Skip to Content
Author's profile photo Dong Pan

SAP BusinessObjects Cloud – Setup SAML 2.0 Single Sign-On with Remote HANA Systems

Update Oct 11, 2016: with the introduction of Simple URL to SAP BusinessObjects Cloud in the recent release, significant architectural changes have been brought into the BOC landscape that have implications on the reverse proxy configuration. I have written a new blog post that covers the necessary changes. The scenario in this blog and how-to guide stays valid, but the reverse proxy settings are impacted. Check out the new blog for more details: What’s Changed – Setup Remote HANA Connection with SAML SSO in SAP BusinessObjects Cloud

Many customers enjoy the benefits of live HANA connection in SAP BusinessObjects Cloud. One of the key benefits is that the data-level security/authorization is handled by the backend HANA system, so the BusinessObjects Cloud administrator does not have to handle data-level security. In this scenario, each live connection session is under the end user’s own HANA user context; however, nobody likes to manually type in their HANA user credential after logging in to BusinessObjects Cloud. SAP BusinessObjects Cloud supports SAML 2.0-based Single Sign-On (SSO), which streamlines the login process and eliminates the need of typing in backend HANA user credentials repeatedly.


The configuration of SAML 2.0 SSO for SAP BusinessObjects Cloud and SAP HANA involves a lot of steps on various infrastructure components, so I’ve written an end-to-end how-to guide to help you understand the concept and the necessary steps. The guide is based on Apache reverse proxy and SAP NetWeaver SSO SAML 2 Identity Provider. If you have not setup your reverse proxy for the live HANA connection, check out my blog SAP BusinessObjects Cloud – Setup Connection to Remote HANA Systems via Apache Reverse Proxy first.


Without further ado, you can find the how-to guide here:


If you are looking for information on setting up SAML 2.0 SSO against Microsoft Active Directory Federation Service (ADFS), read this very informative blog How to setup SAML with ActiveDirectory (ADFS) written by my colleague Greg Wcislo.


I hope you find the document helpful, and feel free to raise questions below.


Cheers šŸ™‚

Assigned Tags

      You must be Logged on to comment or reply to a post.
      Author's profile photo Jee Hye Yang
      Jee Hye Yang

      Hi Dong, Thanks for your sharing!

      Author's profile photo Harjeet Judge
      Harjeet Judge

      Nice work Dong!

      Author's profile photo Stephan RoƟmanith
      Stephan RoƟmanith

      Hi Dong,

      great guide! But is there a guide for SSO with SAP Web Dispatcher instead of Apache?

      Regards, Stephan

      Author's profile photo Matthew Shaw
      Matthew Shaw

      Yet another great blog.