Community
Application Development and Automation Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

Need Help: single sign On using Kerberos Authentication for AS Java

Former Member

‎2007 Dec 04 9:05 PM

0 Likes
336

Hi,

We are setting up single sign On using Kerberos Authentication for AS Java. We have already implemented the Note 994791 - SPNego Wizard. We are confident that we can setup single sign on for AS Java with Kerberos. But we are also planning for the single sign on between AS Java and AS ABAP on the backend.

The Windows logon Name (ADS) is different than that of the SAP ABAP stack login id. We are unsure if we can setup SSO for this type of configuration.

Our setup should be looking like this:Windows Login (Kerberos-ADS) -> AS Java Stack (UME Poining to ADS) -> AS ABAP Stack.

The ABAP Stack login id and the windows login id are diferent. Please let me know if anyone has this type of SSO setup and the necessary mappinng attributes.

Message was edited by:

kumar gangula

1 REPLY 1
Read only

Former Member

‎2007 Dec 06 2:42 AM

0 Likes
285

We have basically the same setup. We added a custom attribute in AD called sapusername. For all SAP users, their SNC Name is set to their samaccount name in AD, which we update via an ABAP program that is ran in batch. I then configured my portal for usermapping via sapusername from AD. Once SPNego was configured, the portal authenticates via the Windows logon, user mapping determines the SAP user, the SSO via logon tickets authenticates on the backend.