Symptom
You want to use Single Sign-On tickets in the BW Web reporting environment. This note contains indicators and options such as how the system must be configured to be able to use SSO or to check the configuration.
For example, SSO must be configured correctly if (as recommended in Note 498936) you want to use the SAP logon 'SYSTEM/login.htm'.
For example, SSO must be configured correctly if (as recommended in Note 498936) you want to use the SAP logon 'SYSTEM/login.htm'.
Other Terms
SSO, SSO2, cookie, BSP, sso2test.htm, SYSTEM, login.htm.
Reason and Prerequisites
The Internet browser must accept cookies. You can set this in Internet Explorer 6 by selecting the 'Tools' --> 'Internet Options...' --> 'Privacy' menu option.
Solution
System parameter/settings
Configuration check
SAP delivers the sso2test.htm BSP application.
You can use this application to check whether an SSO2 cookie can be created.
Start Transaction SE80
--> 'SYSTEM' BSP application
--> Pages with flow logic
--> Right-click sso2test.htm
--> Test
--> Follow the instructions on the screen
You can also execute the following JavaScript command from the address bar of your Internet browser to check whether an SSO2 cookie currently exists: javascript:alert(document.cookie);
As a result, all current cookies are issued in an alert box.
If an SSO2 cookie exists, an entry would have to exist that begins with 'MYSAPSSO2=....'.
If you cannot display an SSO2 cookie despite this information, check the logon as described in Note 495911 and if necessary, open a message under the component BC-SEC-SSF.
- login/accept_sso2_ticket = 1.
- login/create_sso2_ticket = 2 (recommended) or 1.
- icm/host name full.
- SAPSECULIB / SAPCRYPTOLIB
- Transaction STRUST
- Documentation
- http://help.sap.com/saphelp_webas620/helpdata/en/17/ f8973814eb481fe10000009b38f8cf/frameset.htm
- http://service.sap.com/security
Configuration check
SAP delivers the sso2test.htm BSP application.
You can use this application to check whether an SSO2 cookie can be created.
Start Transaction SE80
--> 'SYSTEM' BSP application
--> Pages with flow logic
--> Right-click sso2test.htm
--> Test
--> Follow the instructions on the screen
You can also execute the following JavaScript command from the address bar of your Internet browser to check whether an SSO2 cookie currently exists: javascript:alert(document.cookie);
As a result, all current cookies are issued in an alert box.
If an SSO2 cookie exists, an entry would have to exist that begins with 'MYSAPSSO2=....'.
If you cannot display an SSO2 cookie despite this information, check the logon as described in Note 495911 and if necessary, open a message under the component BC-SEC-SSF.
No comments:
Post a Comment