cancel
Showing results for 
Search instead for 
Did you mean: 

Multiple applications running on the same portal server

Former Member
0 Kudos
53

Environment : EP 7.0 SPS12

We have multiple portal applications running on the same portal with different login page for each application. On one of our employee portal, we want to put a login page link for another portal application running on the same portal which requires a different user ID and password to access that application.

The problem we are encountering is, the login page link we put in our employee portal is bypassing the login page for the other application and using the same session as the employee portal. What can I do to make sure application login page show up when accessing the link from employee portal?

Your help is really appreciated.

Thanks

Bhabesh Patel

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
0 Kudos

Hi,

are you wondering about the change of the username or the extra login (for security reasons)?

For the first part a second userId in the SAPLoginTicket might be the solution (http://help.sap.com/saphelp_nw70/helpdata/en/ed/845896b89711d5993900508b6b8b11/frameset.htm) for the second part you would probably have to destroy the session cookie (depending on the way you have implemented your applications different authentication priorities might also be a possibility) (http://help.sap.com/saphelp_nw70/helpdata/en/d3/1dd4516c518645a59e5cff2628a5c1/frameset.htm)

Regards,

Holger.

Former Member
0 Kudos

The issue is not with the username or the extra login.

Question is how to destroy the session cookie for the new application login should so that it does not affect the originating (employee) portal ?? We are using the auth schemes and have defined different auth schemes for different applications. Even though we are using different auth scheme, the portal still by passes the other applicaion login module.

Former Member
0 Kudos

But then you might be able to use the priority concept. You could define certain applications that are more "trustworthy" than others. So if you are already log on with application A you can log on to application B with SSO but you have to enter your credentials when you want to log on to application C.

Regards,

Holger.

Former Member
0 Kudos

SSO is the next step but before we get there, I need to know how to pull up application B from application A since the portal always shows application A when you try to access application B from applica A because it is the same portal session.

Former Member
0 Kudos

Hi,

I have to admin I do not fully understand. When you are talking about different applications, these applications probably have a unique URL (e.g. when you call the portal you use the URL /irj/portal, when you call the Useradmin you call /useradmin).

From what I understand from your post is, that when you have logged on to application A (e.g. /irj/portal) and try to access application B (/useradmin) you are still directed to application A?

What exactly do you mean by application? Even if you are talking about different iViews as Application -- each application/iview has a unique URL that you should be able to access.

Regards,

Holger.

Former Member
0 Kudos

In our organization, we have different web portal frontend for customers and employees.

A web portal front end (Web Application) in the portal is defined as follows..

1) Have a unique login page and uses auth scheme to process login

2) The protal have unique desktop, masthead, themes and portal rule defined for those user

3) Users for each unique web application are maitained in LDAP

Our organization have different portal front end for ... supplies, customers and employees. Each portal front end have completely different look and feel.

Once an employee logs into the employee portal, we have a link from the employee portal to launch another web application (customer portal). That link does not work and keeps taking them to employee portal home page even though the link we are opening is a unique link to customer portal. The SAP portal in general, passes the HTTP session information to the customer portal url which than automatically ignores the customer login page and takes the user straight to employee home page.

Former Member
0 Kudos

Hi,

thanks for the clarification. I think I do understand now and the only thing I can think of is to delete the session cookie.

The problem with that is that you would not be able to use "simple" links (e.g. you could not just call the URL of the other application, but you would have to create some application (a simply JSP would probably be fine) that deletes the cookie and redirects you to the new application.

An other option would be to create DNS aliases that so that the session cookie is not sent (but depending on your setup this might have other drawbacks). Since the cookies are not valid for the other domains you would always start with a new login when you access a new application (e.g. the employee portal has the url portal.employee.company.com and the customer portal has portal.cutomer.company.com. Then (if the settings for ume.logon.security.relax_domain.level,see http://help.sap.com/saphelp_nw70/helpdata/en/5e/473d4124b08739e10000000a1550b0/frameset.htm is correct)

Hope this helps,

Holger.

Answers (0)