Skip to Content
Author's profile photo Former Member

SAP Sourcing/EP SSO Configuration

SAP Sourcing/EP SSO Configuration

*SSO

configuration for same EP System(i.e. on which ESO is deployed)*

Pre-requisites before you start the SSO configuration

    • E-Sourcing release 5.1

    • User id’s between the Enterprise Portal and ESO are

identical.

    • Cookies are enabled within browser.

    • Internet browser must be IE6 or IE7 (also work fine

with firefox 3).

    • Jdk installed on Application server 1.4.2_*

Configuration on EP

0.1. Set the property in

visual admin or Configtool *“ume.logon.httponlycookie

= false”*

0.2. Restart java stack

0.3.

Check MySAPSSO2 Cookie value is retruned

     in the browser

Configuration on ESO Application Server (This Step should be skipped if ESO patch is 07 or above)<br />

0.1.

Run ESO Configure tool from /<FCI_home>/bin!https://weblogs.sdn.sap.com/weblogs/images/252079302/Include_jar.JPG|height=158|alt=image|width=512|src=https://weblogs.sdn.sap.com/weblogs/images/252079302/Include_jar.JPG|border=0!

0.1.

Include custom JAR file “customauth.jar”

     (Get it by raising OSS message)!https://weblogs.sdn.sap.com/weblogs/images/252079302/Customauth.JPG|height=82|alt=image|width=566|src=https://weblogs.sdn.sap.com/weblogs/images/252079302/Customauth.JPG|border=0!

0.1.

Regenrate EAR/WAR file

     (Click on Install)0.1. Remove Fcsourcing

application from application server

0.2. Redeploy new Sourcing

EAR file on application Server

Configurationn on ESO Application

0.1.

Login with Enterprise user0.1.

Goto Directory Configuration0.1.

Click on Edit0.1.

Change “Driver” to “Basic”!https://weblogs.sdn.sap.com/weblogs/images/252079302/General_Dir_Info.JPG|height=176|alt=image|width=665|src=https://weblogs.sdn.sap.com/weblogs/images/252079302/General_Dir_Info.JPG|border=0!

0.1.

Enter authenticator Field “com.frictionless.security.auth.NetWeaverAuthenticator”!https://weblogs.sdn.sap.com/weblogs/images/252079302/driver_config.JPG|height=146|alt=image|width=671|src=https://weblogs.sdn.sap.com/weblogs/images/252079302/driver_config.JPG|border=0!</body>

Assigned Tags

      24 Comments
      You must be Logged on to comment or reply to a post.
      Author's profile photo Tridip Chakraborthy
      Tridip Chakraborthy
      Hi Ankush
      Thanks for putting this up, am sure this will help a  lot of people understand the end to end config elements of crafting the SSO.
      Its short, sweet and communicates the message without getting lost into endless graffiti
      Keep up the good work.
      Cheers
      Tridip
      Author's profile photo Former Member
      Former Member
      Wish we had access to such knowledge base and referal material in our initial days of struggle with the SAP E-Souring application.

      Thanks much Ankush.

      Author's profile photo Former Member
      Former Member
      Hey Ankush,
      Thanks for writing this much needed blog.
      Lots of people are struggling with this SSO.

      You have put a solution which is complex in nature in very simple and systematic steps.

      Cheers,
      Vaibhav

      Author's profile photo Former Member
      Former Member
      Hi Ankush,

      Thanks for this wonderful blog. Just what I was searching for.
      Made the topic look so easy !!

      Keep up the good work,
      Poonam

      Author's profile photo pankaj jadhav
      pankaj jadhav
      Hello Ankush,

      This is simple and perfect solution, many people are strugging to find this solution.
      Thanks for upgrading knowledge of entire community.

      Thanks and Regards,
      Pankaj Jadhav

      Author's profile photo pablovel79 pablovel79
      pablovel79 pablovel79
      Hi Ankush

      we have requested file to SAP and they answer to us "If you are installing version 5.1 SP7 or higher you should not need any
      .jar file for this implementation".

      we have E-Sourcing version 5.1 SP08 and portal 7.0 EHP 1 SP6.

      how is the process in this case?
      I hope may you help us.

      thank you very much.
      Regards Juan.

      Author's profile photo Former Member
      Former Member
      Blog Post Author
      Hi Juan,

      Process will same as above, you can skip jar file upload step.

      SAP has included same jar file from patch 07.

      Regards
      ~Ankush

      Author's profile photo pablovel79 pablovel79
      pablovel79 pablovel79
      ok Ankush, let us verify. thanks for your help!!
      Author's profile photo pablovel79 pablovel79
      pablovel79 pablovel79
      Sorry only a another doubt, the field Enter authenticator Field  is the same? "com.frictionless.security.auth.NetWeaverAuthenticator” or we have to use another?.
      thanks. Best regards. 
      Author's profile photo Former Member
      Former Member
      Blog Post Author
      I guess it will be same as in blog.
      Author's profile photo Former Member
      Former Member
      Hi Ankush,

      Thanks for the useful blog. I have a doubt here, My questions is, with the below configuration, can we do SSO between Portal and E-Sourcing.

