cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Open LDAP Authentication in SAPNW 7.0 AS ABAP ( Linux)

Former Member

on ‎05-06-2008 12:40 PM

0 Kudos

Hello ! I need your help please.

I need to authenticate the SAP Users in a SAPNW 7.0 AS ABAP in Linux With an existing LDAP Directory (OPENLDAP).

I Dont have any Windows Active Directory in the infraesctructure.

The front end is Windows Xp with SAPGUI7.10 for Windows.

I know that is is possible to have a LDAP Directory as user data source but only in UME.

I check this options:

The Pluggable Authentication Services ,requires the availability of Sap Web application Server or lower, since PAS interface is not supported any more by the SAP application Server from SAP NW 2004 and UP.

Java Authentication and Authorization Service ( JAAS ) is not possible because i Need a Sap Netweaver Application Server Java.

¿ What options do I have , i am a bit confused ?

Thanks in advance.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

tim_alsop
Active Contributor
‎05-06-2008 12:55 PM
0 Kudos

Gabriel,

If you want to logon via SAP GUI using any method of authentication which is not the normal userid+password logon via SAP GUI logon screen, then you need to use the SNC-interface which is included in SAP GUI and SAP ABAP AS. If you use SNC, then you need a cryptographic library which allows you to authenticate outside of SAP, then the credentials obtained are used to establish a security context for authentication purposes. The problem is that LDAP protocol is not a secure method of authentication. I therefore doubt you will find any LDAP authentication solution that works with SNC, mostly because it is not technical practical or even possible to code such an authentication method.

For web logon to SAP ABAP, if you cannot use the standard methods included in ABAP engine, you need to use the JAAS custom login modules, which (as you indicated) will require a J2EE engine to be setup in your landscape, and use to authetnicate users to ABAP applications via a browser redirect.

I am intersted how your XP wrokstation users logon to their workstation without Active Directory ? Are they using local accounts, and no domain is used, or are you using Novell as your domain for user authentication ?

Thanks,

Tim

Show replies
Show replies
Ask a Question