How to Configure Fiori Launchpad and Web Dispatcher to Support SAML2 Using SAP Identity Provider Step-by-Step
|
|
- Marion Ryan
- 5 years ago
- Views:
Transcription
1 How to Configure Fiori Launchpad and Web Dispatcher to Support SAML2 Using SAP Identity Provider Step-by-Step SAP NetWeaver or S4H Gateway Ali Chalhoub 2016 SAP AG. All rights reserved. SAP, R/3, SAP NetWeaver, Duet, PartnerEdge, ByDesign, SAP BusinessObjects Explorer, StreamWork, SAP HANA, and other SAP products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of SAP AG in Germany and other countries. Business Objects and the Business Objects logo, BusinessObjects, Crystal Reports, Crystal Decisions, Web Intelligence, Xcelsius, and other Business Objects products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of Business Objects Software Ltd. Business Objects is an SAP company. Sybase and Adaptive Server, ianywhere, Sybase 365, SQL Anywhere, and other Sybase products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of Sybase Inc. Sybase is an SAP company. Crossgate, EDDY, B2B 360, and B2B 360 Services are registered trademarks of Crossgate AG in Germany and other countries. Crossgate is an SAP company. All other product and service names mentioned are the trademarks of their respective companies. Data contained in this document serves informational purposes only. National product specifications may vary. These materials are subject to change without notice. These materials are provided by SAP AG and its affiliated companies ("SAP Group") for informational purposes only, without representation or warranty of any kind, and SAP Group shall not be liable for errors or omissions with respect
2 Document History Document Version Authored By Description Date Created 1.0 Ali Chalhoub First release of this whitepaper July 18, 2018 Document Version Reviewer Description Kiran Kola Global CoE July 26,
3 How to Setup a Fiori Tile Step-by-Step Using Web IDE TABLE OF CONTENTS Document History... 2 ABSTRACT...5 Chapter 1 - Configuring SAP Service Provider... 5 Chapter 2 - Configuring Fiori Launchpad to Support SAML Chapter 3 - Accessing Fiori Launchpad Using HTTPS with SAML Chapter 4 Configuring Web Dispatcher with SAML Chapter 5 Troubleshooting... 5 CHAPTER 1 CONFIGURING SAP SERVICE PROVIDER...6 Overview of the Architecture... 6 Configuring Scenario -1- Local Provider... 8 Configuring Scenario -1- Identity Provider Downloading Identity Provider Metadata Importing Identity Provider Certificate into Service Provider CHAPTER 2 CONFIGURING FIORI LAUNCHPAD TO SUPPORT SAML Configuring Fiori Launchpad Configuring IDP to support Login Name Testing SAML Using Fiori launchpad Configuring Single Logout Endpoint Configuring Fiori Launchpad Designer CHAPTER ACCESSING FIORI LAUNCHPAD USING HTTPS WITH SAML How to access Fiori Launchpad Using SAML2 HTTPS Configuring SAML2 to enable accessing Fiori Launchpad using HTTPS CHAPTER 4 CONFIGURING WEB DISPATCHER WITH SAML Enabling Web Dispatcher to support SAML2 Scenario
4 Downloading Service Provider Metadata Uploading Metadata into the Identity Provider Testing Fiori Launchpad using Web Dispatcher and SAML CHAPTER 5 TROUBLESHOOTING Error 1 - Signature verification of metadata was not successful Error 2 No RelaySate mapping found for RelayState value Error 3 HTTPS Status 400 Service Provider SLO endpoint has not received SAML2 message
5 Abstract Chapter 1 - Configuring SAP Service Provider 1.1. Overview of the Architecture 1.2. Configuring Scenario -1- Service Provider 1.3. Configuring Scenario -1- Identity Provider 1.4. Downloading Identity Provider Metadata 1.5. Importing Identity Provider Certificate into Service Provider Chapter 2 - Configuring Fiori Launchpad to Support SAML Configuring Fiori Launchpad 2.2. Configuring IDP to support Login Name 2.3. Testing SAML Using Fiori launchpad 2.4. Configuring Single Logout Endpoint 2.5. Configuring Fiori Launchpad Designer Chapter 3 - Accessing Fiori Launchpad Using HTTPS with SAML How to access Fiori Launchpad Using SAML2 HTTPS 3.2. Configuring SAML2 to enable accessing Fiori Launchpad using HTTPS Chapter 4 Configuring Web Dispatcher with SAML Enabling Web Dispatcher to support SAML2 Scenario Downloading Service Provider Metadata 4.3. Uploading Metadata into the Identity Provider 4.4. Testing Fiori Launchpad using Web Dispatcher and SAML2 Chapter 5 Troubleshooting 5.1. Error 1 - Signature verification of metadata was not successful 5.2. No RelaySate mapping found for RelayState value HTTPS Status 400 Service Provider SLO endpoint has not received SAML2 message 5
6 Chapter 1 Configuring SAP Service Provider Welcome to How to Configure Fiori Launchpad and Web Dispatcher to Support SAML2 Using SAP Cloud Platform Identity Authentication Provider Step-by-Step. In this e-book you will find all the details are needed to let you configure a Web Dispatcher with Fiori launchpad on on-premise SAP NetWeaver Gateway system. In this ebook we will discuss and show the user how to configure: SAP Cloud Platform Identity Provider Fiori launchpad on on-premise system running NetWeaver 7.50 or higher with Web Dispatcher in the front Note 1. To make the process simple, the steps provided in this book are done against a single NetWeaver Gateway system no ERP involved. 1. Requirement 2. NetWeaver 7.5 or higher 3. SAP Web Dispatcher with SSL already configured 4. Fiori launchpad already configured and working with SSL support Overview of the Architecture Before we can start our configuration, we need to look at the Architecture that this book will address. This ebook will cover two scenarios: 1. SAP Cloud Platform Identity Provider with SAP Fiori launchpad running on on-premise NetWeaver system 2. SAP Cloud Platform Identity Provider with Web Dispatcher and SAP Fiori launchpad running on onpremise NetWeaver system 6
7 2. The architecture below covers scenario number 1 Figure 1 SAP Cloud Platform Identity Provider with Fiori launchpad 1. A web client makes a request to SAP Fiori launchpad 2. SAP Fiori launchpad redirects the client to SAP Cloud Platform Identity Provider 3. Client is asked to authenticate with SAP Cloud Platform Identity Provider 4. After the client is authenticated successfully, a SAML XML assertion is generated which contains all the information needed about the client such as user id, first name, last name and all this sent to the client 5. The client makes a post request to SAP Fiori launchpad where the XML assertion is validated NetWeaver level and a session is created and the client is granted access to Fiori launchpad 3. The architecture below covers scenario number 2. Figure 2 SAP Cloud Platform Identity Provider with SAP Web Dispatcher 7
8 1. A web client makes a request to SAP Web Dispatcher 2. SAP Web Dispatcher redirect the client to SAP Cloud Platform Identity Provider 3. Client is asked to authenticate with SAP Cloud Platform Identity Provider 4. After the client is authenticated successfully, a SAML XML assertion is generated which contains all the information needed about the client such as user id, first name, last name and all this sent to the client 5. The client makes a post request to Web Dispatcher where the XML assertion is validated at the Web Dispatcher level 6. Finally, a session is created, and the client is granted access to Web Dispatcher and Fiori launchpad Configuring Scenario -1- Local Provider In this scenario we will be configuring SAP Fiori launchpad on-premise to with SAP Cloud Platform Identity Provider without Web Dispatcher. Note In this section there is an assumption, that Fiori launchpad is configured in NetWeaver system and Fiori launchpad can be accessed using HTTPS. As well the user does have access to SAP Cloud Platform Identity Provider. 4. Connecting to SAP Service Provider. In our configuration that would be our NetWeaver Gateway System 1. Login to SAP NetWeaver system 2. Execute tcode saml2 3. Click on Enable SAML 2.0 Support if no SAML has been configured in the system 4. We should see the following screen below Figure 4 Enabling SAML2 in NetWeaver 5. Select Create SAML 2.0 Local Provider 8
