Chris,

The Excel plugin (EPM add-in) for BPC 10 does not use SNC. It uses HTTP authentication with SAP password, or asks user for certificate.

Thanks

Tim

Hi Tim,

Yes you're correct. If you configure the ABAP spengo (needed for http SSO) then EPM add-in will work with SSO.

Kind Regards,

Chris

Chris,

Are you sure it will ? Have you tried it ?

How do you stop EPM add-in from showing the Sign-On screen if you are using SPNEGO ?

Thanks

Tim

Tim,

I have tried it.

See the screen shots here:

EPM-addin.pdf - Google Drive

I'm not sure what you mean by the sign-on screen. However, when testing Business explorer Analyzer or any of the Bex designers, a logon screen does pop up, but the password text is grayed out. You can log on without having to enter a password.

screen shots here: BusExplorer.pdf - Google Drive

Kind Regards,

chris

yes, BEX Analyzer works with SNC. This is not being discussed. We are discussing the EPM add-in used with BPC10.

I cannot access your PDF on Google Drive. When I click on the link it is not showing the PDF.

Apologies, only mentioned BEX because thats the place I saw a popup.

I've attached the pdf's to the thread, hopefully you can access them now ...

(I've had to change the file extension to .text as this site does not allow .pdf - Please unzip first and then change the doc's to .pdf )

Thank you. I now have your PDF for EPM add-in. This is what we are discussing, since there are no doubts about BEx using SNC for SSO. I have therefore ignored your PDF for BEx.

In your PDF you show Connection being created and no Sign-On screen. This is not same as when I try... Maybe you can help me find out why.

Here's what I tried:

1. I open excel
2. I select EPM tab
3. I press Log On button
4. Screen opens allowing me to select a connection. I haven't created a connection yet, so I press ...
5. On Connection Manager screen I press Create button
6. I give the connection a name and put the URL into the Server URL field.
7. I am unable to press OK on the Create Connection screen since OK button is greyed out. I therefore press the Connect button.
8. When I press Connect button on Create Connection screen I am shown a Sign-On screen asking me for User Name and Password.

How does above differ from what you are doing ?

Thanks for your help.

Regards,

Tim

Okay, I understand your issue better now.

Yes, you first need to connect before you can click Okay.

But for me, when I click connect, I do not get a popup.

Could you confirm that the web gui is correctly working for your BPC ABAP backend ?

You can do this by opening a browser and going to a this url :

e.g. : http://<hostname>:<port>/sap/bpc/

When I do this I get this in my browser:

But the important thing is there is no additional log on screen or prompt

e.g. a logon screen with a system that is not configured with ABAP HTML SPNEGO:

I hope this helps...

Kind Regards,

chris

Yes, when I access http://<hostname>:<port>/sap/bpc/ I am logged in. I configured SPNEGO in the SICF service at default_host/sap/EPM_BPC.

The info you have provided has given me a few ideas. I will do some more tests and get back to you soon. Thank you so far for your help.

@Dennis - sorry to take over your thread. Hopefully the info Chris has provided has given you what you needed ?

Chris,

I have made some progress, but still having some difficulty with the EPM add-in. I wondered if you could send me a fiddler trace showing the logon working so I can compare with my trace and check for differences ?

Thanks

Tim

David,

I have noticed that when using SPNEGO for EPM add-in authentication, there is no MYSAPSSO2 cookie issued, but instead a SAP_SESSIONID cookie is issued. Is this SESSIONID cookie being used instead of the SSO2 cookie ? I noticed that when using Basic Authentication instead of SPNEGO there is a MYSAPSSO2 cookie used.

Thanks

Tim

Hi Christopher,

Can you please help me on how you implemented SSO in your EPM add-in? We don't have enterprise portal that's why I cannot use that documentations in implementing SSO for our EPM add-in.

Do you have documentations that can help me do it step by step? I'm confused on all the documentations I'm seeing in forums

Really appreciate if you can help me on this.

Thank you and have a good day ahead.

Regards,

Jenilyn

Hi Jenilyn,

We got SSO EPM-in to work using SAP NW SS0 2.0

NW SSO 2.0 will require a seperate license - please contact your SAP account manager for more information.

NW SSO 2.0 basically allows SSO for GUI and web html access. Because the EPM-addin for EXCEL uses an HTML connection, you will need to implement NW SS0 2.0.

(Hence all the links on this thread point o NW SSO 2.0 documentation.)

Let me know if you have further questions...

Kind Regards,

chris

Hi Chris,

Thanks for your response. What if we don't want to buy license for SSO 2.0? Is there any other way to implement SSO for EPM add-in? We are using SSO Kerberos on our other systems.

Thank you again.

Regards,

Jenilyn

Hi David,

Can you please help me on how you implemented SSO in your EPM add-in? We don't have enterprise portal that's why I cannot follow the documentation from SAP. Do you have documentations that can help me do it step by step? I'm confused on all that I'm seeing in forums.

Really appreciate if you can help me on this.

Thank you and have a good day ahead.

Regards,

Jenilyn

Jenilyn

You can implement SSO for BPC 10 and EPM add-in without buying SAP SSO 2.0 license. You can instead buy a different product. It is not possible to implement this for free unless you use a portal and require users to logon to portal, login to BPC Web and launch Excel from the link provided. Of course, it is much better if the end user just opens Excel and logs into BPC without needing any additional credentials or needing to login to portal.

Thanks

TIm

Hi Tim,

Thanks for your quick response. The thing here is we don't want to buy license for SSO that's why we used SSO Kerberos for our other systems. Where can I see how much is the SSO license? do you have any idea?

For enterprise portal, we just have AS ABAP and don't have AS Java so we also cannot implement it.

Can I have a copy of your documentation for implementing SSO 2.0? Really appreciate your help.

Thank you so much.

Regards,

Jenilyn

Hello Jenilyn,

Pricing topics are not discussed in the forum. Please, get in contact with your SAP Account Executive or the SAP office in your area.

Please, find also the link to the documentation for SAP Single Sign-On 2.0 here: SAP Single Sign-On 2.0 – SAP Help Portal Page

Regards,

Donka Dimitrova

Hi

The price of SSO products which are designed for use with SAP applications are listed on SAP Store (http://store.sap.com). The SAP SSO 2.0 product is listed as well as others that are SAP certified.

As far as I know, all products listed support Kerberos for use with BPC and don't require AS JAVA.

Thanks

Tim

Thanks Donka for your response. I will check on this.

Thanks Tim. I will check how hard is the implementation of Enterprise Portal.