on 10-27-2014 2:09 PM
Hi Experts,
As per my understanding there are 2 ways of configuring SSO between BI 4.1 and HANA servers.
Apart from configuration method/steps what is difference of these two ways? What aspects should be considered before opting for any one approach? what are the benefits for both approach?
Note: We don’t have Kerberos based authentication in BI and HANA environment.
Thank you in advance!
Regards,
Rahul
Hello,
technically i cant say whats the difference. Whats pretty sure is that SAP "only" supports the SAPCryptoLib in the case of SAP BI. I think you wont be able to raise any Incidents with the SAP Support when using OpenSSL on SAP BI Level.
You dont need Kerberos for configuring SSO between SAP BI and HANA. This will be achieved sia SAML. So you can use it with Enterprise, LDAP, Win AD or SAP Authentication. Please refer to this Blog:
If you need a clearer statement i would recommend you open an Incident with the SAP Support and ask if we support OpenSSL for SAP BI and whats the difference to SAPCryptoLib.
Regards
-Seb.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Seb,
Thank you for your prompt response!
I was looking more specific to advantages for any of the option, I am aware that Kerberos/Windows AD authentication is not required, the intention to mention that was to give deeper insight about our environment for best suited suggestions.
I guess I should officially get communication from SAP for the support point that you mentioned if we opted for OPEN SSL SSO approach.
Regards,
Rahul
There is only one method (aside from kerberos) which is SAML. What you are referring to is the encryption libraries used to secure the SAML ticket sent from the BI system to the HANA system.
Technically, the cryptographic libraries should be interchangeable, they have one function to perform which is the encryption/digital signature.
On the HANA side, you are going to find a lot more materials and better support with using sap crypto.
However do not confuse the SSO method (SAML) with the encryption method of the communication over the wire.
Thank you for clarification Greg!
Just a small doubt, We are performing this trial test run using temp license keys before building/moving to the actual environment. Can we use the same crypto lib that we have downloaded from SAP Service Market Place?
Regards,
Rahul
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
84 | |
24 | |
12 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.