Problem: Establishing SSO between EP7.0(UC)  to SRM 4.0(non unicode)

Similar Messages

• Different ways to establish SSO between Portal and ADP

  Hi,
  We are implementing payroll with the help of ADP.
  Please let me know different ways of establishing SSO between portal  and ADP
  Thanks
  Bala Duvvuri

  You may a few issues. SSO with logon tickets is based on accessing web sites in the same domain. So, if the portal is on http://ourportal.company.com, then the web site being accessed needs to have a URL like http://adphosted.company.com. Is the ADP system accessible by a DNS alias that is within company.com? If so, you're OK. If not, then there will be problems.
  The other SSO method is user mapping, but the security implications are not good...

• Difference between IN LEGACY TEXT MODE & TEXT MODE ENCODING NON-UNICODE

  Hi,
  We're upgrading to ECC5 and the 'open dataset' command needs amending if the program is flagged for Unicode (which usually occurrs in user/fm exits). Therefore is ECC5 this command is no longer valid:
  "open dataset DSN in text mode"
  We currently interface with systems that may not have unicode enabled. Yet we have not enabled unicode in our own system just yet.
  So we think these two commands are the most approriate for replacing the 'old' open dataset command:
  "open dataset DSN for input in TEXT MODE encoding NON-UNICODE"
  "open dataset DSN in LEGACY TEXT MODE for input"
  However we're not really sure what the difference between these two commands is?
  Has anyone worked with these commands?
  Could you offer some help as to their differences and when each should be used?
  Many thanks!

  Hi Robert,
     Here is an excerpt from sap documentation.
  ... TEXT MODE ENCODING {DEFAULT|UTF-8|NON-UNICODE}
  Effect:
  The addition IN TEXT MODE opens the file as a text file. The addition ENCODING defines how the characters are represented in the text file. When writing in a text file, the content of a data object is converted to the representation entered after ENCODING, and transferred to the file. If the data type is character-type and flat, trailing blanks are cut off. In the data type string, trailing blanks are not cut off. The end-of-line marking of the relevant platform is applied to the transferred data by default. When reading from a text file, the content of the file is read until the next end-of-line marking, converted from the format specified after ENCODING into the current character format, and transferred to a data object.
  The end-of-line marking depends on the operating system of the application server. In the MS Windows operating systems, the markings "CRLF" and " LF" are possible, while under Unix, only "LF" is used. If, when using Windows, an existing file is opened without the TYPE addition (see os_addition), the first end-of-line marking is found and used for the whole file. If a new file is created without the TYPE addition, the content of the profile parameter abap/NTfmode is used. If the profile parameter is not set, "CRLF" is used. If a file with the TYPE addition is opened and a valid value is contained in attr, this value is used.
  In Unicode programs, only the content of character-type data objects can be transferred to text files and read from text files. The addition ENCODING must be specified in Unicode programs, and can only be omitted in non-Unicode programs.
  The additions after ENCODING determine in which character representation the content of the file is handled.
  DEFAULT
  In a Unicode system, the designation DEFAULT corresponds to the designation UTF-8, and the designation NON-UNICODE in a non-Unicode system.
  UTF-8
  The characters in the file are handled according to the Unicode character representation UTF-8.
  NON-UNICODE
  In a non-Unicode system, the data is read or written without being converted. In a Unicode system,the characters in the file are handled according to the non-Unicode-codepage that would be assigned to the current text environment according to the database table TCP0C, at the time of reading or writing in a non-Unicode system.
  If the addition ENCODING is not specified in non-Unicode programs, the addition NON-UNICODE is used implicitly.
  ... LEGACY TEXT MODE [{BIG|LITTLE} ENDIAN] [CODE PAGE cp]
  Effect:
  Opening a Legacyfile. The addition IN LEGACY TEXT MODE opens the file as a legacy text file. As with legacy binary files, the byte order and the codepage with which the content of the file should be handled can also be specified. The syntax and meaning of {BIG|LITTLE} ENDIAN and CODE PAGE cp are the same as for legacy binary files.
  In contrast to legacy binary files, the trailing blanks in a legacy file are cut off when writing character-type flat data objects in a legacy text file. As for a text file, an end-of-line marking is also applied to the transferred data. In contrast to text files opened with the addition INTEXT MODE, Unicode programs do not check whether the data objects used for reading or writing are character-type. Furthermore, the LENGTH additions of the statements READ DATASET and TRANSFER are used for counting in bytes in legacy text files and in the units of a character represented in the memory for text files.
  Note:
  As with legacy binary files, text files that have been written in a non-Unicode system can be accessed in Unicode systems as legacy text files, and the content is converted accordingly.
  Example
  A file test.dat is created as a text file, filled with data, changed, and exported. As every TRANSFER statement applies end-of-line marking to written content, after the change, the content of the file has two lines. The first line contains "12ABCD". The second line contains "890". The character "7" has been overwritten by the end-of-line marking of the first line.
  DATA: file   TYPE string VALUE `test.dat`,
        result TYPE string.
  OPEN DATASET file FOR OUTPUT IN TEXT MODE ENCODING DEFAULT.
  TRANSFER `1234567890` TO file.
  CLOSE DATASET file.
  OPEN DATASET file FOR UPDATE IN TEXT MODE ENCODING DEFAULT
                               AT POSITION 2.
  TRANSFER `ABCD` TO file.
  CLOSE DATASET file.
  OPEN DATASET file FOR INPUT IN TEXT MODE ENCODING DEFAULT.
  WHILE sy-subrc = 0.
    READ DATASET file INTO result.
    WRITE / result.
  ENDWHILE.
  CLOSE DATASET file.
  Regards,
  Ravi

