Show TOC

Single Sign-on to a SiteMinder-protected EISLocate this document in the navigation structure

SiteMinder single sign-on (SSO) provides integration between a SiteMinder-protected EIS and SAP Mobile Platform.

Table 1: SiteMinder Single Sign-on Integration
Accessed Service Details
SiteMinder-protected Web service When an EIS Web service is protected by SiteMinder, SAP Mobile Platform sends the current SAP Mobile Platform user’s SMSESSION cookie when executing the Web service. For more information on sending the SMSESSION cookie to the SiteMinder-protected Web service, see Single Sign-on Using NamedCredential in the Security guide.
SSO2-protected JCo RFC or SAP Web service The SAP server is configured to use SSO2 tickets for single sign-on. SAP Mobile Platform sends the user’s current MYSAPSSO2 ticket along with the request. SAP validates that the SSO2 ticket is valid and was issued by a trusted peer, and executes the request as that user.
Note You must have a SiteMinder agent for SAP installed in a NetWeaver server. SAP Mobile Platform sends the SMSESSION cookie to NetWeaver, the SAP SiteMinder agent validates the cookie, and then the TokenIssuingLoginModule generates an SSO2 ticket and returns it to SAP Mobile Platform as a MYSAPSSO2 cookie.
Web service hosted on NetWeaver requiring both SSO2 and SMSESSION SAP Mobile Platform sends both SSO credentials when executing the Web service call.