SAP Single Sign-On

Secure Login Server: Track User Enrollments

CHALLENGE You need to know how many user enrollments have been performed by Secure Login Server in a given period of time, either for auditing reasons, to optimise the system resources, to find peaks and clusters in your user´s SSO day, or to find issues and potential attacks. SOLUTIONS Secure Login Server 2.0 / 3.0 does not provide its own audit logs. Instead, all successful or failed enrollment events are put …

Read More »

SAP Single Sign-On 3.0 – A Sample Secure Login REST Client

In a previous blog, I have announced that we plan to publish the REST API that allows you to implement your own Secure Login Clients. Here we go. In general, Secure Login Server 3.0 responds with REST objects that need to be parsed and interpreted by your client. Your client requests don´t contain REST or JSON, but HTTP headers and forms. WORKFLOW First, let´s get a better understanding of the required …

Read More »

Security at SAP TechEd: Recordings Now Available!

Missed SAP TechEd this year? You can now listen to some of the most popular sessions in the security track via SAP TechEd Online. Enjoy, and get up to speed on the security portfolio, new products, and trends in the security world! Live Studio: Security in the Cloud: How You Can Securely Develop and Deploy SAP HANA Cloud Platform applications (Gerlinde Zibulski, Paul Goetz, Martin Raepple) Live Studio: Security at …

Read More »

Using UME groups in an authentication stack

The challenge In some rare cases it is necessary to include the check for a user group in the authentication stack. For example, in the enrollment of systems for the certificate lifecycle management, no authorizations are checked. The authentication suffices. But what if you don’t want to add second factors or certificates to the authentication stack, but rather want to use Usergroups to determine if a user is allowed to …

Read More »

Register now for the SAP Single Sign-On Virtual Round Table session!

Hi experts, As explained in my past blog post, we started a project that gather customers and SAP experts to discuss one specific topic in a “virtual” meeting room. The first topic that will be discussed in the Virtual Round Table is: Single Sign-On for SAP Fiori with SAP Single Sign-On. In order to join the session you must have a S-User. The session will be only for customers and …

Read More »

SAP Single Sign-On: Discuss a topic in a Virtual Round Table with SAP experts

Hello SAP Single Sign-On SCN Community, The SAP Single Sign-On is a consolidated security product, and its already in its third release version. Until now, if you face a problem with the SAP Single Sign-On product, the resolution could pass through one or more “channels”: own expertise; SCN forums/blogs/wiki assistance; SAP Help documentation; SAP Support incident; onsite consulting. The Project: Virtual Round Tables We started a project that expands the …

Read More »

SAP SSO 3.0 and SSH: Select your keys

SAP SSO and Secure Login Client offers an SSH Key Agent since version 2.0. However, when you have a lot of local X.509 certificates (we do not support those short-lived ones from Secure Login Server), SSH connections may fail. In most cases, this happens because of a small value in the SSH server´s MaxAuthTrials property: As an SSH agent tries all available certificates until the SSH daemon is happy with …

Read More »

SSO issue after changing Service Account properties

Thanks to the several documents and notes out there for helping me solve this in a quick time. Would like to share the issue I encountered with the SSO after our service account password was changed from expire after 6 months to never expire Environment: SAP BI Platform 4.1 SP06 Patch 4 User reported that they are being forced to enter the credentials to login to BI Launch Pad. Cause: …

Read More »

SSO Solution Also for Shared Mobile Devices

The new technologies offer better control over the real-time business data of the company. SAP customers already run a broad range of cloud solutions that help them to sell better, control easier their stock and inventory, purchasing and production processes, etc. There are also analytical solutions from SAP that use this real-time business data to produce analysis and prediction reports. They help companies to make better planning decisions and to …

Read More »

Secure Login Web Client (SLWC): Future-Proof Architecture Update

SAP Single Sign-On 3.0 comes with a completely overhauled version of the Secure Login Web Client. The SSO developers built a new Web Client from scratch, doing away with outdated architectural concepts and creating an all-new, future-proof component. What is the SLWC? The Secure Login Web Client is a process of the SAP Single Sign-On solution that runs in a browser session (on-premise or cloud) and is capable of triggering …

Read More »