Skip to Content
Author's profile photo Former Member

SSO from the Enterprise Portal to SAP-Sourcing

h2. *Requirements.* *SAP-Sourcing 5.1.06 or higher

*Trust certificates from Authenticated system to NW AS *User IDs maintained in:                                    SAP-Sourcing                                    NetWeaver Application Server UME for EP and Sourcing                                    or the SSO provider/authenticator image

Assigned Tags

      5 Comments
      You must be Logged on to comment or reply to a post.
      Author's profile photo Former Member
      Former Member
      Hello Paul,
      Thanks for a neat description of the process. We recently established SSO for the CLM system from our EP. I think the steps have changed after some SP level (SP6 maybe) because we were failing after following the steps in the installation guide.

      However, I am still unable to configure the logout page. I want the users to be redirected to the portal login page on clicking logout in CLM. This is not working despite maintaining the Portal URL in the properties.

      Am I missing something here?

      Author's profile photo Former Member
      Former Member
      The ext_logout page is the URL users are redirected to after logout.

      It may not be working as the cookie maintained by the SAPLogonticket is still chaced in the browser session and is causing another login attempt.

      It may well be a portal setting that needs changing.

      Author's profile photo Srivatsan Guruswamy
      Srivatsan Guruswamy
      Hi Paul,

      At this point we are using Microsoft 2003 AD (corporate LDAP) to authenticate when connecting to E-Sourcing URL (http://host:port/fsbuyer/portal/login).
      We are planning to  switch to use SSO with Enterprise portal.
      So should we switch from using Microsoft AD to the local directory (dir.local.bs)?

      Regards,
      Srivatsan

      Author's profile photo Former Member
      Former Member
      When switching to SSO you should create a new directory with the Driver set to Basic, the LDAP configuration can be left blank.
      Author's profile photo Srivatsan Guruswamy
      Srivatsan Guruswamy
      Thanks for your quick response Paul!

      Does it mean we would have to make the Microsoft AD inactive and activate the new directory (dir.local.bs or similar) and make that default?
      I also assume I should set this directory (dir/local.bs) in the User profile 'Account management' tab?

      Thanks again for your help on this.

      Regards,
      Srivatsan