Show TOC

Procedure documentationCreating a Trusted Relationship with Enterprise Search Locate this document in the navigation structure

 

To permit searches using the identity (and thus the permissions) of the user logged on to the Search UI and to allow the user to access the data related to the search results directly in the back-end system, you must establish a trusted relationship between SAP NetWeaver Enterprise Search and the Application Server ABAP of the back-end system.

Prerequisites

The Application Server ABAP of the back-end system must be configured to accept logon tickets. See the Checking Profile Parameters section.

Procedure

Exporting the Key Certificate from SAP NetWeaver Enterprise Search

You must work through the following steps in the SAP system for SAP NetWeaver Enterprise Search:

  1. Run transaction STRUSTSSO2. To do this, you require authorization for client 000.

  2. In the left tree view, navigate to the system on which SAP NetWeaver Enterprise Search is installed and double-click the entry.

  3. In the upper area, Own Certificate, double-click the entry in the Owner field.

  4. Choose the menu path   Certificate   Export   and export the SAP certificate, specifying the name LogonTicketKeypair_Cert, to a location that can be reached from the back-end system.

Importing the Key Certificate to the Back-End ABAP System

  1. Log on to the back-end ABAP system with an administrator user.

  2. Run transaction STRUSTSSO2. To do this, you require authorization for client 000.

    Note Note

    The layout of the transaction window varies slightly, depending on the release of the SAP system.

    End of the note.

  3. On the left side, select the entry for the back-end system.

  4. Choose the menu path   Certificate   Import  .

    The Import Certificate screen appears.

  5. Select the file you exported beforehand and specify the file format of the file to be imported.

  6. In the Certificates area, choose the Add to Certificate List command.

  7. Choose Add to ACL, to add SAP NetWeaver Enterprise Search to the ACL list.

  8. In the dialog box that appears, enter the SAP system ID of SAP NetWeaver Enterprise Search and the client 000.

  9. Save your entry.

Checking Profile Parameters

  1. Start transaction RZ10 on the back-end ABAP system.

  2. Choose the instance profile extended maintenance.

  3. Choose Change.

  4. Make sure that login/create_sso2_ticket is set to 2 and login/accept_sso2_ticket is set to 1.