Skip to Content

Hi Experts

I have a situation where our AD is authenticated to SAP backend via SNC. AD user and SAP user are different.

We would like to create SSO from the Portal to the SAP backend as well, but we cannot use Kerberos for our user mapping due to our AD restrictions. (Portal user is the same as SAP Backend User)

What are our simplest options, from an implementation and maintenance point of view?

Custom Jaas Login module?

Header Variable?

x509 Client Certificate?

Which of the above do you think will work best and where do I start? Guide?

Can I use an RFC to retrieve the user mapping from the SAP backend or should the user mapping be replicated somewhere else?

Thanks in advance

Anton Kruse

To report this post you need to login first.


You must be Logged on to comment or reply to a post.

    1. Former Member Post author

      Hi Orkun

      Through lots of research I agree.

      Could you help me out with a guide on how to implement the custom JAAS module?

      I want the JAAS module to first retrieve the AD domain user, then retrieve the user mapping to the backend via an RFC call, then log in with the now mapped user.

      Could you provide me with a step-by-step guide? SSO isn’t my forte and haven’t used JAAS before.

      Thanks in advance

      Anton Kruse


Leave a Reply