Authentication and Single Sign
Authentication and Single Sign
Authentication and Single Sign
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Multi Domain SSO<br />
Recommendation:<br />
• Use one DNS (sub-) domain for SSO purposes ( increased security!)<br />
• E.g. portal.sso.company.com, its.sso.company.com, …<br />
• Set UME property ”domainrelaxlevel” accordingly<br />
Alternative: Configure SAP EP for multi domain SSO<br />
• Ticket sending instances required in every domain<br />
• Portal sends SAP Logon Ticket content via client redirects to every<br />
ticket sending instance.<br />
• Client will get as many cookies as domains (also see SAP Note 654982)<br />
• Configuration details:<br />
http://help.sap.com Netweaver '04 documentation Security User<br />
<strong>Authentication</strong> <strong>and</strong> <strong>Single</strong> <strong>Sign</strong>-On <strong>Authentication</strong> on the Portal <strong>Single</strong><br />
<strong>Sign</strong>-On <strong>Single</strong> <strong>Sign</strong>-On with SAP Logon Tickets<br />
• EP6 SP2 only supported on per project basis, see SAP note 673824<br />
© SAP AG 2005, <strong>Authentication</strong> <strong>and</strong> <strong>Single</strong> <strong>Sign</strong> On / Patrick Hildenbr<strong>and</strong> / 21