• Establish SSO between OBIEE 10g/11g and SAP BW

  We would like to know if there is a provision in SAP to use
  Single-Sign-On mechanism between 3rd party reporting tool and SAP BW7,
  where in the 3rd party tool uses XMLA connector.
  The 3rd party tool that we are using is Oracle Business Intelligence
  Suite Enterprise Edition Plus (OBIEE version 10.1.3.4.1) which connects
  to SAP using XMLA connector.OBIEE is on Oracle Application Server (OC4J
  server). We would like to now if there is single-sign-on mechanism
  between OC4J and SAP.
  If we use OBIEE 11g using Weblogic would we have any additional options
  for single sign on with SAP BW7

  Hi,
  ABAP stack should support SAML in newer version (maybe 7.02). Anyway, SSO cookie has a simple structure and it's signed by private key. The receiving system just verifies signature using public key.I've seen somewhere on net that somebody uses proxy to authenticate user, generate SSO ticket and redirect user to SAP system. So you could try to implement custom solution. Obviously, these homemade solutions have disadvantages.
  Good luck,
  Cheers

• What is the best way to establish sso between iphone and IIS?

  Hi experts,
  I try to configure the SCEP, and I can view a IIS content with "Certificate required", but, can I validate the username with this certificate?
  thanks in advance,

  Hi,
  Yes, TCP/IP is most universal way for the communication. Otherwise you should develop some parts for establish connection / break connection / wait for the data. This way also good when you need to transfer the data across network.
  Another possible way is following: you can create DLL from your LabVIEW code, then call this dll from your C# application, and interchange the data through this DLL. Here you can use different techniquies (also TCP/IP as well). The advantage of this method that you will establish LabVIEW<->LabVIEW communication.
  In attached example I have create "quick and dirty" project with shared variables. LabVIEW application will write the shared variable, then external application will read this, increment variable, then LabVIEW will read it back. I have used CVI, but you can call SharedLib from C#, here no differences.
  Something like that:
  best regards,
  Andrey.
  Message Edited by Andrey Dmitriev on 10-28-2008 03:17 PM
  Attachments:
  App Intercomm Test.zip ‏224 KB
  ScreenshotSV.png ‏13 KB

• MDIChildren flickering problem while switching between child form with dockstyle.fill and borderstyle.none

