Solved: Single Sign on Using MySAPSSO2 logon ticket with h...

Former Member · ‎08-07-2008

Hi Gurus,

currently our environment is setup for Single Sign on from Portal to all the backend systems like R3/SRM.Now we are planning to Internet enable our portal system and there is a need to make the system https enabled.My doubt is whether the Single Sign setup will work after moving portal to https or do we need to set it up again.

If we need to set it up again will the MySAPSSO2 Cookie method still work or do we need to move to some other strategy for SSO.

Regards!

tim_alsop · ‎08-07-2008

Short answer - "Yes"

Long answer - HTTPS is providing transport level security, and SSO2 cookie is used for authentication and is therefore not dependant on transport security. If you have configured SSO and are using SSO2 cookies you can enable HTTPS and SSO will still work.

Thanks,

Tim

tim_alsop · ‎08-07-2008

Short answer - "Yes"

Long answer - HTTPS is providing transport level security, and SSO2 cookie is used for authentication and is therefore not dependant on transport security. If you have configured SSO and are using SSO2 cookies you can enable HTTPS and SSO will still work.

Thanks,

Tim

Former Member · ‎08-08-2008

Thanks Tim....in that case our backend systems to be accessed from Portal also need to be https enabled?

tim_alsop · ‎08-08-2008

It is not required, but strongly advised. Otherwise when browser accesses backend system the MYSAPSSO2 cookie will be sent unprotected which could have a security risk.

Thanks,

Tim

Former Member · ‎08-08-2008

Important note: Please move to HTTPS as soon as possible. The SAP logon ticket stored in the MYSAPSSO2 is enough to log everyone on as the user who was issued the ticket. I.e. everybody who can eavesdrop on the network connection can log on to your SAP systems!

Single Sign on Using MySAPSSO2 logon ticket with http vs https