      Our landscape is,
      1. E-Sourcing is deployed on JBoss Application stack
      2. E-Sourcing version eSO 5.1 SP08
      3. Portal is on EHP1 SP06

      While following the blog, Can we skip the Driver Configuration --> Authenticator Field.  Will this work, because "com.frictionless.security.auth.NetWeaverAuthenticator", seems to be a custom Jar File.

      Kindly let us know and help on the same.

      Regards,
      Souza.

      Author's profile photo Former Member
      Former Member
      Blog Post Author
      Hi Souza.

      Above configuration is valid only for..ESO deployed on same portal.

      In your case...you can follow the steps provided in the guide..as ESO is deployed on jboss and EP is on different server.

      Do not maintain ext_login_page property in this configuration also.

      ~Ankush

      Author's profile photo Former Member
      Former Member
      hi

      can anybody guide me that how to rever the above changes. i did according to above steps. but it is not working. so i need to rever back it now.

      please help.

      Author's profile photo Former Member
      Former Member
      Blog Post Author
      Hi Mahendra,

      To revert the changes..follow the steps below

      1) Login with "Enterprise" user ID
      2) Goto Directory configuration
      3) Make driver to "Local"
      4) Make authentication field blank.

      It will revert all your settings done for SSO.

      ~Ankush

      Author's profile photo Former Member
      Former Member
      Blog Post Author
      Hi Mahendra,

      To revert the changes..follow the steps below

      1) Login with "Enterprise" user ID
      2) Goto Directory configuration
      3) Make driver to "Local"
      4) Make authentication field blank.

      It will revert all your settings done for SSO.

      ~Ankush

      Author's profile photo Former Member
      Former Member
      Hi ankush,

      it is not allowing me to login to e-sourcing application. it is redirecting to portal link.

      Please suggest.

      Regards,
      Mahendra

      Author's profile photo Former Member
      Former Member
      Blog Post Author
      Mahendra,

      I guess you have maintain *ext_login_page* property.

      Please call me. I need to have better understanding what exactly you have done.

      ~Ankush

      Author's profile photo Former Member
      Former Member
      Hi,

      Thanks for the useful blog. We have problem and we are stuck up since long with out any help.
      We are trying to integrate E-Sourcing(Running in JBOSS) in Enterprise Portal.  We have followed the below steps:

      1. Deploy the E-SOURCING SINGLE-SIGN-ON SCA file

      2. Import/Export the Certificate in SAP CLM

      3. Import the NetWeaver certificate for the specific system into the SAP E-Sourcing server key store

      4. Activate SSO in SAP CLM

      5. To configure the local buy-side (internal) directory to activate the SSO, launch SAP E-Sourcing and did Directory Configuration.

      6. In the Authenticator field, we put com.frictionless.usermgmt.security.ExtSAPNetWeaverAuthentication

      8. Changed bypass_error_block to TRUE.

      9. Configured ext_login_page according to the given format.

      We have the below problem:
      1. When we try to login into portal, we are redirected to e-sourcing page, where it asks us for username and password.

      2. At the same time, when we are unable try to login directly into E-sourcing to0.

      We are not sure, what is missing, where to check and completly clue less.

      Kindly help us on this.

      Thanks in Advance.

      Regards,
      Venkatesh

      Author's profile photo Former Member
      Former Member
      Blog Post Author
      Hi Venkatesh,

      Please provide me following details

      1. JDK version you are using for ESO/CLM,
      2. ESO/CLM version
      3. JDK version for EP

      Mark me a mail. will revert you soon

      Regards
      ~Ankush

      Author's profile photo Ashish Shah
      Ashish Shah
      Hi Ankush,

      If i have SAP EP on a SAP WebApplication server A. and SAP ESO on other SAP WebApplication server B. then what all steps will be different for SSO configuration?

      Regards,
      Ashish Shah

      Author's profile photo Former Member
      Former Member
      Blog Post Author
      Hi Ashish,

      Please let me know your OS, jdk and ESO versions
      Mark me a mail...I will revert you soon.

      Regards
      Ankush Mittal

      Author's profile photo Former Member
      Former Member
      Hi
      In my system I configure the driver authenticator as: com.frictionless.usermgmt.security.ExtSAPNetWeaverAuthentication

      Nothing was working everytime I tried to set thi up until I found that you have to restart the fcsourcing application in visual admin or restart the whole j2ee admin.
      After the restart. everything start to work perfectly.

      This was my 2 cents

      Andre Lachapelle

      Author's profile photo Former Member
      Former Member
      Hi,

      We have configured SSO between E-Sourcing with Portal.  We are having problem with some userids.

      Configuration:
      1. E-Sourcing is deployed on JBoss Application stack
      2. E-Sourcing version eSO 5.1 SP08
      3. Portal is at version 7.0 EHP1 SP6

      We are facing problem in SSO with few userids. Below is the case:
      1. ESO --> User exists with UPPER CASE, where as in AD it is in LOWER CASE:
      2. ESO --> everything is fine, if ESO=AD=Lowercase.

      we tried the below settings,
      SETUP SYSTEM PROPERTY upp.extservletauthenticator.username_regex
      s/\S+\\(\S+)/\L$1/
      but nothing worked.

      Any solution or ideas are most welcome.

      Regards,
      Venkatesh

      Author's profile photo Former Member
      Former Member
      Hi Ankush,

      I am trying to create SSO between Non-Java application and E sourcing Application.Can you please help me to provide any resources in this respect.