Entering content frame

Function documentation Logging On to the Web Interface Using Single Sign-On Locate the document in its SAP Library structure

Use

You have the following options to use Single Sign-On when logging on to the Web interface:

·        You can log on to several SAP Event Management systems (SAP EM systems) using a Web interface. You use X.509 client certificate to avoid having to enter your user information repeatedly.

Example

For example, you have a SAP EM for both your development system and your test system. You can log on to both systems in multiple clients. The one Web server communicates with both systems using a different URL.

Note

For more information about X.509 client certificates, see the SAP Library for the SAP Web Application Server 6.20 under mySAP Technology Components ® SAP Web Application Server ® Security (BC-SEC) ® SAP Web Application Server Security ® User Authentication ® Using X.509 Client Certificates.

·        You use logon tickets to communicate with multiple SAP systems (for example, SAP EM and SAP Business Information Warehouse) using the Web interface. You only log on once to one of the systems.

 Note

For more information about logon tickets, see the SAP Library for the SAP Web Application Server 6.20 under mySAP Technology Components ® SAP Web Application Server ® Security (BC-SEC) ® SAP Web Application Server Security ® User Authentication ® Using Logon Tickets.

 

Prerequisites

Using X.509 Client Certificates

·        You have the corresponding X.509 client certificates and have imported them into your Web browser. If you use Personal Security Environment management (PSE management), the import is automatic.

·        The Web servers in use that are connected to SAP EM are configured in such a way that they support HTTPS connections.

·        You use the Secure Sockets Layer (SSL) to transfer data between the Web browser and the Web server.

·        You need SAP cryptographic software to install SSL.

·        The system administrator has configured your Web server for multiple SAP EM systems/clients.

Using Logon Tickets

·        You use the same user ID in all SAP systems that you access using a logon ticket.

·        As a Web interface user, you configure your Web browser in such a way that it accepts cookies.

·        All Web servers or SAP Web Application Servers (SAP Web AS) that are to accept the logon ticket as the authentication mechanism are in the same Domain Name System (DNS) domain as the issuing server.

·        The issuing server has a public key key pair and a public key certificate so that it can sign the logon ticket digitally.

SAP system application servers (including SAP Web AS) are given a key pair and a self-signed public key certificate during the installation. Alternatively, you can request a certificate that is signed by the SAP Certification Authority (SAP CA).

·        The Web interface user uses the SAP Java Connector (SAP JCo) connection.

In this case, specify your logon ticket as $MYSAPSSO2$ and pass your base64-encoded ticket as the password parameter.

 

 

Leaving content frame