Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

Single-Sign-On (SSO) configuration on JAVA Stack through HTTP Header method

Go to solution
Former Member

on ‎2008 Jun 16 4:19 PM

0 Likes
4,522

Hello SDN community,

in the context of a Proof of Concept, we are testing the integration of Microsoft Sharepoint Portal with SAP Backend (addin) systems.

As the architecture impose use an external scenario (access from the internet), we couldn't use the Kerberos (SPNego) solution and thus we chosed the http header solution which in short uses an intermediary web server (in this case the IIS of the MOSS solution) which will act as authority.

I miss information on how the workflow works for this http header authentication method. Through the visual administrator of the addin JAVA stack, it is possible to configure each application with a customized authentication (a choice of security modules). But this all that I know.

My task is to configure SSO. From a sharepoint portal, the user should be able to access Web Dynpros and BSPs. I imagine that the very first call to a webdynpro or bsp (or maybe when we log on the sharepoint portal), the request to the WDP or BSP will first be forwareded by the intermediary server to the JAVA stack (or is it the SAP dispatcher that has to be configured).

Is there an application to be built on the java stack to deal with the authentication, modify http header?

What will the Java stack return? a sap long ticket? a token?

How will the redirect work (to by example a BSP which is in the ABAP stack)?

SAP preconise to secure with SSL the link between the intermediary web server and the JAVA stack, is IP restriction also a solution?

A lot of questions about how this SSO http header should work,

I would be very greatful for any help, or info,

Kind regards,

Tanguy Mezzano

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies
View Entire Topic
Former Member
‎2008 Jun 17 8:42 AM
0 Likes

May be this can give u a little idea

http://office.microsoft.com/download/afile.aspx?AssetID=AM102437461033

Go to the applicaition definition....for SAP reference.

And this is for SAP SSO

http://help.sap.com/saphelp_nw04s/helpdata/en/d0/a3d940c2653126e10000000a1550b0/frameset.htm

Show replies
Show replies
Former Member
‎2008 Jun 17 11:01 AM
0 Likes

Hello Deepak,

thanks a lot for your answer! but I already knew these links.

But by reading them again, I can focus more my questions now, thanks:

I would like to understand more the Http Header SSO method:

When a sharepoint user access for the first time a Web Part that integrates a BSP application or Web Dynpro application, what kind of request should the Web Part do?

As it is the first time the user access that external system, it has to authenticate itself through the JAVA Stack which has configured that BSP or WDP application to use Http Header module authentication. How does this workds? The Web Part calls the BSP/WDP url, and is it the SAP dispatcher that redirects the http request to the java stack automatically or is there some programming involved?

How can I add BSP or WDP applications to the list of applications in the Visual Administrator to configure them with authentication?

Thanks in advance for you help!

Tanguy Mezzano

Former Member
‎2008 Jun 18 2:25 PM
0 Likes

Hi

May be this can clear some of you ideas!!!

http://hosteddocs.ittoolbox.com/MicrosoftSAP100307.pdf

Ask a Question