cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

.Net SSO with SAP

Go to solution
Former Member

on ‎01-28-2008 10:22 PM

0 Kudos

We have implemented SSO using SNC so that users do not have re-login after authenticating to windows active directory. As part of the projec tSNC was implemented on the SAP production environment.

We currently have additional requirements. We have an existing Project Systems .Net Application that connects into SAP. Currently our users have to logon to the application first. We want to replace the logon screen with SSO.

Can someone please provide any guidance on this. Is it possible to do given the SNC app exists on the SAP system? How do we extract the username and password from SNC and use it to authenticate to SAP.

Thanks

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎01-29-2008 1:08 PM
0 Kudos

To clarify, what I meant to ask is does the Kerberos library have to exists on the .Net app server or on the SAP app server?

Also, when using SAP's connection example as follows:

// connection string with SNC parameters and debug

string ConnStr = "ashost=pcintel11 client=000 snc_mode=1 sysnr=00 type=3 user=SAPDOTNET snc_partnername=\"p:SAPServiceCS2@nt5.sap-ag.de\";

How do I determine the snc_partername parameter value?

Thanks

Show replies
Show replies
Andre_Fischer
Product and Topic Expert
Product and Topic Expert
‎01-31-2008 9:11 PM
0 Kudos

Hi Attia,

I assume that you are using the SAP connector for Microsoft .NET and that you want to achieve SSO using Kerberos and the gsskrb5.dll.

The snc_partername parameter value consists out of the sAMAccountName and the Full Qualified Domain Name of the Windows Domain of the user that starts the service of your SAP system.

This is usually the user SAPServiceSID@MYCOMPANY.COM

This value is usually also equal to the userPrincipalName of a windows domain user.

You can determine these values by using the LDAP browser ldp.exe that is part of the support tools.

The SNC Library (in your case I assume it is the gsskrb5.dll) has to be installed on the SAP Application Server (where it should already have been installed since you are already using SSO) and on the client PC. That means in your case where your .NET application is running on that is using the SAP .NET connector.

Instead of using the SAP .NET connector you should think about using web services since every remote enabled rfc function module can be exposed as a web service.

In my blog

[Single Sign-On of Windows-based Web Service Clients using SAP Logon Tickets|https://www.sdn.sap.com/irj/sdn/weblogs?blog=/pub/wlg/4872] [original link is broken] [original link is broken] [original link is broken];

I have described how to achieve SSO with a .NET based web services client.

Best regards,

Andre

Answers (4)

Answers (4)

Former Member
‎11-11-2009 1:30 PM
0 Kudos

Hi All,

Good and exact discussion I was looking for.

I found two topics in this discussion.

1) SSO in .Net to access SAP server - Actually I am trying to do the same thing. I need to show IView in ASP.NET application. I have IView url and credentials to access it. So I want to achieve it with SSO from .NET. So if any one had found the solution and implemented the same thing then please help me to implement the same thing.

2) Accessing SAP from SharePoint using SSO - I have implemented this thing successfully and it working perfectly in production environment. So if any one wants to know how to access SAP server from sharepoint using SSO. Actually no need to develop it in .Net and deploy it sharepoint.

So lets share our knowledge and experence.

Cheers,

Show replies
Show replies
Former Member
‎11-17-2009 5:34 AM
0 Kudos

Hi Netweb!

I am looking for configuring SSO from SharePoint to SAP EP. My scenario needs to login to SharePoint with Windows authentication and then from SharePoint portal -SSO-EP. I am not looking for fetching any iView to Sharepoint from EP or vice-versa. It is simply the SSO that we want to achieve from sharepoint to SAP EP. As you said you have successfully implemented this scenario, I will appreciate if you can share some configuration details.

Former Member
‎11-18-2009 4:58 AM
0 Kudos

Hi Rahat Ahmad

Visit the following link and download the document. This document contains the perfect detailed steps to configure SSO in sharepoint for SAP IView.

http://go.microsoft.com/fwlink/?LinkId=96087&clcid=0x409

I had done using this document. There might me some changes we need to do based on our environment. First you follow by this document after that if you face any problem then let me know.

