Connecting 2 Backend Systems, Part Three: Single Sign-On
Important update (4th June, 2014): SAP no longer advises the use of logon tickets, which are cookie-based. Use assertion tickets instead. (For more information on the difference between the two, see SAP Library 7.3 Logon and Assertion Tickets .)
This is a blog series in three parts:
OK, you have connected the two systems. And you have set up a trusted relationship. However, the trusted relationship is not single sign-on; it enables you to set up single sign-on.
The last step (and it is relatively quick and painless) is to set up single sign-on, based on the trusted relationship.
Before you start:
Make sure you have completed Part One (RFC Connections) and Part Two (Trusted Relationships) of this series.
CRM System: Logon Ticket Administration
- In the CRM System, open transaction Logon Ticket Administration for SSO, SSO2
- Enter the RFC destination you created in Part One (ABAP connection, type 3).
- Choose Execute
.
- In the logon screen that appears, log on to the ERP System, M10.
- On the screen that appears, make sure all profile parameters are up-to-date, by choosing
Enter Certificate in ACL and, if necessary, Certificate List (F9).
Your screen should look roughly like this:
If so, you're done! You have now fulfilled all the prerequisites and can add CRM functions to your ERP System roles, simply by following the SAP Library documentation:
9.3 How to Integrate CRM in NWBC
For more information, see also:
Authentication and Single Sign-On with SAP NetWeaver Business Client (NWBC) - blog by Nikhil Dhairyawan
