https://community.sap.com/t5/technology-q-a/delegate-authentication/qaa-p/9181380#M3258461 <HTML><HEAD></HEAD><BODY><P>Answer to question 1 is that delegate authentication can mean just about anything. If interpreted generally, it could mean that SAP uses external authentication. That can be SPNEGO (Kerberos), SAML, any external system issuing a Logon Ticket which is then verified by SAP, etc.</P><P></P><P>Answer to question 2 is that I can't answer it without more details. You will have to share the technical details of your setup, including configuration and screenshots. Generally speaking I assume your LoginModule is incorrectly configured meaning you are not providing a fallback.</P></BODY></HTML> Fri, 18 Jan 2013 16:40:25 GMT Former Member 2013-01-18T16:40:25Z https://community.sap.com/t5/technology-q-a/delegate-authentication/qaq-p/9181376 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P><SPAN class="short_text" id="result_box" lang="en"><SPAN class="hps">Delegated authentication</SPAN> <SPAN class="hps">is possible</SPAN> <SPAN class="hps">in</SPAN> <SPAN class="hps">SAP</SPAN></SPAN>? In this case how work this type of autenthication?</P><P></P><P>I have&nbsp; a problem with portal authentication, if <SPAN id="result_box" lang="en"><SPAN class="hps">the</SPAN> <SPAN class="hps">ticket</SPAN> <SPAN class="hps">returned is</SPAN> <SPAN class="hps">from</SPAN> <SPAN class="hps">an unknown domain</SPAN> <SPAN class="hps">for the UME, w</SPAN></SPAN>e want to know if the delegated authentication can generate a new ticket against a trusted domain <SPAN class="short_text" id="result_box" lang="en"><SPAN class="hps">unknown,.this now not occur, is possible to combine two authentication mechanisms as </SPAN></SPAN>Kerberos and User/Password?</P><P></P><P>Thanks!!</P><P></P><P></P><P><SPAN class="short_text" id="result_box" lang="en"><SPAN class="hps"> </SPAN></SPAN></P><P><SPAN class="short_text" lang="en"><SPAN class="hps"></SPAN></SPAN></P><P><SPAN class="short_text" lang="en"><SPAN class="hps"></SPAN></SPAN></P><P><SPAN class="short_text" lang="en"></SPAN></P><P><SPAN class="short_text" lang="en"></SPAN></P></BODY></HTML> Thu, 17 Jan 2013 16:43:40 GMT https://community.sap.com/t5/technology-q-a/delegate-authentication/qaq-p/9181376 Former Member 2013-01-17T16:43:40Z https://community.sap.com/t5/technology-q-a/delegate-authentication/qaa-p/9181377#M3258458 <HTML><HEAD></HEAD><BODY><P>Move from KMC discussion area. </P><P></P><P>SAP moderator. </P></BODY></HTML> Thu, 17 Jan 2013 22:42:40 GMT https://community.sap.com/t5/technology-q-a/delegate-authentication/qaa-p/9181377#M3258458 LJB 2013-01-17T22:42:40Z https://community.sap.com/t5/technology-q-a/delegate-authentication/qaa-p/9181378#M3258459 <HTML><HEAD></HEAD><BODY><P>I have hard time understanding what you have written but I will answer to the part I do understand. Yes, you can setup SPNEGO as the primary authentication method and define basic authentication as a fallback method.</P></BODY></HTML> Fri, 18 Jan 2013 02:52:56 GMT https://community.sap.com/t5/technology-q-a/delegate-authentication/qaa-p/9181378#M3258459 Former Member 2013-01-18T02:52:56Z https://community.sap.com/t5/technology-q-a/delegate-authentication/qaa-p/9181379#M3258460 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>Thanks for wour answer and sorry because my <SPAN class="short_text" id="result_box" lang="en"><SPAN class="hps">explanation</SPAN> <SPAN class="hps">is confusing</SPAN></SPAN>.</P><P>Are two questions:</P><P>1. What is the delegate authentication in SAP? I have been looking for information but it is unclear.</P><P></P><P>2. If the UME of our SAP portal does not recognize the domain of logon ticket. We wanted to automatically request user and password but this does not happen.<BR />What can be causing this problem?</P><P></P><P>Regards</P></BODY></HTML> Fri, 18 Jan 2013 10:20:26 GMT https://community.sap.com/t5/technology-q-a/delegate-authentication/qaa-p/9181379#M3258460 Former Member 2013-01-18T10:20:26Z https://community.sap.com/t5/technology-q-a/delegate-authentication/qaa-p/9181380#M3258461 <HTML><HEAD></HEAD><BODY><P>Answer to question 1 is that delegate authentication can mean just about anything. If interpreted generally, it could mean that SAP uses external authentication. That can be SPNEGO (Kerberos), SAML, any external system issuing a Logon Ticket which is then verified by SAP, etc.</P><P></P><P>Answer to question 2 is that I can't answer it without more details. You will have to share the technical details of your setup, including configuration and screenshots. Generally speaking I assume your LoginModule is incorrectly configured meaning you are not providing a fallback.</P></BODY></HTML> Fri, 18 Jan 2013 16:40:25 GMT https://community.sap.com/t5/technology-q-a/delegate-authentication/qaa-p/9181380#M3258461 Former Member 2013-01-18T16:40:25Z