  I have an mdi applicaton in Visual studio 2010 (.Net framework 4.0). I'm having a flickering problem when user switch between an MDI Child form. I'm declaring the child form then setting the borderstyle.none at design time and dock property to fill
  through programming and make them a MDIChildren before I show them so that it takes up the entire space of the MDI Parent window without being maximized (client request). 
  i don't want to display control box(minimize, maximize,close) of child form in mdi parent form. (client request)
  The problem is that when the child form is being displayed it is briefly shown in it's default size with icon and control box before being resized to fill the available area on the MDI Parent form. When a Child Form loads, you can see it in it's original
  size (the size from Design-time) then all this flickering while maximizing .
  In other words, child form show up in the client area of the MDIForm, not maximized, with a caption, very shortly, before they are finally filling the client area. there is a short flicker when a new form is created and displayed. This process is most noticeable
  with a not-so-powerful PC or there are lots of control inside child form.
  below is my code to show child form 
     MyChild1 c1 = new MyChild1();
                              c1.MdiParent = MdiMainParent;
                              c1.Dock = DockStyle.Fill;
     c1.Show(); 
  how can i solved the problem of flickering issue?
  I tried many options which i have described below
  1.double buffering.
  2.set style property to child form
        this.SetStyle(ControlStyles.UserPaint, true);
        this.SetStyle(ControlStyles.AllPaintingInWmPaint, true);
        this.SetStyle(ControlStyles.DoubleBuffer, true); 
  3. override below method in each child form
  protected override CreateParams CreateParams
              get
                  CreateParams cp = base.CreateParams;
                  cp.ExStyle |= 0x02000000;
                  return cp;
  4. override below method in each child form
    const int WM_NCPAINT = 0x85;
          const int WM_SIZE = 0x05;
          protected override void WndProc(ref Message m)
              if (m.Msg == WM_NCPAINT)
                  if (this.WindowState == FormWindowState.Maximized)
                      return;
              if (m.Msg == WM_SIZE)
                  if (this.WindowState == FormWindowState.Maximized)
                      return;
              base.WndProc(ref m);
  but I didn't see any effects.  please someone help me to resolve flickering issue. thanks in advance.

  Hi hardikvaishnav,
  This is a known issue which has been reported to Microsoft Connect. Unfortunately, this issue will not fix due to stability issues around MDI. For more details, see 
  https://connect.microsoft.com/VisualStudio/feedback/details/97787/border-of-mdi-child-form-flashes-up-despite-formborderstyle-none.
  You might use a user control or panel instead.
  Best Regards,
  Bob Wu [MSFT]
  MSDN Community Support | Feedback to us

• SSO between BW and Sharepoint

  Hi,
  We have a situation where we want to establish SSO between SAP BW (3.5 with out java stack running on UNIX machine) and MS Sharepoint server.
  Can you kindly let me know what could be the best solution and any documentation?
  I've looked at various docs and mostly all are boiling down to have a Java Stack. I'm unable to figure out a correct solution for the above scenario.
  Thanks and regards
  Aarthi

  Hi Andre,
  We have Windows NTLM (not kerberos) enabled for IWA to logon to Sharepoint portal.
  Thanks and regards
  Aarthi

• SSO between SAP Portal 7.3 and Ruby on Rails

  Hello Everyone,
  We are planning to integrate SAP Portal 7.3 and a RoR application and I am wondering If someone can share some experience (If you have any of course) on how to establish SSO between SAP Portal and RoR.
  The SAP Portal will act as service provided and RoR as a consumer, we don't have LDAP, so the Portal UME is in ABAP and RoR uses an own UME database. We have SSO between our Portal and SAP Backend systems.
  In RoR customers will have access to their own information (Invoices, etc..) that will be provided by the backend system.
  URL transaction and iFrames is not an option for us.
  The second option is to call Web Services, directly or through the SAP Portal (we are using a central sr).
  I am a NetWeaver consultant who heard about RoR but have no experience in this field.
  All help and tips are greatly appreciated!.
  Regards,
  Ridouan

  We used Client certificates. Still working on the PoC.

• SSO between Portal and Nakia.....problem with SSO... library not found..