9 6. Now enter a name that represent the Local Provider Configuration. Recommendation would be <INSTANCEID>_SAML2 Figure 5 Providing name to the Local Provider Service Provider 7. Click Next 8. On this screen below do not do anything, click Next as well Figure 6 Miscellaneous 9. Under Identity Provider Discovery: Common Domain Cookie (CDC), make sure selection Mode is set to Automatic as shown below: 9
10 Figure 7 Setting selection Mode Note Selection Mode Automatic means the user will not need to select the default authentication provider. It will be selected automatically. 10. Click Finish 11. We should see the following screen below: Figure 8 Creating Local Provider Configuration 12. Next, we need to download the Metadata of our Local Provider, so it can be imported into the Identity Provider. Click on Metadata as shown below: 10
11 Figure 9 Accessing Metadata information 13. Click on Download Metadata Figure 10 Downloading Metadata xml information 14. Save the XML file to your local machine because it will be required in the next step when we configure the Identity Provider 11
12 Configuring Scenario -1- Identity Provider 5. Connecting to SAP Cloud Platform Identity Provider to configure it if it is not already configured 1. Open your Web browser 2. Enter the URL of the SAP Cloud Platform Identity Provider. For example: IDP Host: 3. Once logged in the screen may look like the one below: Figure 11 SAP Cloud Platform Identity Authentication Administration Console Note This section is not needed if your administrator provided you already with a user id and password to login to the system. You can skip the creation user section. 12
13 4. Once logged in, click on Applications under Applications & Resources Figure 12 Accessing Applications section 13
14 5. Click on the Add sign to create a new application which is will be the application to handle our authentication to Fiori launchpad Figure 13 Adding new application to our Fiori launchpad 14
15 6. Give it a name and click save, any name for example three characters of the service provider you are dealing with. But again, that name can be anything you like Figure 14 Creating application 15
16 7. After the application is created, the following screen should be displayed Figure 15 Configuration screen of the application 8. Click on SAML 2.0 Configuration Figure 16 Accessing SAML2 configuration 16
17 9. Click on Browse to import the Metadata. Select the Metadata we downloaded from step 13 under Configurating Scenario -1- Service Provider 10. After the import, the screen should now contain the address of your NetWeaver as shown below. This information is provided to the Identity Provider by the Metadata that we have imported Figure 17 Importing Service Provider Metadata 17
18 11. Scroll down on the screen until you see the Single Logout Endpoint section Figure 18 Single Logout Endpoint Note Notice the certificate of the Service Provider is already here. The reason for this is because it is part of the Metadata that we imported. 18
19 12. Click on Save so the configuration is saved Figure 19 Saving Identity Provider Application configuration Downloading Identity Provider Metadata 1. Now that the configuration is done, we need to download the Metadata of the Identity Provider so we can import it into our Service Provider. In our example our service provider is our NetWeaver Gateway system. Click on Home as shown below: Figure 20 Accessing Identity Provider Home page 19
20 2. Scroll down to the Application & Resources section 3. Click on Tenant Settings as shown below Figure 21 Accessing Tenant settings 4. Click on SAML 2.0 Configuration Figure 22 Accessing SAML 2.0 configuration 20
21 5. Click on Download Metadata file. This file as we mentioned, we need to import it into our Service Provider which is our NetWeaver Gateway system Figure 23 Downloading Metadata File of Identity Provider Note This section shows you how to download and access the Metadata of the Identity Provider. In our configuration, we will not be using the Metadata, instead we will be configuring the Service Provider manually. 21
22 Importing Identity Provider Certificate into Service Provider 1. From the Identity Provider Tenant Settings section and scroll down the Signing Certificate section as shown below: Figure 24 Signing Certificate section 2. Copy all the content in Insert as Text in the box 3. Open Notepad or a text editor and paste the content in it 4. Save the file as sapidp.cer or whatever you like Figure 25 Creating IDP public certificate 22
23 5. Copy the name of the Identity Provider basically, the host name of the identity provider under the Signing Certificate, where the Subject DN: CN= and before the O=, copy the hostname Figure 26 Identifying the hostname of the Identity Provider 6. Now that the Metadata has been downloaded and the public certificate of the IDP has been created, but because there is an issue with the NetWeaver Gateway where importing the Metadata of the Identity Provider does not work, we need todo the configuration manually. 7. Go back to the Service Provider and access your SAML2 configuration screen as shown below by either using tcode saml2 or access the SAML2 configuration by using the URL. Example: http(s)://<host-name>:<port>/sap/bc/webdynpro/sap/saml2?sap-client=<client-id> Figure 27 SAML 2 Service Provider configuration screen 23
24 8. Click on Trusted Provider tab Figure 28 Accessing Trusted Providers 9. Click on Add to select Manually Figure 29 Adding the Identity Provider name manually 24
25 10. Enter the name of the IDP or Identity Provider by pasting the name we copied from the previous step Figure 30 Entering the name of the IDP manually 11. Screen should look like this Figure 31 IDP domain name 25
26 12. Click Next 13. Now provide the Primary Signing Certificate. Basically, it is the public certificate of our IDP that we created in step 4 where we created the file sapidp.cer or whatever the file it was called by clicking on browse as shown below Figure 32 Providing the public certificate of the IDP 14. Select Upload from File Figure 33 Uploading the public certificate of the IDP 26
27 15. Make sure under Artifact Profile, Sign and Require Signature, are set to Never Figure 34 Setting Artifact Profile 16. Click Next 17. Under Single Sign-On Endpoints click on Add. Note: The Sign-On Endpoints is located under the IDP. Therefore; this step require you to go back to the IDP to copy the HTTP-Redirect Figure 35 Adding Sign-On Endpoints 27
28 18. Go back now to the IDP Tenant Settings and copy the full URL of HTTP-Redirect under Single Sign-On Endpoint as shown below Figure 36 Copying the HTTP-Redirect 19. Go back to the Service Provider and Paste the HTTP Redirect as shown below: Figure 37 Adding the HTTP-Redirect in the NetWeaver Gateway System 28
29 20. Click OK and click again on Add to add the HTTP-POST Figure 38 Adding HTTP-POST 21. Select from the Binding Dropdown list HTTP POST Figure 39 Selecting HTTP POST 22. Go back to the Identity Provider ( IDP ) and copy HTTP-POST URL under the Tenant Settings as shown below: Figure 40 HTTP-POST URL under the Single Sign-On Endpoint IDP 29
30 23. Paste the HTTP-POST under the Binding section in the Service Provider Figure 41 Pasting HTTP-POST URL from the IDP 24. Click OK 25. Click on Next 26. Now we need to configure Single Logout Endpoints, click on Add Figure 42 Single Logout Endpoints 27. Select HTTP Redirect under Binding as shown below Figure 43 Adding HTTP Redirect for Single Logout Endpoints 30
31 28. Go back to your IDP and copy the HTTP-Redirect Under the Single Logout Endpoint section as shown below: Figure 44 Copying the URL of HTTP-Redirect under Signle Logout Endpoint 29. Go back to your Service Provider, NetWeaver Gateway system, and paste it as shown below: Figure 45 Pasting HTTP Redirect URL for Single Logout Endpoints 31
