Using Web Server Filter for SSO to Non-SAP Applications 
Using Web Server Filter for SSO to Non-SAP Applications
Use
It is possible to access non-SAP systems from the portal via Single Sign-On using SAP logon tickets if the system is Web based. In this case, you need to add a filter to the Web server of the non-SAP system. You also need to provide the Web server with the digital certificate of the Portal Server. The filter verifies the logon ticket using the digital certificate of the Portal Server, then extracts the authenticated user from the logon ticket, and writes it into the HTTP header.
Prerequisites
The non-SAP system must be Web based. At present this procedure is supported for the following Web servers.
|
Web Server |
As of release |
Operating System |
| Microsoft Internet Information Server (IIS) |
5.0 |
Windows 2000 |
| Apache Web Server |
1.3 |
Windows 2000, Linux |
| iPlanet Web Server |
FastTrack / Enterprise Edition 4.0 |
Windows 2000, Linux |
Users must have the same user IDs in the corporate LDAP directory and in the non-SAP system. At present it is not possible to use logon tickets with user mapping for non-SAP systems.
The SAP Security Library is installed on the system. For best practices, we recommend installing the most recent version of the library, which is available on the
sapserv<x> under /general/misc/security/SAPSECU/<platform>. The directory where it is located should be included in the Windows PATH or Linux LD_LIBRARY_PATH environment variable.