So a good starting point is to take a look at what’s referenced in the install guide as the official starting point for setting up the Directory configuration. [SAP Help Sourcing 7 Directory configuration | http://help.sap.com/saphelp_sourcing_70_p/helpdata/en/ba/bb79bed76f43dfbd85415ce1bf908a/frameset.htm]
- SAP-Sourcing 7.0 or a higher patch level
- NetWeaver CE 7.11 sp5+ Java Stack
- Trust certificates from Authenticated system to NW AS
- User IDs maintained in: **
- NetWeaver Application Server Authenticator for EP (UME) 0.1.
- NetWeaver Application Server UME for SAP Sourcing
Activate SSO in SAP Sourcing
- Create the SSO cluster, and also leave a second cluster for use as the non-SSO cluster.
- Configure the local buy-side (internal) directory to activate the SSO:
- Login to SAP E-Sourcing as Enterprise and go to:.
- Setup -> Configuration -> Directory Configuration.
- Choose the active buy-side configuration.
- Click Edit.
- Choose the ‘NetWeaver UME’ option in the Directory Type field.
- In the properties tab select the *bypass_error_block *from the Property Name drop-down list and set the Property Value to TRUE. Note: If this property is not set to TRUE, the user is redirected to the SAP E-Sourcing login page when the session times out.
- The Attributes settings should be set as follows: | NAME | uniquename | Pull |
- 10.Save the configuration.
The UME Driver Using the NetWeaver UME driver doesn’t necessarily mean that you are using SSO. However it does mean that the NetWeaver UME APIs are being used for authentication and data synchronization. Because SAP Sourcing uses the NW APIs for authentication, it will typically have the NW login page dispatched when the user is required to enter credentials, but not always. The authentication configuration in NetWeaver will also determine if SSO is used or not, but even if it’s configured for Basic authentication, NetWeaver challenges the user, not SAP Sourcing.
This link contains information on how to update and brand the NetWeaver login page: Logon Screen Customization (http://help.sap.com/saphelp_nwce10/helpdata/en/43/fc3ae22adb025fe10000000a1553f7/frameset.htm)
Establishing Trust between SAP Sourcing and the Enterprise Portal
This process should be fairly common across your landscape, and the help.sap.com pages have a wealth of information on it. Trust is established between the Portal and SAP Sourcing systems by generating the verify.der in the portal and importing it into the NetWeaver Java AS that the Sourcing application is on. System Administration -> System Configuration -> Keystore Administration -> Click on download verify.der.zip button.