32 30. Click OK 31. Click on Add again 32. Select HTTP Post under Binding: Figure 46 Selecting HTTP POST 33. Go back to your Tenant Settings under your IDP and copy the HTTP-POST URL under Single Logout Endpoint Section as shown below: Figure 47 Copying HTTP-POST for Single Logout Endpoint 32
33 34. Go back to your Service Provider and paste the HTTP-POST URL as shown below: Figure 48 Adding HTT POST URL to the Service Provider 35. Click OK 36. Click on Next 37. We should see now the Artifact Endpoints screen Figure 49 Artifact Endpoints configuration 38. Click on Add Figure 50 Adding Assertion URL under Artifact configuration screen 33
34 39. Bo back to your IDP under the Tenant Settings and copy the Assertion Consumer Service Endpoint as shown below: Figure 51 Copying the Assertion Consumer Service Endpoint URL 40. Go back to your Service Provider and paste the URL HTTP-POST as shown below: Figure 52 Adding Assertion Consumer Service Endpoint URL 34
35 41. Click OK 42. Click Next 43. Click Finish 44. We should have the following configuration, click on Edit Figure 53 Trusted Providers configuration screen 35
36 45. Click on Add under Details of Identity Provider Figure 54 Adding details of Identity Provider Note: If Add is grayed out, click on the Edit button beside the Save button 46. Select Unspecified as shown below and click OK Figure 55 Setting Supported NameID Formats 36
37 47. Finally click Save as shown below Figure 56 Saving Trusted Providers configuration 37
38 48. Click on Enable to enable the configuration as shown below: Figure 57 Enabling the configuration 49. Click on OK Figure 58 Confirming the enablement of our SAML 2.0 configuration 50. Next, we need configure the relay state, click on Local Provider Tab 38
39 51. Click on Service Provider Settings Figure 59 Adding Relay State 52. Click on Edit button 53. Scroll down until you see Relay State Mapping. Click on Add as shown below: Figure 60 Adding Relay State for Fiori launchpad 39
40 54. Enter a Relay State name and the Fiori launchpad path as shown below: Figure 61 Providing the Fiori launchpad path to the RelayState RelaySate: fiori Path: /sap/bc/ui5_ui5/ui2/ushell/shells/abap/fiorilaunchpad.html 55. Click on OK 56. Next paste the same Fiori launchpad path to the Default Application Path as shown below: Figure 62 Providing default application path 57. Click on Save 40
41 Chapter 2 Configuring Fiori Launchpad to Support SAML2 Configuring Fiori Launchpad In this section Fiori launchpad needs to be configured to support SAML2. In this section, we will go through all the steps needed to allow Fiori launchpad to support SAML2 authentication. 1. Login to the FrontEnd NetWeaver Gateway System 2. Execute tcode SICF 3. Under Service Name type USHELL Figure 63 Accessing SICF 41
42 4. Press F8 to execute 5. Click on ushell under ui5_ui5/ui2 as shown below Figure 64 Accessing USHELL Service Logon Data 42
43 6. Click on Logon Data tab Figure 65 Accessing Logon Data 43
44 7. If you Procedure is set to Alternative Logon Procedure and SAML Configuration already set, then you are done on this section. If not, then follow these steps below: a. Click on Edit Figure 66 Clicking on Edit to alter the Logon Data Procedure 44
45 b. Under Procedure drop down list change it from Standard to Alternative Logon Procedure c. In the Logon Data section scroll down d. Change the Logon Procedure List by scrolling all the way until 8 SAML Logon is shown Figure 67 Changing the order of the Logon Procedure List 45
46 e. Change 8 to 1 Figure 68 Changing the order by selecting SAML Logon as 1 f. Press Enter g. We should see the following result Figure 69 SAML Logon is the second selection Note Even though we set the order to be 1, Logon Through HTTP Fields is always 1 and then comes our SAML Logon based on the order we set. 46
47 h. Click on Save Figure 70 Saving the configuration of the USHELL Configuring IDP to support Login Name By default, when configuring SAML2 in NetWeaver, it uses Name ID attribute Login Name. Therefore, SAP Identity Provider needs to be configured to support NameID. To do that, follow the following steps: 1. Go back to your SAP Identity Provider 2. Login 3. Click on Applications & Resources 4. Click on Applications 5. Click on Name ID Attribute as shown below: Figure 71 Configuring Name ID Attribute 47
48 6. Select Login Name Figure 72 Setting Login Name for Name ID Attribute 7. Click Save 8. Next since our NetWeaver uses Login Name ID, but our IDP uses different ID and naming convention, we need to provide the Login ID of our NetWeaver system to the IDP in order todo the mapping. To do that, do the following: a) Click on Users & Authorizations b) Click on User Management as shown below: Figure 73 Accessing User Management c) Click on your user 48
49 d) Click on Edit as shown below: Figure 74 Editing IDP user information e) Scroll down f) Until you see Login Name g) Type the Login ID of the NetWeaver Gateway system Figure 75 Altering User information h) Click on Save 49
50 Testing SAML Using Fiori launchpad To test the configuration, we need to access Fiori launchpad 1. Open web browser, preferably Chrome 2. Enter the URL of your Fiori launchpad Note Because we configured our Service Provider by going to the following URL ID>&sap-language=EN#. WE MUST access Fiori launchpad using http and not HTTPS. We will see how we can change this later. 3. If everything is configured correctly, the web browser will redirect the request to the IDP as shown below: Figure 76 Redirecting to SAP Identity Provider 50
51 4. Login with your IDP user ID and password. Fiori launchpad should log you in successfully Figure 77 Fiori launchpad Configuring Single Logout Endpoint Now that we have Fiori Launchpad configured with SAML2 using HTTP. Next step is to configure the Logoff button in Fiori Launchpad to redirect the request back to the SAML2 login screen. In order to configure the logout button in Fiori Launchpad to redirect to SAML2 login screen, we need to do the following: 1. Go back to your Identity Provider and login 2. Expand Applications & Resources 3. Click on Applications 4. Click on SAML 2.0 Configuration 5. Scroll down to the section Single Logout Endpoint Figure 78 Single Logout Endpoint URL 6. Copy the URL of HTTP-Redirect 7. Once the URL is copied, go to the NetWeaver Front-End 8. Execute tcode /nsicf 51
52 9. Under service name type logoff 10. Click on Execute or press F8 11. Double click on the node sap/public/bc/icf/logoff 12. Click on Edit icon on the top left 13. Click on the Error Pages 14. Under Logon Errors paste the URL we copied from step 6 as shown below: Figure 79 Configuring Logoff ICF node 15. Click on Logoff Page tab 16. Make sure under Redirect to URL the value is set to /sap/bc/ui5_ui5/ui2/ushell/shells/abap/fiorilaunchpad.html or whatever your Fiori Launchpad relative URL is Note: If you were asked to enter user ID and password, enter your NetWeaver or S4H user ID and password 17. Save your configuration 18. Now when clicking on Logoff button in Fiori Launchpad, you are redirected to the login screen of the Identity Provider 52
53 Configuring Fiori Launchpad Designer In this section we will configure Fiori Launchpad Designer to support SAML2. 1. Login to the Front-End NetWeaver Gateway system 2. Execute tcode /nsaml2 3. Click on Local Provider 4. Click on Service Provider Settings 5. Click on Edit button on the top left 6. Under Relay State Mapping click on Add 7. Enter the following configuration: RelayState: fioridesigner Path: /sap/bc/ui5_ui5/sap/arsrvc_upb_admn/main.html 8. Click OK 9. Click Save 10. Configuration should look like this screen below: Figure 80 Configuring Fiori Launchpad Designer Relay State 53
