Show TOC

Including Legacy Systems in Your SAML 2.0 LandscapeLocate this document in the navigation structure

Prerequisites

  • You have a SAML 2.0 identity provider and service provider in your landscape.

  • You have configured your legacy systems to accept logon tickets.

  • Ideally, the user IDs of users on the service provider are identical to their user IDs on the legacy systems. If not, you must configure user mapping.

For more information about configuring the communication between AS ABAP and AS Java, from the SAP NetWeaver documentation choose Start of the navigation path SAP NetWeaver Library: Function-Oriented View  Next navigation step Enterprise Portal  Next navigation step Portal Next navigation step Configuring the Portal for Initial Use  Next navigation step Additional Tasks for Initial Configuration of the Portal Next navigation step Authentication and Single Sign-On (SSO) on the Portal  Next navigation step Portal Authentication Infrastructure  Next navigation step Single Sign-On  Next navigation step Single Sign-On to Back-End ABAP Systems  End of the navigation path.

Context

Not all releases of SAP software support Security Assertion Markup Language (SAML) 2.0. These systems can still benefit from having SAML 2.0 in the system landscape. Configure your service provider to issue logon tickets when a user logs on. This enables legacy systems within the domain to perform Single Sign-On initiated by the SAML 2 authentication.

Procedure

  1. Start SAP NetWeaver Administrator.
  2. Choose Start of the navigation path Configuration Management Next navigation step Security Next navigation step Authentication and Single Sign-On End of the navigation path and choose Start of the navigation path SAML 2.0 Next navigation step Local Provider End of the navigation path.
  3. Choose the Edit pushbutton.
  4. Choose the General Settings tab.
  5. Under Miscellaneous , enter On in the Legacy Systems Support (Issue Logon Ticket) field.
  6. Save your entries.