Show TOC

 Logon Tickets

 

For logon tickets, you must configure the ABAP front-end server to issue logon tickets. Alternatively, you can use an existing system, such as a portal, in your landscape that already issues logon tickets. In addition, you must configure the required back-end systems (ABAP or SAP HANA) to accept logon tickets. You must also ensure that users in the ABAP system have the same user names as the database users in SAP HANA; user mapping is not supported.

As logon tickets are transferred as browser cookies, you can only use this authentication mechanism if all systems in your system landscape are located within the same DNS domain.

Recommendation Recommendation

The new standardized authentication methods Kerberos/SPNego, X.509 certificates, and SAML 2.0 provide additional security and flexibility features compared to proprietary logon tickets. For example, you can define user mappings and shorten token validity periods or session lifetimes on the server. Therefore, we recommend using Kerberos/SPNego, X.509 certificates, or SAML 2.0 where technically possible.

End of the recommendation.

Note Note

From SAP NetWeaver 7.4 Support Package 6, you can perform setup tasks for SAP Fiori by using task lists that SAP delivers. A task list groups configuration tasks logically and guides you through the necessary tasks.

For an overview of all task lists and tasks for SAP Fiori, see Configuration Using Task Lists.

End of the note.

You can use the following task list to perform this step:

  • SAP_SAP2GATEWAY_TRUSTED_CONFIG

Configuration

For information about the configuration that is required for using logon tickets, see:

  • For SAP NetWeaver 7.31: Start of the navigation path http://help.sap.com/nw731Information published on SAP site Next navigation step Application Help Next navigation step Function-Oriented View Next navigation step Security Next navigation step User Authentication and Single Sign-On Next navigation step Integration in Single Sign-On (SSO) Environments Next navigation step Single Sign-On for Web-Based Access Next navigation step Using Logon Tickets Next navigation step Using Logon Tickets with AS ABAP Next navigation step Configuring AS ABAP to Accept Logon Tickets End of the navigation path.

  • For SAP NetWeaver 7.4: Start of the navigation path http://help.sap.com/nw74Information published on SAP site Next navigation step Application Help Next navigation step Function-Oriented View Next navigation step Security Next navigation step User Authentication and Single Sign-On Next navigation step Integration in Single Sign-On (SSO) Environments Next navigation step Single Sign-On for Web-Based Access Next navigation step Using Logon Tickets Next navigation step Using Logon Tickets with AS ABAP Next navigation step Configuring AS ABAP to Accept Logon Tickets End of the navigation path.