cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
SAP Community Downtime Scheduled for This Weekend

ITS logon screen

Former Member

on ‎06-10-2004 1:07 AM

0 Kudos
84

Because of the nature of the way iViews are displayed in the Portal, the ITS server is directly visible to the client for ITS enabled transactions (ESS trasnsactons). The authentication to the ITS server is done via SAP SSO Ticket.

If the user knows his/her ITS credentials, he can then go directly to the ITS server (logon screen), bypassing the Portal completely. This bypasses the role based authentication that the Portal performs.

We want to force the users to go through the Portal to get to any and all ITS transactions. One thought is to potentially configure the ITS server to only accept logons via SSO Ticket, and not via the logon page. If there are better suggestions, I welcome them.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

WolfgangJanzen
Product and Topic Expert
Product and Topic Expert
‎12-28-2004 12:25 PM
0 Kudos

The ITS is only forwarding the information - to an ABAP server. You can configure that ABAP system to accept only SAP logon tickets for user authentication; as of release 4.6C an ABAP system allows to "deactivate" a user's password (see transaction SU01 - the symbol looks like a burnt-out match, not very intuitive).

You might also deactivate the ability of password-based user authentication by a general switch: setting profile parameter login/disable_password_logon = 1 (see SAP note 379081).

Regards, Wolfgang

Show replies
Show replies
Ask a Question