54 Chapter 3 Accessing Fiori Launchpad Using HTTPS with SAML2 How to access Fiori Launchpad Using SAML2 HTTPS If SAML2 is configured to access Fiori Launchpad using HTTP, then continue reading this section to learn how to configure SAML2 on NetWeaver while accessing Fiori Launchpad using HTTPS. If SAML2 is not configured at all in the system, then go back chapter 1 to learn how to configure the system using HTTP. Assumption: An assumption is made in this section that the user has read chapter 1 already and configured SAML2 to support Fiori Launchpad using HTTP protocol. Configuring SAML2 to enable accessing Fiori Launchpad using HTTPS 1. Login into your NetWeaver Gateway system 2. Identify what is the secure port NetWeaver is using. This can be identified by: a. Issue tcode /nsmicm on the Front-End b. From the menu select Goto or press SHIFT + F1 c. Select Services d. Under protocol HTTPS find out the port number 3. Now that we have the port number, we need to go to SAML2 configuration page 4. Execute tcode /nsaml2 from the Front-End 5. Once the configuration screen has opened, we need to do the following: a. In the URL change the protocol from HTTP to HTTPS b. Change the port to whatever the port of your HTTPS that we recorded from step 2.b c. Press Enter 54
55 6. Click on Metadata as shown below Figure 81 Accessing Metadata for HTTPS SAML2 configuration 7. Click on Download Metadata Figure 82 Downloading Metadata for SAML2 HTTPS 8. Save it on your local disk 9. Now we need to go back to our Identity Provider 10. Once logged in into your Identity Provider, expand Application & Resources 11. Click on Applications 12. Make sure you are on your application that you already configured for SAML and select SAML 2.0 Configuration as shown below: 55
56 Figure 83 SAML 2.0 Configuration Screen 13. Scroll up until you see Define from Metadata and click on Browse as shown below: Figure 84 Uploading Service Provider Metadata 14. Provide the Metadata file of the service provider from the previous step 15. Verify that the URL has been updated to the HTTPS URL by scrolling down to the section Assertion Consumer Service Endpoint, you should see the new URL got updated as shown below: Figure 85 URL of the Assertion Consumer Service Endpoint 56
57 16. Save your changes 17. Test your new configuration by accessing Fiori Launchpad using HTTPS 18. The browser should direct you now to your Identity Provider 19. Login with your Identity Provider User ID and password 20. After successful login, Fiori Launchpad home page should be displayed Figure 86 Fiori Launchpad using SAML2 with HTTPS 57
58 Chapter 4 Configuring Web Dispatcher with SAML2 In this section, we are going to learn how we can configure Web Dispatcher to support SAML2 when accessing Fiori Launchpad using SAML2 authentication method. Assumption In this section we assume you have already configured SAML2 with HTTP or HTTPS and you have a fully functional working system. Fiori Launchpad can be accessed by the user and can login using SAML2 successfully Second assumption you have Web Dispatcher configured in your system and Fiori Launchpad can be accessed using Web Dispatcher Enabling Web Dispatcher to support SAML2 Scenario -2 Figure 87 Scenario 2 Web Dispatcher with SAML2 Because we are going to use a new hostname such as a Web Dispatcher, we need to download the Metadata of the Service Provider one more time but this time, we need to access the SAML2 configuration of the service provider using the Web Dispatcher. But if we try download the Metadata, we are going to get an error 503 Service not available and the reason for that is because the Web Dispatcher does not know anything about the following path /sap/saml2/sp/metadata, therefore; we need to do some modification to the Web Dispatcher configuration file. 1. Backup your Web Dispatcher configuration file sapwebdisp.pfl 2. Open sapwebdisp.pfl in your favorite text editor 58
59 3. Alter the SRCURL and add /sap/saml2 to it see below an example: Figure 88 Updating Web Dispatcher configuration 4. Save your changes 5. Restart Web Dispatcher Downloading Service Provider Metadata 1. Login to your NetWeaver Front-End 2. Execute tcode /nsaml2 from the Front-End 3. Once the configuration screen has opened, we need to do the following: a. In the URL change the protocol that the Web Dispatcher is using b. Change the port to whatever the port of your Web Dispatcher c. Press Enter d. Login to your NetWeaver system 4. Click on Metadata as shown below Figure 89 Accessing Metadata for Web Dispatcher SAML2 configuration 59
60 5. Click on Download Metadata Figure 90 Downloading Metadata for SAML2 for the Web Dispatcher 6. Save it on your local disk Uploading Metadata into the Identity Provider 1. Go back to our Identity Provider 2. Once logged in into your Identity Provider, expand Application & Resources 3. Click on Applications 4. Make sure you are on your application that you already configured for SAML and select SAML 2.0 Configuration as shown below: Figure 91 SAML 2.0 Configuration Screen 60
61 5. Scroll up until you see Define from Metadata and click on Browse as shown below: Figure 92 Uploading Service Provider Metadata 6. Provide the Metadata file of the service provider from the previous step 7. Verify that the URL has been updated to the Web Dispatcher URL by scrolling down to the section Assertion Consumer Service Endpoint, you should see the new URL got updated as shown below: Figure 93 URL of the Assertion Consumer Service Endpoint 8. Save your changes Testing Fiori Launchpad using Web Dispatcher and SAML2 1. Test your new configuration by accessing Fiori Launchpad using Web Dispatcher URL 2. The browser should direct you now to your Identity Provider 3. Login with your Identity Provider User ID and password 61
62 4. After successful login, Fiori Launchpad home page should be displayed Figure 94 Accessing Fiori Launchpad using Web Dispatcher with SAML2 62
63 Chapter 5 Troubleshooting In this chapter, we will discuss all the issues that the administrator could face during the configuration process. Error 1 - Signature verification of metadata was not successful This issue occurred if you downloaded the metadata of the Identity Provider and you tried to upload it into the service provider, you may see the error below: Figure 95 Error 1 Signature verification issue Solution: Instead of uploading the metadata, select the option upload manually as discussed in the above section, Importing Identity Provider Certificate into Service Provider, in Chapter 1 63
64 Error 2 No RelaySate mapping found for RelayState value. Solution: There are two possibilities for this error. We will start with the first one. The user is trying to access Fiori Launchpad either by a URL that does not match the URL under the Assertion Consumer Service Endpoint. To verify, do the following: 1. Login to your SAP Identity Provider 2. Click and expand Applications & Resources 3. Click on Applications 4. Click on SAML 2.0 Configuration 5. Scroll down to Assertion Consumer Service Endpoint 6. If the URL protocol and hostname does not match the URL protocol and hostname of the Fiori Launchpad, then you need to either update the Assertion Consumer Service Endpoint of change the Fiori Launchpad URL protocol and hostname to match the Assertion Consumer Service Endpoint No RelayState has been created To fix this issue, follow the step 55 under Chapter1 section Importing Identity Provider Certificate into Service Provider Error 3 HTTPS Status 400 Service Provider SLO endpoint has not received SAML2 message The reason for this error is because the user configured the Logoff Page to redirect to the SAML2 Logout Endpoint. Solution: To fix the issue, refer to Chapter 2 section Configure Single Logout Endpoint 64
How to Transport KPI Tile Application Step-by-Step Guide in S/4HANA On-Premise
How to Transport KPI Tile Application Step-by-Step Guide in S/4HANA 1610-1809 On-Premise S4H Gateway Ali Chalhoub Shilpa Shankar 2016 SAP AG. All rights reserved. SAP, R/3, SAP NetWeaver, Duet, PartnerEdge,
More informationManaging Substitutions in My Inbox 2.0 app
Managing Substitutions in My Inbox 2.0 app SAP NetWeaver (7.5) Gateway Joaquin Fornas 2016 SAP AG. All rights reserved. SAP, R/3, SAP NetWeaver, Duet, PartnerEdge, ByDesign, SAP BusinessObjects Explorer,
More informationHow to Setup Notifications in Fiori 2.0 Step-by-Step
