It's full of stars!

  • All Content
  • About

Basis

Basis SAP Security

Troubleshooting SAML 2.0 – Method create_user_to_federate throws exception

Szenario A trust between the SAML 2.0 IdP and SP is created. A user tries to log on to NetWeaver and after successfully logging in at the IdP, the SP is denying access. Problem An error in the BAdI create_user_to_federate is thrown. Exception type CX_SY_REF_IS_INITIAL. Trace Use the diag tool Read more…

By Tobias Hofmann, 5 yearsSeptember 30, 2020 ago
Basis SAP Security

Troubleshooting SAML 2.0 – CX_SAML20_CORE Message is not signed

Szenario A trust between the SAML 2.0 IdP and SP is created. A user tries to log on to NetWeaver and after successfully logging in at the IdP, the SP is denying access. Problem Using the diag tool to get a trace of the SAML 2.0 logon. The incoming request Read more…

By Tobias Hofmann, 5 yearsSeptember 28, 2020 ago
Basis Cloud SAP

Create user in NetWeaver via SAML 2.0 – 5 – Create number range

In the SAML 2.0 SSO logon with automatic user creation scenario, the user is created in the SAP system by a BADI. The user information send by the SAML 2.0 IdP is contained in the SAML response. In my previous blog I have shown how the user profile is configured Read more…

By Tobias Hofmann, 5 yearsSeptember 22, 2020 ago
Basis Cloud SAP

Create user in NetWeaver via SAML 2.0 – 4 – Configure SAML 2.0 Identity Provider

The user creation scenario is an extension to the “simple” SAML 2.0 SSO scenario. Therefore, a pre-requisite is to have the SAML 2.0 IdP and SP configured to trust each other. A logon from IdP to SP with an existing user must work. In my case, the external Identity Provider Read more…

By Tobias Hofmann, 5 yearsSeptember 18, 2020 ago
Basis Cloud SAP

Create user in NetWeaver via SAML 2.0 – 3 – Configure ICF

The ICF configuration is more complex than the standard SAML 2.0 configuration. Instead of just validating the SAML 2.0 response, the response must be validated, and a user created or update. To be able to create / update a user, the response received must be handled by a service user. Read more…

By Tobias Hofmann, 5 yearsSeptember 16, 2020 ago
Basis Cloud SAP

Create user in NetWeaver via SAML 2.0 – 2 – Implement BADI

SAP Help In the previous blog I detailed the BADI provided by SAP for creating and updating a user that logs on via SAML 2.0 and what to take care of. In this blog I’ll detail how to implement the BADI. The implementation means that some ABAP coding is needed. Read more…

By Tobias Hofmann, 5 yearsSeptember 14, 2020 ago
Basis Cloud SAP

Create user in NetWeaver via SAML 2.0 – 1 – Extend BADI

The BADI you have to extend to be able to create or update a user in the SAP NW system based on the SAML 2.0 information is BADI_SAML20_USER_CREATE_UPDATE. It offers two methods, one for creating a new user, one for updating an existing user. Keep in mind that the SAP Read more…

By Tobias Hofmann, 5 yearsSeptember 10, 2020 ago
Basis Cloud OData SAP SAP Cloud

Troubleshooting WebIDE connection error to on premise ABAP system

Assume that you use SAP WebIDE for developing an application and that you have to consume an OData service from an on-premise NetWeaver ABAP system. In SCP, the destination is configured, and SAP Cloud Connector is working. For principal propagation, X.509 is used. Problem When you select the OData service Read more…

By Tobias Hofmann, 5 yearsJuly 27, 2020 ago
Basis SAP Security Technology

SSO Logon with X.509 certificate

SSO logon with an X.509 certificate offers some benefits. In this blog, I’ll cover the main benefits, problems and attention areas when using X.509 for SSO. As a practical example the X.509 logon with NetWeaver ABAP is shown. To access an ICM service on a NetWeaver ABAP system (NW ABAP), Read more…

By Tobias Hofmann, 5 yearsJuly 24, 2020 ago
Basis SAP

X.509 troubleshooting – Enabling trust between NetWeaver and intermediate server

ICM in NetWeaver ABAP is not reading the HTTP header and accepting the transmitted X.509 certificate simply like that. I’ll show here a picture that shows what an intermediate server is sending to NetWeaver. You can see that two certificates are transmitted to SAP: the user X.509 as well as Read more…

By Tobias Hofmann, 5 yearsJuly 21, 2020 ago

Posts navigation

Previous 1 2 3 … 16 Next
  • Datenschutzerklärung
  • Impressum
  • Cookie-Erklärung
Hestia | Developed by ThemeIsle