  Hi Sdn's  and Nakisa tehnical experts,
  We have a Portal environment 7.02 , a Nakisa environment 3.0  (CE) and and HR backend environment 701 (604).
  We are busy setting up SSO between Portal and Nakisa via the, URL iview for the Org chart (http://<host>:<port>OrgChart/default.jsp).
  We have done as indicated in wiki:
  http://wiki.sdn.sap.com/wiki/display/ERPHCM/SAPSSOAuthenticationwithverify.pseusingSAPSSOEXT
  We are however stil having issues with the SSO and in the cds.log the following is being displayed:
  ++01 Aug 2011 13:11:42 ERROR com.nakisa.Logger  - com.mysap.sso.SSO2Ticket : Could not load library: sapsecu.dll - java.lang.Exception: MySapInitialize failed: rc= 14null++
  ++01 Aug 2011 13:11:42 ERROR com.nakisa.Logger  - com.nakisa.framework.login.Credentials_SapSso : java.lang.Exception: MySapEvalLogonTicketEx failed: standard error= 9, ssf error= 0++
  ++01 Aug 2011 13:11:42 ERROR com.nakisa.Logger  - com.nakisa.framework.login.Credentials_SapSso : Internal error (9) - No SSF error (0)++
  Can someone indicate what I am doing wrong?
  Regards Dries

