Show TOC Anfang des Inhaltsbereichs

Funktionsdokumentation Configuring AS Java as a SAML Destination Site  Dokument im Navigationsbaum lokalisieren

Use

You can use this topic to configure the AS Java as a SAML destination site.

To configure the parameters necessary for using SAML on a SAP NetWeaver destination site, use the SAML configuration functions of the SAP NetWeaver Administrator. You specify general SAML settings as well as information that identifies the source site such as the source ID and the destination name for artifact resolution. We refer to these parameters as Partner Inbound parameters.

Prerequisites

      The SAML service of the AS Java is started.

      The administrator of the remote SAML source site has communicated to you the Source ID under which the source site system identifies itself.

      A destination to the source site’s responder service exists in the Destination service. The user’s authentication information is also provided in the destination (either user ID and password or client certificate).

Hinweis

To access resources located on the AS ABAP, you also have to establish a connection to the AS Java. For more information, see Establishing a Connection Between AS ABAP and AS Java.

Activities

If you have a cluster installation, you only have to perform the configuration for a single server. The configuration applies to all of the servers.

...

       1.      From the NetWeaver Administrator, choose Configuration Management Security  Trusted Systems SAML Browser/Artifact Profile Inbound Partners.

       2.      Maintain the parameters that apply to the source site partner:

                            a.      Switch to Edit mode.

                            b.      Select Partners Inbound.

                            c.      To add a new source site partner, choose Add. The Add New Partner dialog appears.

Alternatively, you can choose a source site partner to edit it.

                            d.      Enter a unique Partner Key for your entry and choose Continue.

The system creates a node for your entry.

                            e.      Enter the values for each of the parameters in the Details for the Selected Partner input fields. For more information about the parameters, see Inbound Partner Parameters.

                                                  i.       Choose the name of the Destination for callback to use for the connection to the source site’s responder. You can use the navigation button to choose an HTTP destination specified in the AS Java Destinations.

                                                ii.       Enter the Source ID for the SAML source site and choose its format from the dropdown list. The value for this field is defined by the administrator of the external source site.

                                               iii.       Choose the SAML version that is used for the outgoing assertion request.

Enter the URL parameter for target or use the provided default value. Change the default value TARGET only if your communication partner explicitly deviates from the standard name.

The value for this filed is used only for the artifact responder servlet. When the incoming request is sent directly to the resource, the content is not relevant.

       3.      Adjust the login module stack for the policy configurations of applications that use SSO with SAML.

 

Ende des Inhaltsbereichs