// ]]>

Sunday, 5 January 2014

SINGLE SIGN ON (SSO)


SINGLE SIGN ON (SSO)

A.
 Single sign on setup as following steps:
    Create Backend system in portal.
    Create System alias name
    Download portal certificate from portal.
    Import portal certificate in portal
   Creating connections to backend systems:
    1. Under System Administration à System Configuration à System Landscape, search for the ERP folder
        in the Portal Catalog. Under ‘Systems’, create a new system by right-clicking on the folder and
        selecting new system from template
    2. You will be taken to an iview creation wizard.
        Select SAP system using dedicated application server.
    3. Enter required information: System name, System ID (same as name), system id prefix (com.pg),
        System Description (as seen from SAPGUI pick list). Hit ‘Next’ when done.
    4. Review the information given, then hit ‘Finish’
    5. Open the newly-created system for editing
    6. Select property category connector and give all backend system details
       Navigate to the system object you want to add the system alias:
       System Administration->System Configuration->Portal Content->ERP Content->Systems->Right click
       on system object->Open->System Aliases
      Type the new system alias, Add, then Save.
      download portal certificate
     As a user with administrator privileges, logon to the portal and navigate to System Administration à
     System Configuration
     In the left navigation tree, choose Key store Administration
     In the Content tab, choose the right certificate  download the verify.der file  on your PC
    The following profile parameters should be defined for all parameter files in backend system
    login/create_sso2_ticket                     2
    login/accept_sso2_ticket                     1
    SAPSECULIB/sapmnt/<SID>/exe/libsapsecu.sl
    Import Portal Certificate
    Login to target SAP system and run transaction STRUSTSSO2.
    In the left navigation tree, under the System PSE node, double click on the system PSE.
    In the right panel, click on Import Certificate button .
    In the Import Certificate screen, browse to the Portal certificate file (the one saved and extracted in step
    #4 named verify.der) and click Open.
    Make sure that “Binary” is selected as the File format. Click on green check mark.
    Click on Add to Certificate List button, Notice that the Portal Certificate is now added to the list of certificates.
    Click on Add to ACL button. When prompted, fill in the WPS System with the SID of Portal and WPS
    Client to 002.
   Login to portal click on system administrator ---> system configuration --->portal content->ERP folder->
   System right click on connection test