This procedure shows step by step how to make your SAP EP to issue Logon Ticket for multiple domains.
By default SAP EP is configured to issue the SAP Logon Ticket for the same domain where portal is associated. For example SAP EP is in domain tcs.com thus the SAP Logon Ticket will be by default created and sent along with request from portal to target server of same domain tcs.com. Many a times it is required to sent the SAP Logon Ticket to server in another domain i.e. tcs.in. Follow the following steps to make Portal issue ticket for another domain tcs.in.
There need to be a web server in target domain (tcs.in in our example). The supported web servers are
Microsoft Internet InformationServer (IIS) 5.0 / 6.0 on Windows 2000
Apache Web Server 1.3 Windows 2000, Linux
iPlanet Web Server FastTrack / Enterprise Edition4.0 Windows 2000, Linux
How it works:
There need to be a hidden iView in SAP EP which sends request to a web server (MS IIS in our example) in target domain along with the SAP Logon Ticket as an argument. The target server has a component (asp/jsp/php) which receives this request from portal and creates another SAP Logon Ticket for this new domain. The new ticket is sent to users browser as a cookie. When the request from portal goes to any application of another domain, the newly issued SAP Logon Ticket for that domain is sent by Portal.
1. Prepare IIS server to accept and issue new Logon Ticket request
a. Download “iis6_sso.dll” (for MS IIS 6.0) “iis_sso.dll” (for MS IIS 5.0) and wpsso_v3.dll from SAP Note 442401.
b. Place these dlls in root folder of IIS (C:\Inetpub\wwwroot).
c. Open IIS -> default web site -> properties -> ISAPI filters. Click on add button and browse to C:\Inetpub\wwwroot\iis6_sso.dll. Give a filter name (IIS6 in example) and save it. Restart the IIS server.
d. Again open Open IIS -> default web site -> properties -> ISAPI filters. It should show IIS filter up and green.
e. If you don’t see the green please refer to SAP Note 684106 for further required dlls.
f. On SAP edit the UME property ume.login.mdc.hosts to
4. Integrate this iView with SAP EP so that this is called at every time when user logs in
a. Open the framework page which is used for your portal users. By default it is at content administration -> Portal content -> portal content -> Portal user -> Standard portal user -> Default framework page.
b. Add your provider iView (SSO2Provider) to the page.
c. Save the framework page
The above example is valid for using IIS as the web server to issue another ticket to portal. This document can be used as a reference for achieving the multi domain ticket issuing for other web servers as well.
2. How to guides
3. Service market place notes