How to Setup Notifications in Fiori 2.0 Step-by-Step SAP S/4HANA 1610 Wilson Wei 2017 SAP AG. All rights reserved. SAP, R/3, SAP NetWeaver, Duet, PartnerEdge, ByDesign, SAP BusinessObjects Explorer, StreamWork,
More informationSAP NetWeaver Cloud Security Tutorial Single Sign-On and Identity Federation with SAP NetWeaver Single Sign-On
Single Sign-On and Identity Federation with SAP NetWeaver Single Sign-On TABLE OF CONTENTS OVERVIEW... 3 PREREQUISITES AND REQUIREMENTS... 4 GETTING STARTED... 4 STEP 1: ESTABLISH TRUST TO SAP NETWEAVER
More informationCREATION AND CONFIGURATION OF WEB SERVICE FROM RFC AND DEPLOYMENT IN ANOTHER SYSTEM
CREATION AND CONFIGURATION OF WEB SERVICE FROM RFC AND DEPLOYMENT IN ANOTHER SYSTEM Applies to: SAP Summary The purpose of this document is to provide creation and configuration of web service from function
More informationMoving BCM to different IP range
Moving BCM to different IP range PREREQUISITES This document describes how to move your BCM application server to a different IP range. The solution is for BCM system administrators who have basic knowledge
More informationHow to Install SMP in a Cluster Environment Using ASE DB Without MBO Runtime SAP Mobile Platform (3.0 SP05)
How to Install SMP in a Cluster Environment Using ASE DB Without MBO Runtime SAP Mobile Platform (3.0 SP05) Author: Ali Chalhoub Global Support Architect Engineer Date: January 25, 2015 TABLE OF CONTENTS
More informationHow to Use a Customer Specific UIBB in MDG Application 'Create Change Request' Author: Matthias Hubert Company: SAP Created on 5th July 2013
How to Use a Customer Specific UIBB in MDG Application 'Create Change Request' Author: Matthias Hubert Company: SAP Created on 5th July 2013 TABLE OF CONTENTS 1 INTRODUCTION... 3 2 PREREQUISITES... 3 2.1
More informationSAP NetWeaver Cloud Security Tutorial Single Sign-On and Identity Federation with ForgeRock OpenAM
Single Sign-On and Identity Federation with ForgeRock OpenAM TABLE OF CONTENTS OVERVIEW... 3 PREREQUISITES AND REQUIREMENTS... 4 GETTING STARTED... 4 STEP 1: ESTABLISH TRUST TO SAP NETWEAVER CLOUD IN ITELO
More informationHow the Standard Integration between SAP EM and SAP TM Can Be Tested with SE37
How the Standard Integration between SAP EM and SAP TM Can Be Tested with SE37 Author: Daniel Härder Document Date: 04.02.2013 TABLE OF CONTENTS SUMMARY... 3 TESTING EM TM INTEGRATION WITH SE37... 3 DEFINING
More informationDisclosure Management US SEC. Preview
Disclosure Management US SEC Preview TABLE OF CONTENT Introduction... 3 Creating the Preview... 4 Troubleshooting... 8 Alternative way of creating the Preview... 10 Useful Notes/KBAs... 14 2 Introduction
More informationPassing Parameters via Web Dynpro Application
Applies to: SAP ABAP Workbench that supports Web Dynpro development. For more information, visit the Web Dynpro ABAP homepage. Summary This article explains how to pass parameters via Web Dynpro Application.
More informationSAP Directory Content Migration Tool
This document describes SAP directory content migration which is used for migration and mass change functionality for PI scenarios and channels from Dual Stack to Single Stack system. This document explains
More informationHow-to Connect your HANA Cloud Platform Mobile Service Account to your On-Premise OData Service
How-to Connect your HANA Cloud Platform Mobile Service Account to your On-Premise OData Service How-to Connect your HANA Cloud Platform Mobile Service Account to your On-Premise OData Service How-to Provided
More informationSAP Sybase Replication Server Change DATA Capture Configuration. Example Configuration
SAP Sybase Replication Server Change DATA Capture Configuration Example Configuration TABLE OF CONTENTS 1 INTRODUCTION... 3 1.1 Scope... 3 1.2 Purpose... 3 2 CONFIGURATION... 4 2.1 Requeriments... 4 2.2
More informationCreate and run apps on HANA Cloud in SAP River RDE
SAP River Rapid Development Environment How-To Guide Provided by Customer Experience Group Create and run apps on HANA Cloud in SAP River RDE Applicable Releases: SAP River Rapid Development Environment
More informationHow to setup My Inbox 2.0 app
How to setup My Inbox 2.0 app SAP NetWeaver (7.5) Gateway Joaquin Fornas Konstantia Zerva-Spanou Ali Chalhoub 2016 SAP AG. All rights reserved. SAP, R/3, SAP NetWeaver, Duet, PartnerEdge, ByDesign, SAP
More informationExperience SAP HANA Cloud Portal. Use SAP HANA Cloud Portal to Create Engaging Websites in 5 Simple Steps
Experience SAP HANA Cloud Portal Use SAP HANA Cloud Portal to Create Engaging Websites in 5 Simple Steps TABLE OF CONTENTS TUTORIAL AGENDA... 3 PREREQUISITES... 3 EXERCISE 1: CREATE AND CONFIGURE A NEW
More informationUI Changes for SAP Portfolio and Project Management Depending on NW Release
UI Changes for SAP Portfolio and Project Management Depending on NW Release TABLE OF CONTENTS CHANGES IN RENDERING OF SAP PORTF. AND PROJ MGMT. WITH UI GUIDELINE 2.0... 3 Toolbars in Tables... 3 Toolbars
More informationBW Workspaces Data Cleansing during Flat File Upload
BW Workspaces Data Cleansing during Flat File Upload TABLE OF CONTENTS INTRODUCTION INTO THE TOPIC BW WORKSPACE... 3 HISTORY OF THE FILE UPLOAD... 3 NEW DATA CLEANSING FUNCTIONALITY... 3 Transfer File...
More informationDisclosure Management. Default font on styles in Disclosure Management
Disclosure Management Default font on styles in Disclosure Management DISCLOSURE MANAGEMENT DEFAULT FONT IS STYLES (V1.1) TABLE OF CONTENT Introduction... 3 An example... 3 What happens in the system...
More informationCreating Application Definitions in Hana Cloud Platform Mobile Services
SAP Hana Cloud Platform Mobile Services How-To Guide Provided by SAP s Technology RIG Creating Application Definitions in Hana Cloud Platform Mobile Services Applicable Releases: Platform Mobile Services
More informationHow to setup My Inbox 2.0 app
How to setup My Inbox 2.0 app UI for Cross Applications 2.0 SP06 Joaquin Fornas Konstantia Zerva-Spanou 2018 SAP AG. All rights reserved. SAP, R/3, SAP NetWeaver, Duet, PartnerEdge, ByDesign, SAP BusinessObjects
More informationHow to setup My Inbox 2.0
How to setup My Inbox 2.0 UI For Basis Applications 400 Joaquin Fornas 2018 SAP AG. All rights reserved. SAP, R/3, SAP NetWeaver, Duet, PartnerEdge, ByDesign, SAP BusinessObjects Explorer, StreamWork,
More informationA Sample PhoneGap Application Using SUP
This document summarizes the creation of a PhoneGap application on android platform which uses SUP server to fetch the data. This document also describes the basics of PhoneGap from the environment setup,
More informationDisclosure Management Financial Consolidation. Troubleshooting Data Import Interface
Disclosure Management Financial Consolidation Troubleshooting Data Import Interface TABLE OF CONTENT Introduction... 3 Process... 4 Troubleshooting... 5 Connectivity... 5 Financial Consolidation... 15
More informationIntroduction to BW Workspaces and its usage with SAP BusinessObjects BI Tools
Introduction to BW Workspaces and its usage with SAP BusinessObjects BI Tools Applies to: SAP NetWeaver Business Warehouse 7.3, powered by SAP HANA or SAP BW Accelerator (BWA) SAP BusinessObjects BI 4.1
More informationInformation Design Tool User Guide SAP BusinessObjects Business Intelligence platform 4.0 Support Package 4
Information Design Tool User Guide SAP BusinessObjects Business Intelligence platform 4.0 Support Package 4 Copyright 2012 SAP AG. All rights reserved.sap, R/3, SAP NetWeaver, Duet, PartnerEdge, ByDesign,
More informationSAP Business Communications Management (BCM) Release Notes 7.0 SP04 Patch 1 ( )
SAP Business Communications Management (BCM) Release Notes 7.0 SP04 Patch 1 (7.0.4.100) TABLE OF CONTENTS 1 INTRODUCTION... 3 2 FUNCTIONAL CHANGES... 4 3 CORRECTED DEFECTS... 5 2 1 INTRODUCTION This document
More informationopensap How-to Guide for Exercise Instructor-Led Walkthrough of SAML2 Configuration (Week 4 Unit 5)
opensap How-to Guide for Exercise Instructor-Led Walkthrough of SAML2 Configuration (Week 4 Unit 5) Table of Contents Configuring SSL on the Frontend Server... 3 Execute SAML 2.0 related configuration...
