Warning: Patching your SAP BI 4.0 to SAP BI 4.1 will break your AD SSO!
Patching to SAP BI 4.1 will indeed break your Active Directory Single Sign On in one or two places if your Web Application Server is Apache Tomcat.
- SAP BusinessObjects Business Intelligence Suite 4.0
- Apache Tomcat
Don’t worry, the solution(s) are simple!
1: Your .properties files
It is widely documented that when you patch, the content of the webapps folder will redeployed therefore all customisations will be lost.
The solution is to of course either manually re-apply the changes you have made or better, from SAP BI 4.0 you can save the updated .properties in a folder and they will get redeployed automatically.
See SAP Note 1615492
2: Your Apache Tomcat server.xml
This one was a bit trickier! The problem is that manual authentication is still working and Silent SSO is working for some of the users. The others receive a HTTP error.
Turns out patching from SAP BI 4.0 to SAP BI 4.0 will also install a new version of Apache Tomcat (From Tomcat 6 to Tomcat 7). The installation folder is a bit different too:
- Old Location: C:\Program Files (x86)\SAP BusinessObjects\Tomcat6\
- New Location: C:\Program Files (x86)\SAP BusinessObjects\tomcat\
Doing so, the content of your server.xml has been lost. Simply edit the new server.xml and make sure to re-apply the
maxHttpHeaderSize=”65536″ value in the Connector Port.
More details about this: SAP Note 1631734
Hope it helps!