SAP Single Sign-On

Configuring SAML 2.0 Authentication for your Secure Login Server

How to “exchange” a SAML assertion for an X.509 client certificate and to implement end-to-end single sign-on also for non-SAML systems in a SAML enabled network. If SAML (Security Assertion Markup Language) is the single sign-on technology of choice for your corporate but you are still running applications that accept only X.509 client certificates, we have already a simple solution for you. With the latest patch of the SAP Single …

Read More »

Reusing Kerberos Token for Issuing X.509 Client Certificates with Secure Login Server

Your company is using Secure Login Server (SAP Single Sign-On) for issuing short lived X.509 client certificates for authentication to the SAP and non-SAP business systems across your landscape. Your company is also using Microsoft Active Directory and now you want to re-use Kerberos tokens, issued by the MS Domain Controller (KDC), for the Single Sign-On with Secure Login Server X.509 client certificates. After implementing this scenario, your domain users …

Read More »

Support Package 4 for SAP Single Sign-On 2.0 Now Available

This week, we released the latest support package for SAP Single Sign-On 2.0. For an overview of all that’s new, take a look at the delta functionality slide deck and the release note. SP04 contains a number of innovative new features, including Mobile SSO based on the SAP Authenticator app – for more information, check out Donka Dimitrova’s blogs “Simple and secure single sign-on with SAP Authenticator” and “Mobile single …

Read More »

Simple and Secure Mobile Single Sign-On with SAP Authenticator

A Single Sign-On (SSO) implementation brings simplicity for your end-users and more security for your company. There are also other benefits out of an SSO implementation, like cost savings due to reduced number of password related IT tickets for example, but the most important goal is always to make your corporate environment more secure and to simplify the processes for the end-users. With the latest support package (SP04) for SAP …

Read More »

SAP SSO 2.0 – Manual Cloning of a Secure Login Server Configuration

PROBLEM If two Secure Login Server instances are running independently, i.e. not in a NetWeaver cluster, their configuration is not synchronized. While Secure Login Server Administrator Console allows to maintain the same X.509 PKI by exporting and importing Certificate Authority objects, it is not possible to create exactly the same Client Authentication Profiles and Policy Groups, as they get a random GUID as part of their URLs, even if the …

Read More »

Risk-Based Authentication for Your Critical Business Processes

For many years, companies have often been required to allow access to critical business data from outside their corporate network. For example,  employees go on business trips or work remotely, or partner consultants need to gain access because of a new project. In addition to this security challenge, a new and more complicated scenario has been in high demand for the last several years: Mobile access. Easy and flexible, it …

Read More »

Mobile Single Sign-On for SAP Fiori with SAP Authenticator

Offer simplicity for your SAP Fiori mobile users without sacrificing the security for your company >>> NEWS: SAP  Authenticator already available for Windows phones The latest support package (SP06) for SAP Single Sign-On 2.0, released in October, offers several improvements of the mobile single sign-on (SSO) solution: Out-of-the-box support for the latest version of the native SAP Fiori Client 1.5.0 (released in October 2015); Online account setup – simple and …

Read More »

SSO between SAP Enterprise Portals to BO & SAP BO to BW SSO Configuration Document

Hello Friends, This document follows, SSO between SAP Enterprise Portals to BO & SAP BO to BW SSO Configuration Document. Agenda:- 1. Objective 2. Configure SSO in SAP Portal           2.1 BO System Creation in SAP Portal      2.2 BO iView Creation. 3. SSO Set UP for BO 4.0 to BW       3.1 Generate keystore and certificate for SAP BO BI4.0                     3.1.1 Generate KeyStore                     3.1.2 Generate certificate with …

Read More »

Single Sign on between Enterprise portal and Operating System (windows)

Hello Friends, This document follows, Single Sign on between Enterprise portal and Operating System (windows) SSO with Windows Integrated Authentication The Windows Integration Authentication mechanism allows a user to log on to the SAP NW Portal without the need of enter username and password on the logon form. Instead, the credentials from the windows logon will be used by the SAP NW AS Java logon process to provide a user …

Read More »