Verify the following profile parameters are set correctly in the backend using rz11
login/accept_sso2_ticket = 1
login/create_sso2_ticket = 0
Make sure that in the portal the connector to back end is defined with following setting and permission is set correct.
Authentication Ticket Type - SAP Logon Ticket
Logon Method - SAPLOGONTICKET
User Mapping Type - useradmin,user
Fix certificate
Login in to Visual Administrator
1. Select the Key Storage Service.2. Select the TicketKeystore view.
3. Delete the SAPLogonTicketKeypair and SAPLogonTicketKeypair-cert entries.
4. Under Entry, choose Create . The Key and Certificate Generation dialog appears.
5. Enter the Subject Properties in the corresponding fields.
The entries in these fields build a Distinguished Name in the form:
CN= , OU= , O=, L=, ST= , C=Use capital letters for the Country Name.
6. Enter SAPLogonTicketKeypair as the Entry Name.
Do not enter a different name. This J2EE Engine uses the entry with this name to sign logon tickets.
7. Select the Store certificate option and choose DSA as the algorithm to use.
8. Choose Generate .
Now downloaded the J2EE Ticket via Visual Admin Tool
Login to Visual Admin Tool
open tree "Server # > Services > Key Storage"
Within the "Key Storage" choose view "Ticket Keystore" and entry "SAPLogonTicketKeypair-cert"
click on "Export" and save the ticket to a propper location
Finaly uploaded the new ticket to STRUST
No comments:
Post a Comment