More informationADM960. SAP NetWeaver Application Server Security COURSE OUTLINE. Course Version: 10 Course Duration: 5 Day(s)
ADM960 SAP NetWeaver Application Server Security. COURSE OUTLINE Course Version: 10 Course Duration: 5 Day(s) SAP Copyrights and Trademarks 2013 SAP AG. All rights reserved. No part of this publication
More informationADM960. SAP NetWeaver Application Server Security COURSE OUTLINE. Course Version: 15 Course Duration: 5 Day
ADM960 SAP NetWeaver Application Server Security. COURSE OUTLINE Course Version: 15 Course Duration: 5 Day SAP Copyrights and Trademarks 2015 SAP SE. All rights reserved. No part of this publication may
More informationSAP BusinessObjects Explorer API Guide SAP BusinessObjects Explorer XI 3.2 SP2
SAP BusinessObjects Explorer API Guide SAP BusinessObjects Explorer XI 3.2 SP2 Copyright 2010 SAP AG. All rights reserved.sap, R/3, SAP NetWeaver, Duet, PartnerEdge, ByDesign, SAP Business ByDesign, and
More informationHow To - Extend MDG-M content by new attributes for customer Z-fields in standard tables
How To - Extend MDG-M content by new attributes for customer Z-fields in standard tables Applicable Releases: From EHP6 FOR SAP ERP 6.0 and from SAP S/4HANA 1511 Version 3 March 2017 Document History Document
More informationRSA SecurID Access SAML Configuration for Datadog
RSA SecurID Access SAML Configuration for Datadog Last Modified: Feb 17, 2017 Datadog is a monitoring service for cloud-scale applications, bringing together data from servers, databases, tools, and services
More informationRECOMMENDED DEPLOYMENT PRACTICES. The F5 and Okta Solution for High Security SSO
July 2017 Contents Introduction...3 The Integrated Solution...3 Prerequisites...4 Configuration...4 Set up BIG-IP APM to be a SAML IdP...4 Create a self-signed certificate for signing SAML assertions...4
More informationHow-to Guide for Exercise Familiarize Yourself with SAP Fiori UX (Week 1, Unit 6, Part 2)
How-to Guide for Exercise Familiarize Yourself with SAP Fiori UX (Week 1, Unit 6, Part 2) Table of Contents Introduction... 2 Connect to the opensap instance... 3 Login to the SAPgui... 5 Disable Internet
More informationRSA SecurID Access SAML Configuration for Kanban Tool
RSA SecurID Access SAML Configuration for Kanban Tool Last Modified: October 4, 2016 Kanban Tool is a visual product management application based on the Kanban methodology (development) which was initially
More informationINTEGRATING OKTA: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE
GUIDE AUGUST 2018 PRINTED 4 MARCH 2019 INTEGRATING OKTA: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE Table of Contents Overview Introduction Purpose Audience Integrating Okta with VMware
More informationManagement Console Guide SAP BusinessObjects Data Services 4.1 Support Package 1 ( )
Management Console Guide SAP BusinessObjects Data Services 4.1 Support Package 1 (14.1.1.0) Copyright 2012 SAP AG. All rights reserved.sap, R/3, SAP NetWeaver, Duet, PartnerEdge, ByDesign, SAP BusinessObjects
More informationMII - Crystal Reports Configuration Guide
TABLE OF CONTENTS INTRODUCTION... 3 CONFIGURE SAP CRYSTAL REPORTS TO USE CR MII CONNECTOR... 4 CREATING CONNECTION TO MII SERVER FROM SAP CRYSTAL REPORTS DESIGNER... 5 CREATING REPORT FROM MII QUERY TEMPLATE...
More informationSAP BusinessObjects Integration Option for Microsoft SharePoint Getting Started Guide
SAP BusinessObjects Integration Option for Microsoft SharePoint Getting Started Guide SAP BusinessObjects XI3.1 Service Pack 4 Copyright 2011 SAP AG. All rights reserved.sap, R/3, SAP NetWeaver, Duet,
More informationOracle Utilities Opower Solution Extension Partner SSO
Oracle Utilities Opower Solution Extension Partner SSO Integration Guide E84763-01 Last Updated: Friday, January 05, 2018 Oracle Utilities Opower Solution Extension Partner SSO Integration Guide Copyright
More informationDeploy a SAPUI5 Mobile App to Android Device
TABLE OF CONTENTS PREREQUISITE... 3 http://developer.android.com/sdk/installing/installing-adt.html... 3 STEPS TO DEPLOY AN SAPUI5 APP TO ANDROID DEVICE USING PHONEGAP... 3 2 PREREQUISITE You should have
More informationHow To... MDG-M: Replace Enterprise Search with database base search or an alternative search provider
How To... MDG-M: Replace Enterprise Search with database base search or an alternative search provider Applicable Releases: MDG 6.1, MDG 7.0, MDG 8.0 Version 1.6 March 2016 www.sap.com Document History
More informationCloud Access Manager How to Configure for SSO to SAP NetWeaver using SAML 2.0
Cloud Access Manager 8.1.3 How to Configure for SSO to SAP Copyright 2017 One Identity LLC. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described
More informationHow to Add a Web Dynpro App to Fiori Launchpad Step-by-Step
How to Add a Web Dynpro App to Fiori Launchpad Step-by-Step www.sap.com How to Add a Web Dynpro App to Fiori Launchpad Step-by-Step SAP Netweaver (7.51) and SAP S/4HANA 1610 Jessie Xu TABLE OF CONTENTS
More informationBusiness Intelligence Launch Pad User Guide SAP BusinessObjects Business Intelligence Platform 4.0 Support Package 5
Business Intelligence Launch Pad User Guide SAP BusinessObjects Business Intelligence Platform 4.0 Support Package 5 Copyright 2012 SAP AG. All rights reserved.sap, R/3, SAP NetWeaver, Duet, PartnerEdge,
More informationHow To... MDG-M: Replace Enterprise Search with database base search or an alternative search provider. Applicable Releases: From MDG 6.
