cancel
Showing results for 
Search instead for 
Did you mean: 

SAML configuration

Former Member
0 Kudos

Hi All,

We have a requirement to configure SAML for SSO (Single-Sign-On) to SAP Enterprise Portal from an external system. Hence the portal would be the target system and the external system would be the source system. Assuming that the User IDs in both the systems are same, will SSO(SAML) work if the password expires in the target system.

Secondly, though the steps for configuring SAML is given in help.sap.com, certain things are not clear. In the section "Configuring the SAML Parameters", one of the steps talk about setting "SourceID" which is given as (20-byte sequence provided by the source site. Use the prefix Hex: or B64: to specify the format of the source ID as follows). How is this obtained?

Any pointers from someone who has experience configuring SAML would be greatly appreciated.

Thanks.

Accepted Solutions (0)

Answers (1)

Answers (1)

siarhei_pisarenka3
Active Contributor
0 Kudos

Hi Suresh

>Secondly, though the steps for configuring SAML is given in help.sap.com, certain things are not clear. In the section "Configuring the SAML Parameters", one of the steps talk about setting "SourceID" which is given as (20-byte sequence provided by the source site. Use the prefix Hex: or B64: to specify the format of the source ID as follows). How is this obtained?

If you use NWA to configure SAML scenario you do not need to care about this. NWA -> SAML Browser/Artifact view provides a drop-down for the two SourceID formats. Moreover, in NWA you do not need to specify the 20-byte sequence by yourself, because the corresponding field is read-only and calculated automatically. The 20-byte sequence is generated based on URL property. When you change URL the SourceID will be regenerated by the UI.

BR, Sergei

Former Member
0 Kudos

Thanks Sergei for your response. I have a few clarifications.

Since we are configuring SAML on AS Java for providing SSO to an external system, the SAP AS Java would become the "Service Provider". The team related to the external system are asking for details such as

1) How would the SAML request to SAP AS Java look like? What all parameters would be present in SAML request/assertion?

2) How will the SAML response from SAP AS Java look like? What all parameters would they receive back?

3) What will be the SAML error codes?

4) How will the request timeout be handled?

Also if we are using Visual Admin for configuration, will Source Id be NOT required (or need not be specified explicitly) as in the case of NWA.

We were not able to get much info for these queries on net. Any help in this regard would be of great help.

Thanks in advance.

siarhei_pisarenka3
Active Contributor
0 Kudos

Hello Suresh

Actually my knowledge in SAML SSO is not strong enough for answering the questions. What I did was a clear SAML configuration in NWA and also usage of SAP SAML API. I do not know anything about SAML request/response on runtime.

I can recommend you to read the following topic (with sub topics) on helP.sap.com: [Using SAML Browser Artifacts|http://help.sap.com/saphelp_nwpi71/helpdata/en/2d/d1f1285432da4d8ff121b47363e54d/frameset.htm].

Maybe you can find the answers there.

BR, Sergei