cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Can Multiple service providers be configured in one NW AS JAVA SAML config

Go to solution
former_member209809
Active Participant

on ‎07-31-2015 11:38 AM

0 Kudos

Hello Experts,

We want to configure SSO using SAML between Active Directory and SAP SRM system.

SRM system version is SRM 4.0 which does not support SAML so we are routing this authentication request (token) via SAP Enterprise portal which is on NW 7.31.

In SAP Portal one service provider is already configured for an alias created for Portal itself.

Now we have created another alias for SRM system and same needs to be configured in SAP EP so my query is

What should i do now,

1) Either i should ask IAM team to regenrate metadata again for new alias or

2) Can i create another service provider somehow in NW and download the proceed further.

Sorry if i sounded unaware about SSO terminologies as i am a newbie in this era.

Warm Regards,

Sumit Jha

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

former_member198633
Contributor
‎08-04-2015 8:59 AM
0 Kudos

Hello Sumit,

It can be done, you can use multiple SPs either with SP (front channel) or IdP (back channel) initiated SAML2.0 configuration.

Please check out the help guides: link1 and link2.

Regards,

Peter

Show replies
Show replies

Answers (1)

Answers (1)

former_member182254
Active Participant
‎08-04-2015 8:14 PM
0 Kudos

Hello Sumit,

You do not need multiple service providers on the Portal.

If you want that the Portal is accessed with different aliases then you can do the following, assuming you use Microsoft ADFS as an IDP:

- For each Portal alias add manually new Assertion Consumer Service (ACS) URL in ADFS for the Portal (trusted relying party), e.g. https://portal1.acme.com/irj/portal, https://portal2.acme.com/irj/portal, etc.

- On the Portal system in NWA -> Authentication & SSO -> SAML 2.0 -> Trusted Providers: select the entry for the ADFS and under "Authentication Requirements" select "Application URL" for the authentication response setting.

If the user accesses different URL on the Portal for the SRM scenario then instead of https://<portalalias>/irj/portal add this URL as ACS URL in the ADFS configuration.

Best regards,

Dimitar Mihaylov

Show replies
Show replies
Ask a Question