Show TOC

Configuring SiteMinder Integration with SAP SSO2Locate this document in the navigation structure

Use Management Cockpit to create a security profile for your single sign-on (SSO) applications.

Procedure

  1. In Management Cockpit, create a security profile for network-edge authentication:
    1. Select Settings, and click New.
    2. Enter a name in the Security Profile Properties Name field, for example ne_auth.
    3. Under Authentication Providers, click New.
    4. Select Populate JAAS Subject From Client from the list, then click Create.
    5. Enter these values:
      Field Value
      Client HTTP Values As Name Principals SM_USER
    6. Under Authentication Providers, click New.
    7. Select HTTP/HTTPS Authentication from the list, then click Create.
    8. Enter these values:
      Field Value
      URL Point to a SiteMinder-protected reverse proxy that can proxy to a SiteMinder Agent for SAP that can issue the MYSAPSSO2 cookie with the SSO2 ticket in it
      SSO Cookie Name MYSAPSSO2
      Client HTTP Values To Send SMSESSION
      SendClientHttpValuesAs cookie:SMSESSION
      Note The reverse proxy should add the WASUSERNAME header to the proxy request, where the header value contains the user ID for which you need to generate the SSO2 ticket.
    9. Click Save.
    10. Click OK.
    11. Click Save.
  2. Create an application in Management Cockpit:
    1. In Management Cockpit, select Applications, and click New.
    2. Enter these values:
      Field Value
      ID ID name
      Name ID name
      Vendor Vendor name
      Type Application type
      Description Description information
    3. Click Save.
  3. Create the application end point URL:
    1. Click Back End.
    2. In the Endpoint field, enter the URL of the Web service that expects the MYSAPSSO2 token to authenticate the user.
    3. Click Authentication, and select Existing Profile.
    4. From the Name list, select the name configured in Step 1b, for example ne_auth.
    5. Click Save.
    6. Click Yes.