NOTE : Read carefully the "Single Sign-On service account criteria" which is on page no 8 in the document. The user must be a DOMAIN user.

Please let me know if you require more information or assistance.

Cheers.

Edited by: Netweb on Nov 18, 2009 5:58 AM

rudradev_devulapalli3
Active Participant
‎07-13-2010 11:22 AM
0 Kudos

Hi Netweb,

I have similar scenario where share point portal has to be configured with SSO to back end SAP ECC system.In ECC we have workflow mail triger functionality ,which will be triggering a mail to user outlook mailbox.On click of the mail in outlook we want ECC page to be launched in share point portal and it should not prompt for secondary authentication.Share point is configured with windows authentication.All servers are pointing same Active Directory.

Please help in achieving this.

Thanks,

Regards,

Rudradev Devulapelli.

Former Member
‎11-11-2009 1:28 PM
0 Kudos

Hi All,

Good and exact discussion I was looking for.

I found two topics in this discussion.

1) SSO in .Net to access SAP server - Actually I am trying to do the same thing. I need to show IView in ASP.NET application. I have IView url and credentials to access it. So I want to achieve it with SSO from .NET. So if any one had found the solution and implemented the same thing then please help me to implement the same thing.

2) Accessing SAP from SharePoint using SSO - I have implemented this thing successfully and it working perfectly in production environment. So if any one wants to know how to access SAP server from sharepoint using SSO. Actually no need to develop it in .Net and deploy it sharepoint.

So lets share our knowledge and experence.

Cheers,

Show replies
Show replies
Former Member
‎11-11-2009 1:28 PM
0 Kudos

Hi All,

Good and exact discussion I was looking for.

I found two topics in this discussion.

1) SSO in .Net to access SAP server - Actually I am trying to do the same thing. I need to show IView in ASP.NET application. I have IView url and credentials to access it. So I want to achieve it with SSO from .NET. So if any one had found the solution and implemented the same thing then please help me to implement the same thing.

2) Accessing SAP from SharePoint using SSO - I have implemented this thing successfully and it working perfectly in production environment. So if any one wants to know how to access SAP server from sharepoint using SSO. Actually no need to develop it in .Net and deploy it sharepoint.

So lets share our knowledge and experence.

Cheers,

Show replies
Show replies
Former Member
‎01-25-2011 9:48 AM
0 Kudos

Hello Experts,

Similar to the point number 2 above, we have a requirement wherein we need to cofigure SSO between Sharepoint and SAP Portal over the internet.

We have certain links in Sharepoint portal which point to the SAP portal iViews. Over the internet the user will be authenticated before entering the Sharepoint portal, therafter he should be able to access the SAP portal directly without being asked for the user id and password again.

Over the LAN we've used SPNEGO for SAP EP and IIS based windows integrated authentication for Sharepoint to achieve SSO for both the portals respectively. This works fine.

Please suggest a solution.

Best Regards

Gaurang Dayal

Former Member
‎03-27-2009 5:18 AM
0 Kudos

Hi Andre,

First of all I want to appreciate your blog named Single Sign-On of Windows-based Web Service Clients using SAP Logon Tickets, it's very good and very explanatory.

The problem is that I try to reproduce it in my environment but and exception (400) Bad Request is returning from the server.

This is my scenario: I need to connect Share Point with SAP Portal, when the user are connected remotly to Share Point they have to be able to access SAP Portal using SSO, so I am trying to develop an ASP.net application which can be able to access the SAP Portal using SSO.

I not pretty sure if you understand my point, if you need more clarification, please let me know.

Do you have any clue about what could happen.

Thanks very much in advance for all your help.

Armando

Show replies
Show replies
former_member182374
Active Contributor
‎03-31-2009 9:22 AM
0 Kudos

Hi Armando,

Were you able to solve the "400 - Bad Request" error?

I have exactly the same issue...

Thanks,

Omri

Ask a Question