08-07-2008 5:45 PM
Hi Gurus,
currently our environment is setup for Single Sign on from Portal to all the backend systems like R3/SRM.Now we are planning to Internet enable our portal system and there is a need to make the system https enabled.My doubt is whether the Single Sign setup will work after moving portal to https or do we need to set it up again.
If we need to set it up again will the MySAPSSO2 Cookie method still work or do we need to move to some other strategy for SSO.
Regards!
08-07-2008 5:48 PM
Short answer - "Yes"
Long answer - HTTPS is providing transport level security, and SSO2 cookie is used for authentication and is therefore not dependant on transport security. If you have configured SSO and are using SSO2 cookies you can enable HTTPS and SSO will still work.
Thanks,
Tim
08-07-2008 5:48 PM
Short answer - "Yes"
Long answer - HTTPS is providing transport level security, and SSO2 cookie is used for authentication and is therefore not dependant on transport security. If you have configured SSO and are using SSO2 cookies you can enable HTTPS and SSO will still work.
Thanks,
Tim
08-08-2008 1:11 PM
Thanks Tim....in that case our backend systems to be accessed from Portal also need to be https enabled?
08-08-2008 1:15 PM
It is not required, but strongly advised. Otherwise when browser accesses backend system the MYSAPSSO2 cookie will be sent unprotected which could have a security risk.
Thanks,
Tim
08-08-2008 12:47 PM
Important note: Please move to HTTPS as soon as possible. The SAP logon ticket stored in the MYSAPSSO2 is enough to log everyone on as the user who was issued the ticket. I.e. everybody who can eavesdrop on the network connection can log on to your SAP systems!