Skip to Content
Author's profile photo Former Member

Common SPNEGO Implementation Issues

Below are few issues and their workaround during the SPNEGO Configuration on SAP EP 7.0 SP14 & Microsoft LDAP Server which I faced:


1) You still get the login page even after complete SPNEGO Installation and configuration. Reason is: There is a Kerberos bug with all JDK versions after JDK 1.4.2_14/15/16/17 but there is a simple work around for this JDK Versions. But if you are doing a fresh installation do it with latest i.e. JDK 1.4.2_18 in this the Kerberos Regression bug is solved. The workaround for the other JDK versions is


Login to your Visual Admin, then go to –>Security Provider –> –>Krb5LoginModule

Add a Parameter isInitiator and Value false. Save it and take a bounce of J2EE.



2) DataSource File: When you are setting Up the UME to use the corporate LDAP as the new datasource, Please download the Krb5.xml files from the SAP Note – 994791. For example – Download the dataSourceConfiguration_ads_readonly_db_with_krb5.xml

Start SPNEGO Wizard using help from


3) After SPNEGO configuration is completed the usual problem is trying to get portal login page for some UME user’s as the LDAP user get’s logged in directly.


There are workaround here:


– To edit the host file on the server and add an entry with hostname different then your local host. In this case your existing portal URL will be : http://portalhostname/irj/portal then now you can open a login page with http://newhostname/irj/portal This will help you but you will have to give remote access to the portal server for few user whom you want to have the login page.


– Another option is available for creating a Redirecting .JSP Page with new URL. Deploy this through an .ear file on portal. Go to Visual Admin and in Security Provider –> Policy configuration …find the new file and add the following:


EvaluateTicketLoginModule       SUFFICIENT

BasicPasswordLoginModule       REQUISITE

CreateTicketLoginModule          OPTIONAL


After this click on Security Roles and add Everyone to the DefaultSecurity role.



Above three points are the issues that I faced during my SPNEGO Portal Configuration and I have collected this materials and workaround from SAP Forums, and of my best knowledge. This blog is to consolidate the general issues that people are raising in the Portal Implementation Forum.



Assigned Tags

      You must be Logged on to comment or reply to a post.
      Author's profile photo Hüseyin Bilgen
      Hüseyin Bilgen
      As I've recently posted in forums (and unfortunately couldn't get any response), When SPNEGO activated, DEploying Portal Application PAR's from NWDS is impossible.
      This is another problem I couldn't find any solution. Still generating PAR file, and uploading via Administraiton Console on Support page.
      Author's profile photo Former Member
      Former Member
      Simple guess :

      After SPNEGO Installation, Is your system accepting the user id with which you are trying to deploy the applications.

      Author's profile photo Hüseyin Bilgen
      Hüseyin Bilgen
      Of course 🙂
      Author's profile photo Former Member
      Former Member
      Your post was very helpful. Thanks.
      Are you up with some other posts?

      Author's profile photo Former Member
      Former Member
      I have configured SPNego in our NW2004s DualStack.
      But the issue when the LDAP user open the Portal URL, he supposed to logged into portal automatically instead login page is getting displayed.

      Please assist me rectifying this issue.

      Kind regards,