Using More Than One Portal 

Use

This procedure describes what you have to do so that two portals can access the same R/3 component system via Single Sign-On with SAP logon tickets.

When you add a portal to the ACL of an R/3 system, the Portal Server is identified by system ID, client, and the name in the certificate. If you want to connect two portals to the R/3 system, this data must be unique for each Portal Server, so that the R/3 System can tell them apart.

 

Procedure

You have to reconfigure one of the two Portal Servers as follows:

  1. Shut down the Java servlet engine.
  2. In the usermanagement.properties file on the Portal Server, change the values of any one of the following parameters.

    3. Parameter name

    Example Value

    Description

    login.ticket_issuer

    ABC (any value apart from the default value WP3)

    		  

    login.ticket_client

    010 (any value apart from the default value 000)

    		  

    login.ticket_dn

    CN=EP5, OU=Department X, O=Company Y, C=DE

    Certificate issuer of the Portal Server's certificate. Must be in X.500 standard.

    If your Portal Server uses a server certificate signed by the SAP Trust Center, the value of this parameter must be as described in Obtaining a Server Certificate from SAP Trust Center.

    By changing these parameters, you provide the Portal Server with a new identity. Note that you must also enter these changed values in the ACL of the R/3 System.

  3. Delete the files ticketKeyStore and verify.* in <servlet_engine>\irj\WEB-INF\plugins\portal\services\usermanagement\data.
  4. Restart the Java servlet engine.

 

Result

When the Java servlet engine is restarted, it regenerates the verify.* and ticketKeyStore files.

You can now add the Portal Server to the ACL of the R/3 System.

You can then import the verify.der or verify.pse file into the R/3 System.