SSO configuration between SAP Portal 7.3 and ECC 6.0 Ehp 6
Initially when I wanted to work on SAP Portal 7.3 integration with SAP ECC 6.0 Ehp 6 ,I hardly could find material in SCN. There was a site in http://help.sap.com, but it did not had sufficient useful information with step by step Configuration (work instruction). So I thought to share in detail about the settings required for SSO between portal and ecc systems for this Blog.
In this blog, I am explaining about system object configuration in portal, SSO configuration from portal end. Just for understanding I have taken a Scenario, which I have stated below.
Generally many SAP systems will be there in the landscape like ECC,BW,SRM,CRM and Portal, then a single sign-on (SSO) environment can help to reduce the number of passwords that users have to remember in their daily routine life.
In the portal environment, SSO eases user interaction with the many systems, components, and applications available to the user. Once the user is authenticated to the portal, he or she can use the portal to access the different SAP systems without having to repeatedly enter his or her user information for authentication
1) Creation of System object in SAP Portal
System Object is a set of connection properties to represent an external or SAP systems (SAP ECC/SRM/BW) used to retrieve data into portal iViews.
Create System Object using Template. Choose system object template as per the requirement. In my case, I selected system template- SAP system using dedicated application server.
Enter System Name, System ID, Description
2) Add System alias on system object
4) To dowload certificate you need to select Ticketkeystore
5) Then click on export key button to get required certificate from portal server
6) You have import portal certificate into ECC server using Transaction -strustsso2. In the certificate area click on import certificate button (green color) then browse the file which you have downloaded earlier from Portal server. Then click on add to certificate list button after that click the button Add to ACL, here you need to provide SID of portal in system ID text field and 000 as client text field.
7) Add profile parameters in ECC server using RZ10, it is
c) icm/host_name_full= <FQDN>
8) Check Single Sign-On. Go to http://<server>:<port>/irj/portal
a) System Administration – Support- Application Integration and Session Management- Test and Configuration tools
b) Under Tool, Select Transaction and Click on run.
c) Under System, Select System that you created earlier and Enter any transaction code SU3. And click on Go.
d) It should login to your backend As ABAP system without asking password.
9) Also you can verify it in system administration ,System configuration, System Landscape, then check the status