You can use this topic to configure the Portal usage type of SAP NetWeaver for a SAML source site.
The source site functionality of SAP NetWeaver is implemented in the portal. An AS ABAP or a AS Java without the portal cannot act as a source site (with the exception of the SAML test application in the AS Java).
For the SAML source site, you define a set of parameters for each SAML destination site that requests SAML assertions from the source site. These parameters include the URL of the artifact receiver on the destination site and the user with which the destination site accesses the responder on the source site.
When you use a portal for a SAML source site, you configure Partners Outbound parametersfor each destination with the SAML management functions of the SAP NetWeaver Administrator (NWA).
The source ID is a 20-byte sequence that the source site uses to identify itself uniquely in the assertion artifact. It can either be specified in hexadecimal format or in base 64 encoded format.
When you use a portal for the source site, the responder can be found at http://portal_source.company.com:<http_port>/saml/responder
If you have a cluster installation, you only have to perform the following configuration for a single server. The configuration applies to all of the servers.
The Enter Partner Key dialog appears.
The system creates a new entry for a destination site Partner and displays input fields for entering additional Details for the Selected Partner .
The URL parameter for artifact option configures the name of the URL parameter into which the artifact will be transferred. Change the default value SAMLart only if your communication partner explicitly deviates from the standard name.
For the case when the destination site uses a SAML receiver, enter the required Receiver URL and URL parameter for target . Change the default value "TARGET" only if your communication partner explicitly deviates from the standard name. For more information, see Accessing an Application that Accept SAML Assertions .
You can configure this parameter to ensure that only the destination site for which the assertion was issued can retrieve it. For such a scenario only the destination site can supply the correct logon data for the fixed user.
The portal is configured to issue SAML authentication assertions for authentication to external systems.