cancel
Showing results for 
Search instead for 
Did you mean: 

We want to extend existing SSO solution for BW logins, to our BOE environment.

former_member307779
Discoverer
0 Kudos
125

existing environment is essentially SAP BW abap within an ADFS domain where users can access SAP via either GUI or NWBC and this requests SAML tokens to allow SSO logon to SAP BW.

We then have BOE 4.2 SP7 on tomcat which uses the SAP BW accounts and roles but the BW users access BOE with their password.

All we want to do is extend SSO so that BOE still uses the SAP BW accounts but no longer requires password entry and instead requests SAML token from ADFS

** I should mention that even tho this is fairly well documented, all the material researched so far assumes native BOE users will be trusted using ADFS. We do not use BOE in this way, all BOE logins use existing BW users, and it is the BW user account that needs to be mapped to ADFS account to generate session token. None of the guides cover BW users (that don’t exist within BOE) to then be used for session credentials and SAML token.

Accepted Solutions (0)

Answers (1)

Answers (1)

omkarsambare
Product and Topic Expert
Product and Topic Expert
0 Kudos

First, you need to configure SAML on BI with ADFS.

Refer the KBA : 1736217 - Does the BI 4.x support (ADFS) or SAML as an authentication method?

Second, SAML works irrespective of the Authentication type in BO, so if the BW user is available on ADFS Server and BW Server with same name the SSO should work.