Show TOC

Configuring Network-Edge Authentication with a SiteMinder-Protected Back EndLocate this document in the navigation structure

Configure the SMSESSION cookie for unprotected network-edge authentication to a SiteMinder-protected back end.


Unprotected network-edge authentication requires that you change the Web service endpoint in Management Cockpit to use the SMSESSION cookie for single sign-on. By default, the SAP Mobile Platform server name is either SAP Mobile Platform Server or a reverse proxy, depending on your configuration.


  1. In Management Cockpit, create a security profile for network-edge authentication:
    1. Select Settings, and click New.
    2. Enter nne_auth in the Security Profile Properties field.
    3. Under Authentication Providers, click New.
    4. Select HTTP/HTTPS Authentication from the list, then click Create.
    5. Enter these values:
      Field Value
      URL Point to the reverse proxy set up in the network edge that authenticates the user before forwarding the request to SAP Mobile Platform Server
      SSO Cookie Name MYSAPSSO2
    6. Click Save.
    7. Click OK.
    8. Click Save.
  2. Create an application:
    1. In Management Cockpit, select Applications, and click New.
    2. Enter these values:
      Field Value
      ID nne_test
      Name nne_test
      Vendor SAP
      Type Hybrid
      Description Unprotected network-edge testing of SiteMinder
    3. Click Save.
  3. Create the application end point URL:
    1. Click Back End.
    2. In the Endpoint field, enter the URL of the Web service that expects the MYSAPSSO2 token to authenticate the user.
    3. Click Authentication, select Existing Profile.
    4. Select nen_auth in the Name list.
    5. Click Save.
    6. Click Yes.