  Hi Luke,
  thanks a lot for your help so far.
  I have created a root/XML folder under the diretory, and the path is now as follows:
  K:\usr\sap\NKP\J14\j2ee\cluster\apps\Nakisa\OrgChart\servlet_jsp\OrgChart\root\.system\Admin_Config\__000__Sasol_DEV_LIVE\.delta\root\XML
  It seems like it finds the verify.pse, but not the library, sapsecu.dll.
  My credentials.xml file is as follows:
  <credentials>
  <assembly name="SapSso"/>
    <info>
      <item name="PseFilePath">XML\verify.pse</item>
      <item name="SsfLibFilePath">XML\sapsecu.dll</item>
      <item name="PsePassword"></item>
      <item name="WindowsPlatform">64</item>
      <item name="TicketFile"></item>
      <item name="Base64decode">true</item>
     </info>
  </credentials>
  I however stilll get the following in the cds.log
  15 Aug 2011 13:59:53 INFO  com.nakisa.Logger  - Tenant ID: 000
  15 Aug 2011 13:59:55 INFO  com.nakisa.Logger  - LoginSettingsObject Load: 1719
  15 Aug 2011 13:59:55 INFO  com.nakisa.Logger  - com.nakisa.framework.login.Main : LogIn : Credential provider SapSso
  15 Aug 2011 13:59:55 INFO  com.nakisa.Logger  - com.nakisa.framework.login.Credentials_SapSso : Using cert: K:\usr\sap\NKP\J14\j2ee\cluster\apps\Nakisa\OrgChart\servlet_jsp\OrgChart\root\XML\verify.pse
  15 Aug 2011 13:59:55 INFO  com.nakisa.Logger  - com.nakisa.framework.login.Credentials_SapSso : Ticket is: AjExMDAgAA9wb3J0YWw6eXNzZWxhZ2OIABNiYXNpY2F1dGhlbnRpY2F0aW9uAQAIWVNTRUxBR0MCAAMwMDADAANEUDkEAAwyMDExMDgxNTExNDcFAAQAAAAICgAIWVNTRUxBR0P%2FAQQwggEABgkqhkiG9w0BBwKggfIwge8CAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHATGBzzCBzAIBATAiMB0xDDAKBgNVBAMTA0RQOTENMAsGA1UECxMESjJFRQIBADAJBgUrDgMCGgUAoF0wGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMTEwODE1MTE0NzIwWjAjBgkqhkiG9w0BCQQxFgQUK13ubzFiQrY4H%2FLRk2ysyvPSvccwCQYHKoZIzjgEAwQuMCwCFF1W9d!tAjLvP8dnb1bs4XghaHSBAhQ9kd9N!bJubUWITtkzU!za96lxNg%3D%3D
  15 Aug 2011 13:59:55 INFO  com.nakisa.Logger  - com.nakisa.framework.login.Credentials_SapSso : Version of SAPSSOEXT: SAPSSOEXT 4
  15 Aug 2011 13:59:55 INFO  com.nakisa.Logger  - com.nakisa.framework.login.Credentials_SapSso : SCUE LIB base path is:
  15 Aug 2011 13:59:55 ERROR com.nakisa.Logger  - com.mysap.sso.SSO2Ticket : Could not load library: sapsecu.dll - java.lang.Exception: MySapInitialize failed: rc= 14null
  15 Aug 2011 13:59:55 ERROR com.nakisa.Logger  - com.nakisa.framework.login.Credentials_SapSso : java.lang.Exception: MySapEvalLogonTicketEx failed: standard error= 9, ssf error= 0
  15 Aug 2011 13:59:55 ERROR com.nakisa.Logger  - com.nakisa.framework.login.Credentials_SapSso : Internal error (9) - No SSF error (0)
  15 Aug 2011 13:59:55 INFO  com.nakisa.Logger  - com.nakisa.framework.login.Main : LogIn : User to authenticate null
  15 Aug 2011 13:59:55 INFO  com.nakisa.Logger  - com.nakisa.framework.login.Main : LogIn : Authentication provider SapSso
  15 Aug 2011 14:00:00 INFO  com.nakisa.Logger  - com.nakisa.framework.login.Main : LogIn : User authenticated null
  15 Aug 2011 14:00:00 INFO  com.nakisa.Logger  - com.nakisa.framework.login.Main : LogIn : Authentication row is {SapSsoTicket=AjExMDAgAA9wb3J0YWw6eXNzZWxhZ2OIABNiYXNpY2F1dGhlbnRpY2F0aW9uAQAIWVNTRUxBR0MCAAMwMDADAANEUDkEAAwyMDExMDgxNTExNDcFAAQAAAAICgAIWVNTRUxBR0P%2FAQQwggEABgkqhkiG9w0BBwKggfIwge8CAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHATGBzzCBzAIBATAiMB0xDDAKBgNVBAMTA0RQOTENMAsGA1UECxMESjJFRQIBADAJBgUrDgMCGgUAoF0wGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMTEwODE1MTE0NzIwWjAjBgkqhkiG9w0BCQQxFgQUK13ubzFiQrY4H%2FLRk2ysyvPSvccwCQYHKoZIzjgEAwQuMCwCFF1W9d!tAjLvP8dnb1bs4XghaHSBAhQ9kd9N!bJubUWITtkzU!za96lxNg%3D%3D}
  15 Aug 2011 14:00:00 INFO  com.nakisa.Logger  - com.nakisa.framework.login.Main : LogIn : User population provider is Database
  15 Aug 2011 14:00:00 INFO  com.nakisa.Logger  - FunctionRunner : ensurePool : Current pool size:0
  15 Aug 2011 14:00:00 INFO  com.nakisa.Logger  - FunctionRunner : ensurePool : Current pool size:0
  15 Aug 2011 14:00:00 INFO  com.nakisa.Logger  - FunctionRunner.executeFunctionDirect: /NAKISA/RFC_REPORT took: 266ms
  15 Aug 2011 14:00:00 INFO  com.nakisa.Logger  - BAPI_SAP_OTFProcessor_Report :  WhereClause : ( (Userid is null) or (Userid='') ); Table : (SAP_UserPopulation); Dataelement : (UserPopulationInfo)
  15 Aug 2011 14:00:00 INFO  com.nakisa.Logger  - com.nakisa.framework.login.Main : LogIn : User populated
  15 Aug 2011 14:00:00 INFO  com.nakisa.Logger  - com.nakisa.framework.login.Main : LogIn : Role mapping provider is: SAP
  15 Aug 2011 14:00:00 ERROR com.nakisa.Logger  - SAPRoleMapping_SAP.MapRoles() : while trying to invoke the method java.lang.String.toUpperCase() of an object loaded from local variable 'value'
  15 Aug 2011 14:00:00 INFO  com.nakisa.Logger  - com.nakisa.framework.login.Main : LogIn : Login process finished with errors
  Any ideas? Should I maybe hardcode the location in the credentials.xml?
  Kind regards
  Dries Yssel

• Problem in SSO..Please guide

  Hello All,
  Am trying to establish a SSO connection between EP7 SR2 Sneak Preview Portal and ECC5.0 using Logon Tickets.
  Using this link for the same - http://help.sap.com/saphelp_nw2004s/helpdata/en/1c/22afe3b26011d5993800508b6b8b11/frameset.htm
  Have downloaded the verify.der certificate and added into R/3 using the STRUSTSSO2 T-code and have added to ACL too.
  Problem:
  I need to maintain table TWPSSO2ACL using sm30 which am not able to.
  When I enter the table name and press enter, then either I hit Display or Maintain, I get an error saying "<b>View/table TWPSSO2ACL can only be displayed and maintained with restrictions</b>".
  Am not into R/3...please guide me....
  Get the above error even when I select "No Restrictions or Enter condition" from the Restrict Data Range section.
  Awaiting Reply.
  Thanks and Warm Regards,
  Ritu