How To... MDG-M: Replace Enterprise Search with database base search or an alternative search provider Applicable Releases: From MDG 6.1 Version 1.7 April 2017 www.sap.com Document History Document Version
More informationObtain Configuration Parameters for LPD_CUST Provide the base path of your BSP application (1/2)
Preparation Obtain Configuration Parameters for LPD_CUST Provide the base path of your BSP application (1/2) 1. Reference the help for your UI5 application name 2. Launch SAP transaction SICF and enter
More informationIdentity Provider for SAP Single Sign-On and SAP Identity Management
Implementation Guide Document Version: 1.0 2017-05-15 PUBLIC Identity Provider for SAP Single Sign-On and SAP Identity Management Content 1....4 1.1 What is SAML 2.0.... 5 SSO with SAML 2.0.... 6 SLO with
More informationDefining Associations in Business Object Builder
Defining Associations in Business Object Builder expert Summary Associations create relationships within the nodes of a BO or between different BOs. This tutorial introduces the most important types of
More informationSAP EM How to Display the Planned Route on the Geo-Map
SAP EM How to Display the Planned Route on the Geo-Map Author: Marco Freischlag Document Date: 29.07.2013 www.sap.com TABLE OF CONTENTS SUMMARY... 3 PREREQUISITE:... 3 SOLUTION:... 3 SAMPLE Coding:...
More informationFive9 Plus Adapter for Agent Desktop Toolkit
Cloud Contact Center Software Five9 Plus Adapter for Agent Desktop Toolkit Administrator s Guide September 2017 The Five9 Plus Adapter for Agent Desktop Toolkit integrates the Five9 Cloud Contact Center
More informationNimsoft Service Desk. Single Sign-On Configuration Guide. [assign the version number for your book]
Nimsoft Service Desk Single Sign-On Configuration Guide [assign the version number for your book] Legal Notices Copyright 2012, CA. All rights reserved. Warranty The material contained in this document
More informationRSA SecurID Access SAML Configuration for Samanage
RSA SecurID Access SAML Configuration for Samanage Last Modified: July 19, 2016 Samanage, an enterprise service-desk and IT asset-management provider, has its headquarters in Cary, North Carolina. The
More informationSAP White Paper SAP Sybase Adaptive Server Enterprise. New Features in SAP Sybase Adaptive Server Enterprise 15.7 ESD2
SAP White Paper SAP Sybase Adaptive Server Enterprise New Features in SAP Sybase Adaptive Server Enterprise 15.7 ESD2 Table of Contents 4 Introduction 4 Introducing SAP Sybase ASE 15.7 ESD 4 VLDB Performance
More informationHow-to guide: OS Command Adapter
How-to guide: OS Command Adapter This guide explains how you can react to MAI Alerts in SAP Solution Manager 7.10 by sending an OS Command Version 2.20 (March 2015) SAP Active Global Support TABLE OF CONTENT
More informationHow to Configure Mutual Authentication using X.509 Certificate in SMP SAP Mobile Platform (3.X)
How to Configure Mutual Authentication using X.509 Certificate in SMP SAP Mobile Platform (3.X) Author: Ali Chalhoub Global Support Architect Engineer Date: July 2, 2015 Document History: Document Version
More informationSAP Discovery System V5 Users and Passwords
SAP Discovery System V5 s and s SAP DISCOVERY SYSTEM V5 TABLE OF CONTENT SAP DISCOVERY SYSTEM USERS AND PASSWORDS... 3 PURPOSE... 3 USERS AND PASSWORDS... 3 1. OPERATING SYSTEM USERS AND PASSWORDS... 3
More informationBusiness Intelligence Platform User Guide SAP BusinessObjects Business Intelligence platform 4.0 Support Package 4
Business Intelligence Platform User Guide SAP BusinessObjects Business Intelligence platform 4.0 Support Package 4 Copyright 2012 SAP AG. All rights reserved.sap, R/3, SAP NetWeaver, Duet, PartnerEdge,
More informationImplementation steps for Note
Implementation steps for Note 1698684 TABLE OF CONTENT 1 PREFACE... 3 2 PRE-IMPLEMENTATION STEPS... 4 2.1 Domains... 4 2.1.1 Vehicle Body Type... 4 2.1.2 Vehicle Ownership Type... 4 2.2 Structures... 4
More informationHow to Enable SAP Easy Access Menu for Fiori Launchpad Step-by-Step
How to Enable SAP Easy Access Menu for Fiori Launchpad Step-by-Step www.sap.com How to Enable SAP Easy Access Menu for Fiori Launchpad Step-by-Step SAP NetWeaver (7.5) and EHP8 for SAP ERP 6.0 Jessie Xu
More informationService Manager. Database Configuration Guide
Service Manager powered by HEAT Database Configuration Guide 2017.2.1 Copyright Notice This document contains the confidential information and/or proprietary property of Ivanti, Inc. and its affiliates
More informationBuilding Blocks of the SAP Fiori Launchpad. An introduction to all the components that comprise the Fiori Launchpad
Building Blocks of the SAP Fiori Launchpad An introduction to all the components that comprise the Fiori Launchpad Launchpad Configuration Steps Process Overview Frontend Server (Gateway hub) Launchpad
More informationAdd OKTA as an Identity Provider in EAA
Add OKTA as an Identity Provider in EAA Log in to Akamai Luna control center with administrative privileges. Select the correct contract which is provisioned for Enterprise Application Access (EAA). In
More informationAFA461 SAP Afaria 7.0 System Administration (SP03)
AFA461 SAP Afaria 7.0 System Administration (SP03). COURSE OUTLINE Course Version: 10 Course Duration: 5 Day(s) SAP Copyrights and Trademarks 2014 SAP AG. All rights reserved. No part of this publication
More informationSPNEGO SINGLE SIGN-ON USING SECURE LOGIN SERVER X.509 CLIENT CERTIFICATES
SPNEGO SINGLE SIGN-ON USING SECURE LOGIN SERVER X.509 CLIENT CERTIFICATES TABLE OF CONTENTS SCENARIO... 2 IMPLEMENTATION STEPS... 2 PREREQUISITES... 3 1. CONFIGURE ADMINISTRATOR FOR THE SECURE LOGIN ADMINISTRATION
More informationSAP NetWeaver Identity Management Identity Center. Implementation guide. Version 7.2 Rev 4. - Optimizing dispatcher performance
SAP NetWeaver Identity Management Identity Center Implementation guide - Optimizing dispatcher performance Version 7.2 Rev 4 2012 SAP AG. All rights reserved. No part of this publication may be reproduced
More informationRSA SecurID Access SAML Configuration for StatusPage
RSA SecurID Access SAML Configuration for StatusPage Last Modified: Feb 22, 2017 StatusPage specializes in helping companies deal with the inevitable crisis of their website going down. Whether it s scheduled
More informationADM100 AS ABAP - Administration
ADM100 AS ABAP - Administration. COURSE OUTLINE Course Version: 15 Course Duration: 5 Day(s) SAP Copyrights and Trademarks 2014 SAP AG. All rights reserved. No part of this publication may be reproduced
More informationEDB358. System and Database Administration: Adaptive Server Enterprise COURSE OUTLINE. Course Version: 10 Course Duration: 5 Day(s)
EDB358 System and Database Administration: Adaptive Server Enterprise. COURSE OUTLINE Course Version: 10 Course Duration: 5 Day(s) SAP Copyrights and Trademarks 2014 SAP AG. All rights reserved. No part
More informationDashboards SharePoint Installation Guide SAP BusinessObjects 4.1
Dashboards SharePoint Installation Guide SAP BusinessObjects 4.1 Copyright 2011 SAP AG. All rights reserved.sap, R/3, SAP NetWeaver, Duet, PartnerEdge, ByDesign, SAP BusinessObjects Explorer, StreamWork,
More informationEP200. SAP NetWeaver Portal: System Administration COURSE OUTLINE. Course Version: 10 Course Duration: 5 Day(s)
EP200 SAP NetWeaver Portal: System Administration. COURSE OUTLINE Course Version: 10 Course Duration: 5 Day(s) SAP Copyrights and Trademarks 2013 SAP AG. All rights reserved. No part of this publication
More informationGRC100. GRC Principles and Harmonization COURSE OUTLINE. Course Version: 10 Course Duration: 2 Day(s)
GRC100 GRC Principles and Harmonization. COURSE OUTLINE Course Version: 10 Course Duration: 2 Day(s) SAP Copyrights and Trademarks 2016 SAP SE. All rights reserved. No part of this publication may be reproduced
More informationSAP BusinessObjects Dashboard Design Component SDK Installation Guide
SAP BusinessObjects Dashboard Design Component SDK Installation Guide SAP BusinessObjects Dashboard Design Component SDK Installation Guide Copyright 2011 SAP AG. All rights reserved.sap, R/3, SAP NetWeaver,
More informationSAP Global Track and Trace Onboarding Guide
SAP Global Track and Trace Onboarding Guide Document Version: Cloud 2019.04a Implementation Guide PUBLIC TABLE OF CONTENTS 1 INTRODUCTION... 3 1.1 Prerequisite... 3 1.2 Overview... 3 2 SET UP AN SAP CLOUD
More informationADM950. Secure SAP System Management COURSE OUTLINE. Course Version: 10 Course Duration: 2 Day(s)
ADM950 Secure SAP System Management.. COURSE OUTLINE Course Version: 10 Course Duration: 2 Day(s) SAP Copyrights and Trademarks 2013 SAP AG. All rights reserved. No part of this publication may be reproduced
More informationCloud Access Manager Configuration Guide
Cloud Access Manager 8.1.3 Configuration Guide Copyright 2017 One Identity LLC. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide
More informationHow to Work with Analytical Portal
How-To Guide SAP Business One, version for SAP HANA Document Version: 1.1 2019-02-22 SAP Business One 9.3 PL00 and later, version for SAP HANA Typographic Conventions Type Style Example Example EXAMPLE
More informationIntegrating VMware Workspace ONE with Okta. VMware Workspace ONE
Integrating VMware Workspace ONE with Okta VMware Workspace ONE You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ If you have comments about this
More informationInstallation Guide 1.0 SP06 SAP Workplaces for Insurance 1.0 SP06 THE BEST RUN. INSTALLATION GUIDE PUBLIC Document Version: 1.
