- SAP Community
- Groups
- Interest Groups
- Application Development
- Discussions
- Single Sign On , Sun One LDAP, Oracle Portal BSP
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Single Sign On , Sun One LDAP, Oracle Portal BSP
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-07-2008 4:26 PM
Hello Forum members
I need recommendations / alternative solutions on the best way to implement SSO using Oracle Portal as the Front End via a BSP. We are using SAP4.7 and have no SAP Portal in place nor is it planned to move up this way currently.
SunOne LDAP will hold all the users approximately 60K, these users will click on the BSP within the Oracle Portal to gain access to the SAP system. The authentication is intended to be done on the Oracle Portal.
Does it matter if Logon Tickets are issued from the Oracle Portal? Or does it make sense to have SAP Logon Tickets from SAP Application? What are the security implications of such a decision to use Oracle Portal?
Any thoughts, recommendations, documentations welcomed
Sunil S Singh
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-07-2008 4:49 PM
How is the user authenticated at the (Oracle) Portal?
And do you also have a NetWeaver Java system in your landscape (because in that case you could deploy a custom JAAS login module to evaluate the SSO tokens of the Oracle Portal)?
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-07-2008 4:49 PM
How is the user authenticated at the (Oracle) Portal?
And do you also have a NetWeaver Java system in your landscape (because in that case you could deploy a custom JAAS login module to evaluate the SSO tokens of the Oracle Portal)?
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-07-2008 5:31 PM
Hi Wolfgang
Main objective is to accomplish through the leading systems ie. Sun One LDAP and Oracle Portal the ability:
- To use the SUN LDAP directory to intiate user id creation / deletion. It should be able to identify new/changed accounts and thus reflect such in the SAP system.
We do not have Netweaver in the landscape can you please let me know the benefits of such a scenario in a little bit more detail than just the deployment of a JAAS login e.g what effort is need to write a custom JAAS etc.
Thanks - Sunil
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-07-2008 6:24 PM
Sunil,
You will likely find that your Oracle portal can be used to store the ID in the HTTP header and then you can use an existing JAAS login module, and no need to have any custom code written to support your needs. I have seen this approach used a lot when a portal (SAP or non-SAP) is authenticating the user before they access SAP.
Thanks,
Tim
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-07-2008 7:29 PM
