on 10-26-2007 1:20 PM
Hi
I am running Nw2004s Portal with ECC5 as BackEnd.
I have Configured the ECC5 for SSO using RZ10 and strustsso2.
The Portal UserIDs are same as those in ECC5 .
The SSO is working fine with ESS in the Portal.
But when i run a BSP iView then it asks for UID,PWD in a PopUp.
I am accessing the Portal with FQDN and in the properties of the System
referred by BSP also maintained FQDN of the backend WebAS.
How to get rid of this Login PopUp for BSP ?
Any Help will be highly appreciated !
Regards,
Rajendra
can you try a transaction iview from the same system (where bsp is) and confirm that the sso is working?
what values are set for
login/accept_sso2_ticket
login/create_sso2_ticket
profile parameters?
Raja
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Raja ,
The <Portal_SID>_Certificate.crt is loaded into the ABAP System.
(J2E_certificate.crt) which i downloaded from Visual Administrator.
I Could not load the verify.der into the ABAP System , thats why i used
the .crt file .When i tried to load the verify.der file in strussso2 i got the error
"Could not analysize".
Another thing to mention is my Portal and ECC5 are in different domains,
but i dont think it makes any difference, as my ESS Applications
which use SSO work absolutely fine.
so what can be the probelm ?
Ok , Now i deleted the Certificates in strustsso2.
and was successful in Loading the verfy.der file
into the ABAP System.
But Still the problem persists !
Regards,
Rajendra
Message was edited by:
Rajendra
Rajendrakumar Gaikwad
Hi ,
Please make small correction to profile params value to 0 for create
<b>login/create_sso2_ticket= 0</b>
login/accept_sso2_ticket=1
After importing portal certificate into ABAP in strustss02, ADD to ACL and the system prompts for SID (enter portal SID) & client= 000.
Now you should be fine.
Thanks
Vijay Kothapalli
Hi Rajendrakumar,
You probably haven't updated the ACL properly via STRUSTSS02.
The portal server digitally signs logon tickets as it issues them to the portal users. SAP Systems need to accept the tickets and verify the portal servers digital signature. The following information is important for the SAP System to be able to accept and verify logon tickets:
· The SAP System should only accept logon tickets issued from their designated portal server. Therefore, the identity of the portal server needs to be entered in the SAP Systems Single Sign-On (SSO) access control list (ACL).
· The SAP System needs to be able to verify the portal servers digital signature. The portal server has a self-signed certificate, therefore the SAP System needs access to the portal servers public-key information, which needs to be entered in the SAP Systems certificate list.
Check the following procedure
http://help.sap.com/saphelp_nw70/helpdata/en/78/f1a8490e7011d6999500508b6b8a93/frameset.htm
Regards,
Siddhesh
Also to solve your confusion about the profile parameters about SS02, Please check the following link:
http://help.sap.com/saphelp_nw70/helpdata/en/d2/91553b4d53273de10000000a114084/frameset.htm
Regards,
Siddhesh
User | Count |
---|---|
85 | |
10 | |
10 | |
9 | |
7 | |
6 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.