Show TOC

Identity Provider Discovery Read Service of AS JavaLocate this document in the navigation structure

Use

SAP NetWeaver Application Server Java includes a read service for the common domain cookie (CDC). A common domain cookie allows the service provider to view and use the identity providers recently visited. A read service for the common domain cookie is available on the service provider side. It allows the service provider to read the list of identity providers. At the opposite side, the identity provider has a write service for the common domain cookie. It allows the identity provider to modify the CDC identity providers list.

An internal CDC read service is one that is located in the same domain as the service provider. An external CDC read service is one located in a different domain. If you are using an external CDC service, you need to configure the list of sites the CDC service is allowed to redirect to, and add the service provider to this list. For the internal CDC read service, this is not necessary.

Procedure

Defining the CDC Read Service to be Used by the Service Provider

  1. Open the SAML2 configuration user interface

  2. Choose Start of the navigation path Local Provider Next navigation step Service Provider Settings End of the navigation path.

  3. Specify whether you want to enable internal or external CDC read service. You can enable both at the same time.

    If you enable an external CDC read service, you need to specify a valid CDC read service URL. For the SAP CDC read service, use the following URL:

    https:// <hostname> : <port> / saml2/ idpdiscovery/ read

Configuring the External CDC Read Service

  1. Open the SAML2 configuration user interface

    • Directly in your Web browser

      Use the following URL:

      https:// <hostname> : <port> /webdynpro/resources/sap.com/tc~sec~saml2~cfg~wd/IdPCDCReadCfg

    • Using the SAML2 configuration user interface

      Open the SAML2 configuration user interface, and choose Start of the navigation path Local Provider Next navigation step Service Provider Settings Next navigation step Identity Provider Discovery: Common Domain Cookie (CDC) Next navigation step External CDC Read Service URL Next navigation step Configure External CDC Read Service End of the navigation path.

  2. Choose Edit .

  3. Add the service provider's site to the allowed redirect sites for the CDC read service.

    Use the format <protocol> :// <hostname> : <port> .

  4. Choose Save .