Skip to Content

If SNC is activated in SAP GUI and in NWBC, the logon popup never appears again.

This is exactly what you would expect from a

Single Sign-On technology, but sometimes you might still want to have a logon popup (for testing purposes for example).

If you have previously used the SAP Logon Pad, you might know the options SNC Logon with Single Sign-On (Enter) and SNC Logon without Single
Sign-On (Shift+Enter).

Unfortunately we do not have this kind of “switch” in NWBC.

Fortunately however there is a workaround:

You can use the existing external service (delivered with 7.40) /nwbc-no-sso.

This alias calls the NWBC service without support of certificates and always forces a logon screen.

/wp-content/uploads/2014/07/sicf_nossoalias_496943.png

Alternatively, you can create your own external alias in transaction SICF.

See: http://help.sap.com/saphelp_nw70ehp2/helpdata/en/78/9852bdc06b11d4ad310000e83539c3/frameset.htm

To report this post you need to login first.

10 Comments

You must be Logged on to comment or reply to a post.

  1. Marc Baumann

    Hi Sandra,

    thanks for the workaround.

    unfortunately this works only as long as you stay in the web world. as soon as you enter the first abap transaction in nwbc which starts sapgui implicit, you get again the logon screen. and if you have a certificate you just have the option to choose one of your mapped user (snc), hence no chance to enter again the same user/password as in nwbc…

    it would only work if you remove the <SaplogonDescr> Parameter in the nwbcoptions.xml file… but then snc is deactivated

    do you have a solution that snc can still be activated?

    Regards Marc

    (0) 
  2. Carmen Wirthensohn

    Hello Sandra,

     

    I have tried your description but it doesn`t work. NWBC still uses SSO. I should have a possibility to log in with another SAP User for tests.

    I have created a new external Alias named /nwbc-no-sso and deleted the Logon through SSL Certificate.

    I used this URL: https://servername.domain:port/nwbc-no-sso/ for testing.

     

    Should I do some more things or does this workaround not work anymore?

     

    KR

    Carmen

     

     

    (0) 
    1. Sandra Thimme Post author

      Hi Carmen,

      Quick and dirty solution (not officially supported): IE Explorer => Internet Options => security =>Trusted sites, choose Custom Level and select “Don’t prompt for client certificate selection when no certificates or only one certificate exists”. Select “Disable”. If you start Business Client again you can see which certificate will be used and you have the possibility to cancel the request => logon popup will appear.

       

      The supported solution is to create a new external alias (/nwbc-no-sso, Trg Element: /default_host/sap/bc/nwbc,  description “this alias calls NWBC service without support of certificates and forces a logon screen) in transaction SICF. An alias where you delete option 2 (Logon Through SSL certificate) inside Logon Data/Logon Procedure as described in the blog.

       

      Regards,

      Sandra

       

      (0) 
    1. Sandra Thimme Post author

      Hi Michal,

      you are looking the right way. If the service is not available in your system please create your own service. Choose alternative logon procedure, delete logon with SSL and select SAP Assertion tickets as logon procedure.

      Regards,

      Sandra

      (1) 
  3. Thomas Menges

    Hi Sandra,

    we have the problem only in Business Client 6.5.

    When we are using BC 6.0 and are starting a link to a Fiori App (SSO) there will appear a SSO PopUp only one time. That’s OK.

    After closing the created tab in BC6.0 an starting the Link to the Fiori App  again, no PopUp will appear again. Great !!

     

    In BC 6.5 every time starting the link a PopIp for the SSO is shown. That’s a problem using the BC 6.5.

     

    What can be done to solve the problem because we want to use BC 6.5 (Belize theme).

     

    Thanks and regards,

    Thomas

    (0) 
    1. Sandra Thimme Post author

      Hi Thomas,

      it is not that easy to just compare 6.0 with 6.5. It really depends on Patch-Levels, tentative new systems with different settings, Back-end-Changes. Only updating BC without touching anything else the behavior you describe is not reproducible in my environment. We’d need the traces. So you have to open a ticket to reproduce that issue.

      Regards,

      Sandra

      (0) 
      1. Thomas Menges

        Hi Sandra,

        yes I agree with you. But nevertheless if you want to use BC6.5  with a (business client connection) and there you have some links to Fiori apps (SSO) the shown SSO-PopUp should only be prompted once and not every time you click on the link.

        What would you do to solve this problem ?

        Regards,

        Thomas 

        (0) 
        1. Sandra Thimme Post author

          SAP Business Client 6.5 

          Hi Thomas,

          I could use Chrome with our new beta version.

          As a workaround without Chrome you could switch to the browser engine internetExplorer (Loosing the advantages of the multi-process-design). The logon popups should disappear. Try it.

           

          NwbcOptions.xml: <PreferredBrowserType>Type</PreferredBrowserType>

           

          Meanwhile you have to check your requests/certificates. For the Fiori Apps you have to check the logs on the fronted server. FLP standalone in Chrome=>F12 key =>jQuery.sap.log.setLevel(5).

           

          And I guess then it’s time to open a message on the FLP component.

          Regards,

          Sandra

           

           

           

           

           

          (0) 

Leave a Reply