INSTALLATION GUIDE PUBLIC Document Version: 1.0 2016-12-08 SAP Workplaces for Insurance 1.0 SP06 2018 SAP SE or an SAP affiliate company. All rights reserved. THE BEST RUN Content 1 Apps for Insurance
More informationSAP Fiori Toolkit February 2014
SAP Fiori Toolkit February 2014 Copyright Copyright 2014 SAP AG. All rights reserved SAP Library document classification: PUBLIC No part of this publication may be reproduced or transmitted in any form
More informationHA200 SAP HANA Installation & Operations SPS10
HA200 SAP HANA Installation & Operations SPS10. COURSE OUTLINE Course Version: 10 Course Duration: 5 Day(s) SAP Copyrights and Trademarks 2015 SAP SE. All rights reserved. No part of this publication may
More informationBC410. Programming User Dialogs with Classical Screens (Dynpros) COURSE OUTLINE. Course Version: 10 Course Duration: 3 Day(s)
BC410 Programming User Dialogs with Classical Screens (Dynpros). COURSE OUTLINE Course Version: 10 Course Duration: 3 Day(s) SAP Copyrights and Trademarks 2013 SAP AG. All rights reserved. No part of this
More informationDashboards Batch Utility User Guide
Dashboards Batch Utility User Guide Copyright 2011 SAP AG. All rights reserved.sap, R/3, SAP NetWeaver, Duet, PartnerEdge, ByDesign, SAP BusinessObjects Explorer, StreamWork, and other SAP products and
More informationOctober 14, SAML 2 Quick Start Guide
October 14, 2017 Copyright 2013, 2017, Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license agreement containing restrictions on use and
More informationSAP BusinessObjects Analysis, edition for OLAP User Guide SAP BusinessObjects BI Suite 4.0 Support Package 4
SAP BusinessObjects Analysis, edition for OLAP User Guide SAP BusinessObjects BI Suite 4.0 Support Package 4 Copyright 2012 SAP AG. All rights reserved.sap, R/3, SAP NetWeaver, Duet, PartnerEdge, ByDesign,
More informationBC100. Introduction to Programming with ABAP COURSE OUTLINE. Course Version: 15 Course Duration: 2 Day(s)
BC100 Introduction to Programming with ABAP. COURSE OUTLINE Course Version: 15 Course Duration: 2 Day(s) SAP Copyrights and Trademarks 2014 SAP AG. All rights reserved. No part of this publication may
More informationSAP NetWeaver Identity Management Identity Services Configuration Guide
SAP NetWeaver Identity Management Identity Services Configuration Guide Version 7.2 Rev 3 2011 SAP AG. All rights reserved. No part of this publication may be reproduced or transmitted in any form or for
More informationCA SiteMinder Federation
CA SiteMinder Federation Legacy Federation Guide 12.52 SP1 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation
More informationAdvanced Configuration for SAML Authentication
The advanced configuration for SAML authentication includes: Configuring Multiple Identity Providers Multiple Identity Providers can be configured to a SAML authentication service on the Barracuda Web
More informationEDB367. Powering Up with SAP Adaptative Server Enterprise 15.7 COURSE OUTLINE. Course Version: 10 Course Duration: 2 Day(s)
EDB367 Powering Up with SAP Adaptative Server Enterprise 15.7. COURSE OUTLINE Course Version: 10 Course Duration: 2 Day(s) SAP Copyrights and Trademarks 2014 SAP AG. All rights reserved. No part of this
More informationSMP541. SAP Mobile Platform 3.0 Native and Hybrid Application Development COURSE OUTLINE. Course Version: 15 Course Duration: 5 Day(s)
SMP541 SAP Mobile Platform 3.0 Native and Hybrid Application Development. COURSE OUTLINE Course Version: 15 Course Duration: 5 Day(s) SAP Copyrights and Trademarks 2015 SAP SE. All rights reserved. No
More informationedocument for Hungary Invoice Registration - SAP Cloud Platform Integration Guide (SAP S/ 4HANA Cloud)
PUBLIC 2018-10-24 edocument for Hungary Invoice Registration - SAP Cloud Platform Integration Guide (SAP S/ 2018 SAP SE or an SAP affiliate company. All rights reserved. THE BEST RUN Content 1 Introduciton....3
More informationEDB785 SAP IQ Administration
EDB785 SAP IQ Administration. COURSE OUTLINE Course Version: 10 Course Duration: 5 Day(s) SAP Copyrights and Trademarks 2014 SAP AG. All rights reserved. No part of this publication may be reproduced or
More informationSafeNet Authentication Manager
SafeNet Authentication Manager Integration Guide Using SafeNet Authentication Manager as an Identity Provider for F5 BIG- IP Access Policy Manager All information herein is either public information or
More informationSAP Crystal Reports for Enterprise User Guide SAP Crystal Reports for Enterprise
SAP Crystal Reports for Enterprise User Guide SAP Crystal Reports for Enterprise Copyright 2011 SAP AG. All rights reserved.sap, R/3, SAP NetWeaver, Duet, PartnerEdge, ByDesign, SAP BusinessObjects Explorer,
More informationHow to... Master Data Governance for Material: Use the Data Import Framework for Material. Applicable Releases: From EhP6
Applicable Releases: From EhP6 Version 7 January 2018 www.sap.com Document History Document Version Description 1.0 First official release of this guide 2.0 Additional SAP notes 3.0 Background information
More informationSAP ESP: Keyed Streams in CCL New feature in SP08
New feature in SP08 www.sap.com TABLE OF CONTENTS KEYED STREAMS... 3 Introduction... 3 A Deeper Look... 3 Supported Operations... 3 Filter Behavior... 4 Join Behavior... 5 Flex Behavior... 6 Interaction
More information