  But then the Connector test is failing. It gives an error as "Connection failed. Make sure user mapping is set correctly and all connection properties are correct"
  What needs to be done here?
  On the other hand, all this works fine using User-Mapping, the Connector test + the SAP Transaction iView.
  Pleae guide.
  Awaiting Reply.
  Thanks and Warm Regards,
  Ritu

• SSO between custom C++ application and web browser

  Hello.
  I have a bit of problems figuring out how to do SSO functionality between a Browser and a custom client (custom protocol over HTTP).
  I want it to work as follows: If the user logs in in the HTTP client, the user is already logged in in the custom client, and vice versa.
  I thought this could be implemented my reading and writing cookie values from the browser in my custom client, but it seems like the cookies set are all without expiration. IE handles these cookies private in a process, and so I can't get a hold of it.
  How do I implement SSO between clients if I can't base it on cookie values?
  Regards
  Kyrre.

  Any comment?

• SSo between Portal 6.0 and  Portal 7.0

  Hi,
  We want to enable single sign on between Portal 6.0 and  Portal 7.0.
  Our scenario is, In Portal 7.0 on click of  role or workset, Portal 6.0 have to be opened in a new window without asking user ID and Password.
  What are the steps, I need to follow to achieve this.
  Thanks & Regards,
  Bala

  Hi Bala,
  This [thread|Re: SSO between ep6 and ep7]should give you a kick start.
  Good Luck!
  Sandeep Tudumu

• SSO Between SAP EP 7.0u2013 BOXIR2 SP1 u2013 BW3.5 Is SNC required?

  We are trying to enable SSO between SAP EP, BO and BI so that users will be able to access Crystal reports (which have got backend as BW) from Enterprise Portal which are scheduled in BO enterprise server
  Below are the details on our landscape.
  1) SAP EP 7.0 Integrated with AD and SP Nego configured(if it fails users will use AD user id and pwd)
  2) BO u2013 AD authentication is available as well as SAP Authentication got enabled using SAP BO Integration Kit. In BO reports are there which got backend as BW and scheduled successfully.
  3) BW 3.5 is using SAP authentication(Not AD authentication)
  4) SSO has been established between SAP EP and BW (user ids will be same in AD and BW)
  5) BO has two servers bo1.yy.comp.com and bo2.yy.comp.com
  6) SAP EP and BW has domain names as EP.xx.yy.comp.com and BW.xx.yy.comp.com u2013 additional u201Cxxu201D is there in the domain trail. So we have created a dns entry bo.xx.yy.comp.com which will resolve to bo2.yy.comp.com (CMS is running in this server) so that we meet the prerequisite for SSO with EP u2013 BO - BW.
  7) BW is not configured with SNC.
  Question 1- As per point 3 u2013 SAP Authentication is available in BO u2013
  So in that BO server can we use ASPX page to read MYSAPSSO2 cookie generated by SAP EP and use that cookie to access report which got BW as backend?
  Question 2
  Do we need any more configuration for the SSO from EP - BO u2013 BW? (do we need to go for SNC?)
  Even after reading many threads I couldn't understand the flow of SSO. Any advice will really help us overcome the hurdles.
  Thanks in Advance
  JayCeeDee

  Question 1- As per point 3 u2013 SAP Authentication is available in BO u2013
  So in that BO server can we use ASPX page to read MYSAPSSO2 cookie generated by SAP EP and use that cookie to access report which got BW as backend?
  >>> Assuming you are getting SSO tickets from the portal that happens automatically when the SAP authentication is configured.
  Question 2
  Do we need any more configuration for the SSO from EP - BO u2013 BW? (do we need to go for SNC?)
  >> You mention on the one hand SSO tickets, on the other hand Windows AD. Which one is it ? What is the authentication that the user will leverage to connect to the BusinessObjects Server ?
  Ingo

