It's full of stars!

  • All Content
  • Inside Tracks
  • About

sso

SAP

Troubleshooting SAML 2.0 – SAML 2.0 trace with sec diag tool

SAP provides a nice trace tool for troubleshooting login errors with SAML 2.0: Sec Diag Tool. It is a WebDynpro ABAP application. Make sure to activate the necessary ICF services first before running the tool. URL: /sap/bc/webdynpro/sap/sec_diag_tool/ In NPL: https://vhcalnplci:44300/sap/bc/webdynpro/sap/sec_diag_tool/ With the tool you can start a SAML2 trace. When Read more…

By Tobias Hofmann, 4 months4 months ago
Basis Cloud SAP

Create user in NetWeaver via SAML 2.0 – 3 – Configure ICF

The ICF configuration is more complex than the standard SAML 2.0 configuration. Instead of just validating the SAML 2.0 response, the response must be validated, and a user created or update. To be able to create / update a user, the response received must be handled by a service user. Read more…

By Tobias Hofmann, 4 months5 months ago
Basis Cloud SAP

Create user in NetWeaver via SAML 2.0 – 1 – Extend BADI

The BADI you have to extend to be able to create or update a user in the SAP NW system based on the SAML 2.0 information is BADI_SAML20_USER_CREATE_UPDATE. It offers two methods, one for creating a new user, one for updating an existing user. Keep in mind that the SAP Read more…

By Tobias Hofmann, 5 months5 months ago
Basis SAP Security Technology

SSO Logon with X.509 certificate

SSO logon with an X.509 certificate offers some benefits. In this blog, I’ll cover the main benefits, problems and attention areas when using X.509 for SSO. As a practical example the X.509 logon with NetWeaver ABAP is shown. To access an ICM service on a NetWeaver ABAP system (NW ABAP), Read more…

By Tobias Hofmann, 6 months6 months ago
Cloud SAP

SAML 2.0 Configuration with SAP Gateway as SP and Keycloak as IdP

This is the introduction blog on how to activate SAML 2.0 based logon on SAP NetWeaver ABAP systems. The example configuration shown here is using SAP Gateway. It is the same procedure for any SAP NetWeaver ABAP system that allows SAML 2.0 logons. The system used while writing the blog Read more…

By Tobias Hofmann, 11 months12 months ago
Basis OData SAP

FND – 44 – Configure SAP Gateway (FND) to accept assertion ticket from SAP backend (BEP)

Yes, this item should be under BEP and not HUB, but I am following SAP Help here, so sorry for the confusion! The configuration steps to be executed on the HUB system (FND) are detailed at SAP Help. The steps are for the OData Channel Service for backend system. Basic Read more…

By Tobias Hofmann, 6 years6 years ago
Basis OData SAP

FND – 43 – Configure SAP backend system (BEP) to accept assertion ticket from SAP Gateway

Yes, this item should be under BEP and not HUB, but I am following SAP Help here, so sorry for the confusion! The configuration steps to be executed on the HUB system (FND) are detailed at SAP Help. The steps are for the OData Channel Service for backend system. Basic Read more…

By Tobias Hofmann, 6 years6 years ago
  • Datenschutzerklärung
  • Impressum
It's full of stars | Where documentation meets reality
I use cookies to ensure that I can give you the best experience on my personal website. If you continue to use this site I will assume that you are happy with it.Ok