The most common SSO setup for Sourcing involves setting up an URL iView originating from an SAP Enterprise Portal 7.3 system. In this blog I’ll outline the basic steps to configure the Portal to have Sourcing work as an embedded iView in the Enterprise Portal 7.3
||Login to http://<hostname>:<portal>/irj/portal with administrators rights
||Click on “Content Administration”
||Go to Portal Content->Content Provided by SAP->End User Content->Standard Portal Users->iViews
||Create new folder under selected directory
||Click on the right mouse button and select New->Role->WorkCenter Role
||Fill in Role Name field and click Finish
||Click right mouse button on the just created role and select Open->Role
||In the top toolbar select New -> Detailed navigation Entry->iView from Template.
||In the list with radio buttons find URL iView, check this one and click Next button.
||Fill in Name field and click Next button.
Fill in Enter URL field with the Sourcing login page URL
||You can click on Browse/Capture->Ok to check if the entering URL is available
||Click Next an Finish
||In the appeared menu select Open the object for editing and click Ok
||Select Properties->All and click on Modify Properties button
||Find “Launch in New Window” property and change the value to “Display in Separate Window”. Save changes. Here is a link that can be useful to configure iView properties. http://help.sap.com/saphelp_nwce10/helpdata/en/13/81a66d100011d7b84b00047582c9f7/frameset.htm
||Goes to User Administration in the top level navigation toolbar and find user that has to see Sourcing iView link on the Portal page
||Click Modify button and go to Assigned Roles.
||In the Search Criteria dropdown select Portal Role and find the Role created on the 6th step
||Assign this Role to user and save changes.
||Log off from the Portal and login as user that has iView Role
Hey Presto you have a Sourcing iView!
If you are trying to have an HTTPS based embedded iView be sure to review the SAP Sourcing 9.0 Configuration guide and set the System property system, system.security.csrf.trusted_referrer_domains as required to allow sourcing to trust and be embedded in the Portal.
Hi Paul Wagner,
Good to see your Blog, I would like to know how to create a System Object between Portal and CLM System.
In general my portal is 7.4. When i started creating New System which template i need to take, iam bit confused. Could you please help me on this.
Thanks for this - this is an excellent overview.
One variation question here. Are you aware of an iView type or scenario where the sourcing portal content is rendered inside the portal - as opposed to calling the sourcing URL as a new session.
Ideally, we'd like to have sourcing behave in the same way as other SAP functions where the calls are server-based and not client-based.
Insights and perspectives would be greatly appreciated.
Paul, need to connect with you offline regarding one of my customers who is implementing SAP Sourcing and has challenges with configuring external access. Since the customer is a secure support customer of SAP, I can't discuss more details in this forum. Please let me know if we can connect offline. My email id is: firstname.lastname@example.org
I followed your document and created URL I-View in portal to access CLM content.
When i click on the link, it was showing log-off page and once i click on the "Logon Again" tab, it was logging into the CLM sourcing page as shown in the figure.
Note: I did not perform single sign-on since portal and CLM system runs on same HOST.
Is this error caused due to single sign-on.
Kindly help me in this regard.
when you log into the sourcing system, you are logged in as the same user you logged into the portal with correct?
Yes.The user is same in portal and CLM since we have common UME.
since both the portal and application use the same authentication with UME, it makes sense that once you have authenticated, you have a valid logon session. this allows authentication in the application. This would not work this way if the app and the portal were not sharing the same user store.
Thanks for your response.You are correct.
Can you please tell me that, Is there any additional configuration missing at directory level?
To provide information on directory configuration at Supplier Directory,
Below are details i see at directory level.
Properties: bypass_error_block :TRUE
Name uniquename Pull
EMAIL email Pull
FIRST_NAME firstname Pull
LAST_NAME lastname Pull
Note: I have created Sourcing_supplier_role in UME and assigned to the user and provided this role in External Role field in the directory configuration.
Since i am not familiar with CLM,i feel, there is something,we are missing at directory level.Can you please throw some light on this?
The only thing I see that I would question is the attributes set to PULL. Are you planning on supporting external users creating/maintaining there own accounts? If yes it is more appropriate to be set to PUSH. Are the external user logins working correctly or not?
We are not giving an option to create/modify user accounts to external users.All the external Users will be created in SLC(New Supplier) or existing suppliers will be replicated from ECC to SRM since we have user store as SRM. Portal UME is pointing to the SRM as user data source.Hence, we are using PULL property.
External User logins are working fine.
I have raised OSS message as well.I will keep you posted the result.
I followed your document and created a URL iView in portal to access SAP Sourcing, however when we log on to the SAP Sourcing we cannot display the Workbench and when we navigate to the Line items in the Master Agreement. The Line items are shifted across the page to the right.
Could you kindly assist in this regard
Thanks for good information. Can you please help me know this approach gives any issues when we access CLM from EP in IE11.