Now that you have decided to implement Single Sign On (SSO) with your SAP Sourcing/CLM 9 + deployment, the clear choice for making this user friendly functionality available to your constituents is SAML 2.0. As you probably know SAML 2.0 is the industry standard mechanism for providing SSO, and certainly one of the most popular in the marketplace, and not to mention it is recommended by SAP for all its applications as well. The recommended Identity Provider (IdP) is SAP Netweaver Identity Manager (IDM). SAP Sourcing/CLM 9 and above is also certified to use SAP Netweaver IDM 7.2 + as the IdP.
The reasons why SAML 2.0 is becoming the de facto SSO mechanism of choice and is growing so rapidly is clear; SAML is an XML-based, OASIS standard for exchanging user identity and security attributes information, besides it is an open Industry Standard SSO authentication protocol.
The major advantages for the end user, and our customers is also clear:
Caution: This blog is a pointer for the Authentication aspect only, and the authorization schemes in Sourcing/CLM which support the complex requirements and rigors of the application have not been changed at all. All the profiles will function as usual and will still need to be configured regardless of the authentication option or user data repository being used.
Let’s look at the setup, landscape, and the process a SSO attempt using SAML 2.0 would work:
Confused? Well don’t be, the entire mechanism and steps for enabling SAML 2.0 on SAP Sourcing/CLM 9.0 + and SAP Netweaver IDM, has been detailed in the first of a series we want to introduce in SAP Sourcing/CLM – Quick Guides. The Quick Guide – SAP Sourcing 9.0 Quick Guide: Configuring SAP Sourcing for SAML 2.0 is available in the SCN (http://scn.sap.com/docs/DOC-33751). The Guide has great step by step coverage of all the configurations that need to be carried out and are provided in a very brief primer below:
IdP Configuration Steps:
Service Provider (Sourcing/CLM ) Configuration Steps:
There are other Quick Guides that are being prepared to make the task of user attribute synchronization between the central user repository being used and SAP Sourcing/CLM easy, with a bonus tasks and jobs that can be deployed on SAP Netweaver IDM, and will be made available shortly. So stay tuned….
The new mantra is - Implement SSO using SAML 2.0.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
2 | |
2 | |
1 | |
1 | |
1 |