• SSO between EP and ECC-- JCo RFC Provider- Error-- JCO_ERROR_SERVER_STARTUP

  Hello Everyone
  I am setting Up SSO between my EP 7.0 and my ECC 6.0 system. During the phase JCO RFC PRovider i am giving the following values:
  The following was done;
  1. start Visual Administrator -> Service : Choose JCo RFC Provider
  2. Created JCo RFC provider:
  Program ID: SAPJ2EE_Port
  Gateway host: EPDEV ( host of my EP System)
  Gateway service: sapgw00
  Server Count 5
  Application Server Host: ERP6 ( Host of my ECC System)
  System Number: 00
  Client: 000
  Language: EN
  User: SAPJSF
  Password: ..
  When i click on SET i am getting the error " ERROR When ADDING TO BUNDLE" Check LOG FOR DETAILS".
  I checked the DEFAULTTRACE.TRC and get the following MEssage :
  Date , Time , Message , Severity , Category , Location , Application , User
  03/01/2011 , 3:33:30:101 , Error changing bundle SAPJ2EE_PORT , Error , /System/Server , com.sap.engine.services.rfcengine.RFCRuntimeInterfaceImpl.addBundle(BundleConfiguration conf) ,  , Administrator
  03/01/2011 , 3:33:30:085 , com.sap.mw.jco.JCO$Exception: (129) JCO_ERROR_SERVER_STARTUP: Server startup failed at Tue Mar 01 03:33:30 PST 2011.
  This is caused by either a) erroneous server settings, b) the backend system has been shutdown, c) network problems. Will try next startup in 1 seconds.
  Could not start server: Connect to SAP gateway failed
  Connect parameters: TPNAME=SAPJ2EE_PORT GWHOST=EPDEV GWSERV=sapgw00
  ERROR       partner 'EPDEV:sapgw00' not reached
  TIME        Tue Mar 01 03:33:30 2011
  RELEASE     700
  COMPONENT   NI (network interface)
  VERSION     38
  RC          -10
  MODULE      nixxi.cpp
  LINE        2823
  DETAIL      NiPConnect2
  SYSTEM CALL connect
  ERRNO       10061
  ERRNO TEXT  WSAECONNREFUSED: Connection refused
  COUNTER     1
  I have configured my SLD as well. Any suggestions. Please Advise.

  Hi Ahmed,
  Please do check the validity of the certificate.
  Please do cross check these steps again.
  1.     Transaction u2013 STRUSTSSO2 (Trust Manager for Logon Ticket)
  2.     Double Click Owner certificate. It gets reflected under the certificate tab.
  3.                  Choose Format Binary
  4.                  Choose File Path.
  5.                  Enter the File Name
  6.                 saved in local drive.
  You can import into portal as x.509 certificate.
  check this thread -
  Certificate no longer has signature (use restriction)
  Renew certificate via SAP MarketPlace, and install from tcode slicense.  If you are working on a trial version, there is a SAP license request application form. Fill the form with the hardware key. you will get the new license via email. Install using slicense. Then try exporting the certificate.
  Thanks,
  Divya
  Edited by: Divya V on Mar 10, 2011 11:25 AM

• SSO between EP and GRC systems

  Hi,
  We have EP 7.0 and GRC 5.3 systems in our landscape. In the login page of the portal, we have a link configured to the GRC system to use the Compliant User Provisioning application.
  On clicking the GRC link for accessing CUP, the user is prompted to enter the username and password to login to the GRC system. In our landscape both the EP and GRC systems have the ECC ABAP system as the UME and hence the user credentials are exactly the same for both EP and GRC systems for a particular user.
  I would like to avoid another logon for the user in GRC as he has already logged in with the same user credentials in EP system.This, i believe is achieved through SSO but i'm not sure about configuring SSO between two Java systems.
  Please help me in the configuration.
  Regards,
  Ragav

  Ragav_ss wrote:
  Everything is working fine when i click User Logon link in GRC system which comes up through the link from EP. The SSO is working fine there. But when i click Request Access or Request Status link, the SSO does not work.
  Any clues.
  GRC version is 5.3 SP 12
  Did you ever get that resolved? I'm having the same problem with 5.3 SP 15.
  Regards,
  Sean