User Mapping 

Use

The user's portal user ID is stored in the central user repository for the Enterprise Portal. Typically this is a corporate LDAP directory. To enable Single Sign-On, a user's portal user ID must be mapped to the corresponding user ID for each system in which the user ID is different.

The Enterprise Portal provides you with a user interface for entering mapping data. The data is stored in the portal LDAP directory.

User mapping is required for two methods of Single Sign-On:

The requirement is that the user ID be the same for all SAP Systems using logon tickets for Single Sign-On. If the SAP user IDs are the same as the portal user IDs, there is no need for mapping. If the SAP user IDs are different to the portal user IDs, you must define an SAP reference system. This is the system that is then used for user mapping. In other words, users map their portal user ID to the user ID in the SAP reference system.

A user's portal user ID and the SAP user ID are stored in the user's SAP logon ticket. When the user tries to access a component system, the system extracts the user ID from the logon ticket.

For more details on defining an SAP reference system, see Defining an SAP Reference System for User Data.

 

You can map either a user, group, or role to a user ID in a system connected to the portal. When a user tries to access an iView that requires data from a connected system that does not support SAP logon tickets, the procedure is as follows:

  1. The portal first checks whether the user has been mapped to a user and if so, logs on with the mapped user data.
  2. If not, then it checks whether the group that contains the user has been mapped to a user and if so, logs on with the mapped user data.
  3. If not, then it checks whether the first role assigned to the user has been mapped and if so, logs on with the mapped user data.
  4. If not, the iView will normally ask the user to enter mapping data (the iView developer needs to program the iView accordingly).

If the component system supports SAP logon tickets, the user ID is already contained in the ticket.

 

Prerequisites

You have set up a corporate LDAP directory or other repository that stores user data for all portal users. You have configured the location of this repository as described in Defining Location of Central User Data Repository.

Typically, user mapping data is stored on the portal LDAP directory. You have configured where this data is stored as described in Defining Location of User Mapping Data.

You have defined the system landscape as described in Defining the System Landscape.

You have defined any unifier projects as portal data sources.

Features

There are three methods for entering mapping data: