Technology Blogs by Members
Explore a vibrant mix of technical expertise, industry insights, and tech buzz in member blogs covering SAP products, technology, and events. Get in the mix!
cancel
Showing results for 
Search instead for 
Did you mean: 
patelyogesh
Active Contributor
16,174
Recently I wrote blog about Fiori Launchpad: SSO made easy by SAML 2.0 with ADFS On same blog there was questions regarding JAVA SSO with SAML 2.0. I have seen so many documents regarding configuration of JAVA SAML but none of them I have found as recent with updated version of SAP NetWeaver.

I suddenly decided to write something on it and give an Idea to community that how can they achieve this. Keep in mind that SAML in ABAP and JAVA is almost same configuration and I am going to give an overview of it how to do it in Java system. For some of the steps I am going to refer you to look in my Fiori Launchpad: SSO made easy by SAML 2.0 with ADFS document. Hope this will help everyone to configure SAML for JAVA

matt.fraser also discussed on this Fiori Launchpad: SSO made easy by SAML 2.0 with ADFS about SPNego on JAVA and this can be found at : Single Sign-On for Java with SPNego

Where to start?


Open Netweaver Administration screen on your java system http/s://host:port/nwa and navigate to Configuration >> Security >> Authentication and Single Sign-On >> SAML 2.0

Enable SAML 2.0 Support


Local Provider configuration


Provider name is your FQHN of system



On this screen click Browse button on Signing Key Pair



Press Create button



Create Key storage by continuing on screen

















 

 

 

 

Continue on next screen



Click on Finish


Trusted providers Configuration


Change your tab within SAML 2.0 screen to Trusted Providers and select Add >> Specify Metadata URL

URL : https://fqdn of ADFS/FederationMetadata/2007-06/FederationMetadata.xml



Note: In ABAP system you need to provide XML file but in JAVA you can select URL of XML file

On this screen deselect Verify option and continue



Provide signed certificate



Note: How to create certificate look in to Fiori Launchpad:SSO made easy by SAML 2.0 with ADFS Section : Trusted Provider (Note getting certificate)

Provide Name and continue



Now continue on all steps with default settings till end of the wizard.



Now go to trusted provider Identity Federation tab and add Name ID Format (In my case username)



Now make sure you enable configuration and after download Local Provider Metadata.



Note: If your XML file get blank, restart both Local Provider and Trusted Provider.

 

Add Relying Party Trust


In order to configure this follow steps under Configure ADFS section on Fiori Launchpad: SSO made easy by SAML 2.0 with ADFS

Now test your configuration If your configuration not work please check below settings on Components >> ticket



SAML2LoginModule is at the top of the list.

 

Thank you for reading

Yogesh

 
4 Comments
Labels in this area