on 08-16-2007 3:53 PM
Hi all !
we use SAP NW Portal 7.0; we can access the portal from internet via Apache as reverse proxy;
our internal and external users access the portal via the Apache reverse proxy;
now we want to use kerberos to authenticate against J2EE of Portal;
Kerberos is working when ich access the Portal directly via http://<fqdn>:<port>/irj;
but when we want to access the portal via Apache reverse proxy e.g. http://portal.test.com authentication via Kerberos don't work; Apache doesn't pass the kerberos ticket;
is there any solution ?
the Apache reverse proxy should be the 'single point of contact' for portal access;
Thanks
Oliver
Oliver,
I'm not sure if you resolved this yet ?
Would a solution be of interest, where the user accessing SAP portal via Apache proxy is presented with a login screen, where they enter their Kerberos account name and password to logon to SAP, but when they logon from workstation on Intranet (inside firewall) they get authenticated via SPNEGO ?
Thanks,
Tim
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Kerberos authentication will not work over the internet.
This is the reason I am still using IISProxy and NTLM.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
to use the portal, all users ( internal or external ) have to use the URL to our apache reverse proxy; the URL is the same for internal or external users
for the internal users, it would be nice if the apache reverse proxy could pass the kerberos ticket to the portal server so that the login page doesn't appear;
how to ?
Thanks
Oliver
User | Count |
---|---|
76 | |
9 | |
8 | |
7 | |
6 | |
5 | |
5 | |
5 | |
5 | |
5 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.