider running on the SAP JAVA server is coming with the SAP Single Sign-On product (license required).

For more details about SAP SAML Identity Provider see this blog: Competitive advantages of SAP Identity Provider or see the documentation: http://help.sap.com/sso 

Regards,

Donka Dimitrova

former_member183915
Active Contributor
‎09-07-2016 9:13 PM
0 Kudos

Hi Donka,

Thanks for the input. Could you please let me know the pre requistes and the configuration steps to achieve SSO from SAP portal to third party application using SAML 2.0.

Regards,

Navya

donka_dimitrova
Contributor
‎09-07-2016 9:22 PM
0 Kudos

Hello Navya,

I see that you want to implement single sign-on for your company and you have to integrate SAP Portal and some 3rd party solutions that are SAML compliant.

This can be easily achieved using the SAP SAML IDP coming with the SAP Single Sign-On product (license required).

You can also use one login via Kerberos/SPNEGO and your users can simply authenticate in the morning to the Microsoft Domain and then the Kerberos token via SPNEGO will be used for secure authentication to the SAP Portal and any other SAML SP that is configured to trust the SAP SAML IDP. You can also configure the system that the user authenticates to the SAML IDP using their AS JAVA password or their AS ABAP password, etc.

All the implementation steps are available in the documentation via procedures.

Regards,

Donka Dimitrova

former_member183915
Active Contributor
‎09-07-2016 10:01 PM
0 Kudos

Hi Donka,

I am pretty new to SSO and configuring SSO for the first time. I have already referred below links and links on help.sap but bit confused.

1) The approaches that you mentioned above, which one is the preferred/best approach.

2) Will the configuration steps be same as mentioned in below link? Instead of successfactors, in my case  its a third party application link

Single Sign-On between SAP Portal and SuccessFa... | SCN

3) Can you share the link of documentation that details out the steps to configure SSO in this scenario.The link in hlep.sap doesn't detail out the steps.

https://help.sap.com/saphelp_nw73ehp1/helpdata/en/b1/491705355b4471a2e3551024f91ce0/content.htm

Regards,

Navya.

Ask a Question