1 How to implement single sign-on step-by-step

© 2013 – Ameyablog.com
You are not allowed to re-produce any part of this e-book without acquiring due permission. Contact –
ameya@ameyablog.com for further queries
Table of Contents
--------------------------------------------------------------------------
How to implement single sign-on step-by-step............................................................ 3
Getting Started .................................................................................................................... 3
Download Verify.der file.................................................................................................... 4
RZ10 & STRUSTSSO2 configuration................................................................................ 5
Creating PCD Artifacts – System & iView ........................................................................ 8
Results............................................................................................................................... 11
2 How to implement single sign-on step-by-step
© 2013 – Ameyablog.com
You are not allowed to re-produce any part of this e-book without acquiring due permission. Contact –
ameya@ameyablog.com for further queries
This page is intentionally left blank
--------------------------------------------------------------------------
3 How to implement single sign-on step-by-step
© 2013 – Ameyablog.com
You are not allowed to re-produce any part of this e-book without acquiring due permission. Contact –
ameya@ameyablog.com for further queries
How to implement single sign-on step-by-step
--------------------------------------------------------------------------
Getting Started
In this blog we will see how to implement the single sign-on (SSO) in step by step manner.
SSO enables the use of SAPLOGON TICKETS that bypasses the UIDPW logon method, this
usually done in three parts
1) Retrieving Verify.der file from your portal.
2) Running Transaction RZ10 & STRUSTSSO2 in your backend that you want to connect.
3) Creating system & ivew in your portal.
We will see all of these step-by-step
Before starting please keep in mind that to enable SSO your portal user and backend user has to
be the same.
Logon to your portal using Admin credentials
Go to system Administration System Configuration Key store Administration
4 Download Verify.der file
© 2013 – Ameyablog.com
You are not allowed to re-produce any part of this e-book without acquiring due permission. Contact –
ameya@ameyablog.com for further queries
Download Verify.der file
Click on Download Verify.der file
5 RZ10 & STRUSTSSO2 configuration
© 2013 – Ameyablog.com
You are not allowed to re-produce any part of this e-book without acquiring due permission. Contact –
ameya@ameyablog.com for further queries
Save this file to your local machine.
RZ10 & STRUSTSSO2 configuration
Once done now second part begins, here logon to your R/3 backend you want to connect and run
the transaction RZ10 and this will display screen shown below, here you will find two properties
named
Login/accept_sso2_ticket = 1
Login/accept_sso2_create = 1 (You can keep this = 2 if you don’t want to generate ticket)
6 RZ10 & STRUSTSSO2 configuration
© 2013 – Ameyablog.com
You are not allowed to re-produce any part of this e-book without acquiring due permission. Contact –
ameya@ameyablog.com for further queries
Now run the transaction STRUSTSSO2, this is the trust manager; here you can select the
certificate file i.e. Verify.der,
7 RZ10 & STRUSTSSO2 configuration
© 2013 – Ameyablog.com
You are not allowed to re-produce any part of this e-book without acquiring due permission. Contact –
ameya@ameyablog.com for further queries
Now click on Add certificate to list and Add certificate, this will give you the following screen,
provide the path of Verify.der file and tick option binary.
Once done now click on Add to ACL, this give you the following screen, provide the SID and
client number and click OK.
8 Creating PCD Artifacts – System & iView
© 2013 – Ameyablog.com
You are not allowed to re-produce any part of this e-book without acquiring due permission. Contact –
ameya@ameyablog.com for further queries
Creating PCD Artifacts – System & iView
Now here begins the third and last part of configuring SSO,
Logon to your portal go to system admin system config here create the system for
connecting to the backend.
Provide all properties of system esp. logon method, make it to SAPLOGON TICKET, set the alias
of the system.
Now we are supposed to create iview of type SAP transaction.
Go to content administration and create the iview.
9 Creating PCD Artifacts – System & iView
© 2013 – Ameyablog.com
You are not allowed to re-produce any part of this e-book without acquiring due permission. Contact –
ameya@ameyablog.com for further queries
Select the option SAP Transaction iview and click on next.
Choose the SAPGUI type, in our case we choose SAP GUI for Windows & click on next.
10 Creating PCD Artifacts – System & iView
© 2013 – Ameyablog.com
You are not allowed to re-produce any part of this e-book without acquiring due permission. Contact –
ameya@ameyablog.com for further queries
Select the system you just created from the dropdown menu and provide the SAP transaction that
you want SSO to take you to, we provided SE80 & click on next.
11 Results
© 2013 – Ameyablog.com
You are not allowed to re-produce any part of this e-book without acquiring due permission. Contact –
ameya@ameyablog.com for further queries
Click on preview and you are taken to se80 without asking user id and password, i.e. we have
developed the trust between two system using SAP LOGON TICKET and your SSO is now
configured.
Results