Setting up SSO for Lumira Server – The Magic Switch
Another request from a customer of ours that I thought I would share with every-one to make your lives easier when you are faced with this 😉 .
When I looked for a solution to this there is nothing that I could find that outlines exactly what you need to do to get this working and hence the blog post.
A key point to remember up front is that Lumira Server runs on your HANA Platform and relies on the XS engine for it’s authorisations.
In the Lumira Server 1.22 install guide there is no current section on SSO but through some searching I managed to find this line in Section 13.1.1 (Page 55) that referred to the Fiori Catalog:
“Perform the procedure outlined in Configure SSO with SAP Logon Tickets for SAP HANA XS Applications in the SAP HANA Administration Guide.“
This lead me to believe that you need to set up SSO on HANA first and then Lumira Server will follow.
This blog post is not intended to be about how to set up SSO. The SAP HANA Administration Guide section 5.10 covers all the ways to set up SSO for the XS Engine:
If you have got SSO working on your HANA box then the Lumira Server set-up is super simple 😎 .
Taking a step back here let’s remember that your Lumira Server will run off the following url/path : http://<servername>:80<instance>/sap/bi/launchpad. The key here is that Lumira Server files and configurations are at /sap/bi/launchpad.
What you need to do next is log into your SAP HANA Admin Console which would be at http://<servername>:80<instance>/sap/hana/xs/admin. Then on the LHS navigate to sap/bi and the click on launchpad and you will get presented with the following screen:
This is the default Security and Authentication that Lumira Server get’s installed with and will result in your end users getting prompted for their login credentials every time they access the Lumira Server URL 😡
All you need to do now, and once again assuming you have SSO working, is to click on the Edit link on the bottom RHS and choose which Authentication method you have implemented for SSO. In the below screenshot I have chosen SPNGEO as an example:
Once you have done this just click Save. Also – in case you missed it the check box above is the “magic switch” 😆
Once that is done you should see the following screen and your users should be able to access the Lumira Server URL with SSO – this is also assuming their user account has the correct access to Lumira Server… but that’s another blog post.
Let me know how you go and happy to try answer and questions that arise.
From a Version point of view I am using:
SAP HANA Rev 92
SAP Lumira Server 1.22
SAP HANA Administration Guide SPS09 – 2004-11-26