cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SSO with BSP Not Working

Go to solution
former_member182416
Active Contributor

on ‎10-26-2007 1:20 PM

0 Kudos

Hi

I am running Nw2004s Portal with ECC5 as BackEnd.

I have Configured the ECC5 for SSO using RZ10 and strustsso2.

The Portal UserIDs are same as those in ECC5 .

The SSO is working fine with ESS in the Portal.

But when i run a BSP iView then it asks for UID,PWD in a PopUp.

I am accessing the Portal with FQDN and in the properties of the System

referred by BSP also maintained FQDN of the backend WebAS.

How to get rid of this Login PopUp for BSP ?

Any Help will be highly appreciated !

Regards,

Rajendra

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

athavanraja
Active Contributor
‎10-27-2007 6:37 AM
0 Kudos

can you try a transaction iview from the same system (where bsp is) and confirm that the sso is working?

what values are set for

login/accept_sso2_ticket

login/create_sso2_ticket

profile parameters?

Raja

Show replies
Show replies
former_member182416
Active Contributor
‎10-27-2007 7:57 AM
0 Kudos

Hi Raja

these are the values set.

login/accept_sso2_ticket = 1

login/create_sso2_ticket = 1

when i create a Transaction iView in Portal and run it then

also it askes me for the UserName , pwd.

The System it referes has SAPLOGONTICKET as login method.

Regards,

Rajendra

athavanraja
Active Contributor
‎10-27-2007 8:02 AM
0 Kudos

is portal certificate is loaded into the abap system? (verfif.der)

former_member182416
Active Contributor
‎10-27-2007 10:40 AM
0 Kudos

Hi Raja ,

The <Portal_SID>_Certificate.crt is loaded into the ABAP System.

(J2E_certificate.crt) which i downloaded from Visual Administrator.

I Could not load the verify.der into the ABAP System , thats why i used

the .crt file .When i tried to load the verify.der file in strussso2 i got the error

"Could not analysize".

Another thing to mention is my Portal and ECC5 are in different domains,

but i dont think it makes any difference, as my ESS Applications

which use SSO work absolutely fine.

so what can be the probelm ?

Ok , Now i deleted the Certificates in strustsso2.

and was successful in Loading the verfy.der file

into the ABAP System.

But Still the problem persists !

Regards,

Rajendra

Message was edited by:

Rajendra

Rajendrakumar Gaikwad

former_member182416
Active Contributor
‎10-31-2007 4:50 AM
0 Kudos

Hi Raja

Can u help me out of this Situation ?

Regards,

Rajendra

Former Member
‎10-31-2007 6:39 PM
0 Kudos

Hi ,

Please make small correction to profile params value to 0 for create

<b>login/create_sso2_ticket= 0</b>

login/accept_sso2_ticket=1

After importing portal certificate into ABAP in strustss02, ADD to ACL and the system prompts for SID (enter portal SID) & client= 000.

Now you should be fine.

Thanks

Vijay Kothapalli

former_member182416
Active Contributor
‎11-20-2007 4:24 AM
0 Kudos

HI

i have done that.

Only Confusion is login/create_sso2_ticket

whether to set its value 0 or 1 ?

I have set it to 1 as per Raja's Thread.

regards,

Rajendra

former_member185954
Active Contributor
‎11-20-2007 9:40 AM
0 Kudos

Hi Rajendrakumar,

You probably haven't updated the ACL properly via STRUSTSS02.

The portal server digitally signs logon tickets as it issues them to the portal users. SAP Systems need to accept the tickets and verify the portal server’s digital signature. The following information is important for the SAP System to be able to accept and verify logon tickets:

· The SAP System should only accept logon tickets issued from their designated portal server. Therefore, the identity of the portal server needs to be entered in the SAP System’s Single Sign-On (SSO) access control list (ACL).

· The SAP System needs to be able to verify the portal server’s digital signature. The portal server has a self-signed certificate, therefore the SAP System needs access to the portal server’s public-key information, which needs to be entered in the SAP System’s certificate list.

Check the following procedure

http://help.sap.com/saphelp_nw70/helpdata/en/78/f1a8490e7011d6999500508b6b8a93/frameset.htm

Regards,

Siddhesh

former_member185954
Active Contributor
‎11-20-2007 9:42 AM
0 Kudos

Also to solve your confusion about the profile parameters about SS02, Please check the following link:

http://help.sap.com/saphelp_nw70/helpdata/en/d2/91553b4d53273de10000000a114084/frameset.htm

Regards,

Siddhesh

former_member182416
Active Contributor
‎11-20-2007 10:06 AM
0 Kudos

Hi

I have already done all that .

and thats why my ESS/MSS applications are running

fine with SSO.

but for other applications like BSP or R3 Transactions

SSO is not working !

regards,

Rajendra

former_member185954
Active Contributor
‎11-20-2007 11:06 AM
0 Kudos

Hi Rajendrakumar,

I found this SAP Note:

Note 612670 - SSO for local BSP calls using SAP GUI HTML Control

I think it can resolve the problem.

Regards,

Siddhesh

former_member182416
Active Contributor
‎01-16-2008 3:16 AM
0 Kudos

Domain Relaxation solved the problem.

Regards

Rajendra

Answers (0)

Ask a Question