Skip to end of metadata
Go to start of metadata

Product versions: SAP BO BI4.0

1. Introduction

The term Single Sign-On is used to describe different scenarios.
In SBO BI4.0 we have following SSOs:

  • Single Sign-On to SAP BusinessObjects Enterprise
    It means that once users have logged on to the operating system, they can access SAP BusinessObjects Enterprise applications that support SSO without having to provide their credentials again.
  • Single Sign-On to database
    Once users are logged on to SAP BusinessObjects Enterprise, single sign-on to the database enables them to perform actions that require database access. Single sign-on to the database can be combined with single sign-on to SAP BusinessObjects Enterprise, to provide users with even easier access to the resources they need.
  • End-to-end Single Sign-On
    End-to-end single sign-on refers to a configuration where users have both single sign-on access to SAP BusinessObjects Enterprise at the front-end, and single sign-on access to the databases at the back-end. Users need to provide their logon credentials only once, when they log on to the operating system, to have access to SAP BusinessObjects Enterprise and to be able to perform actions that require database access, such as viewing reports.

This article explains the necessary steps to enable Single Sign-On to database ( SAP BW) for LDAP users (similar steps could be applied for Windows AD users as well) in SBO BI4.0.
The article main focuses are:

  • Common Semantic Layer (UNX) that can be used for access to SAP BW by utilizing SAP Java Connector (JCO) - relational connection to SAP BW
  • OLAP BICS connectivity for direct access (no universe involved - BEx query used)
  • WebIntelligence documents/reports against SAP BW
  • Ability of LDAP users to create WebIntelligence documents in BI LaunchPad with UNX universe or OLAP BICS connection
  • Single Sign-On of LDAP users into SAP BW when running WebIntelligence documents/reports
  • Utilization of SAP SSO Service (Security Token Service) as main vehicle for SSO of LDAP users into SAP BW

2. Prerequisites

The assumption is that reader is already familiar with steps necessary to setup the LDAP authentication in SBO BI4.0 Central Mangement Console. The steps are the same like in SAP BOXI3.1, so the article will not focus on this topic.

3. Steps

  1. Setup of LDAP authentication in SBO BI4.0 CMC.
  2. Setup required for the Common Semantic Layer (UNX) or BICS
  3. Map SAP users and LDAP users in SBO BI4.0 CMC
  • No labels

2 Comments

  1. Former Member

    Sinisa,

    The document was very helpful and I was able to make it work fine. AfterI applying SP1 and it kind of messed it up and now I am getting error

    <Error: Issuer of SSO ticket is not authorized on bwsrvrname.com Key: RFC_ERROR_LOGON_FAILURE>

    Any idea how I fix this?

    thanks

    Babu Krishnasamy

  2. Former Member

    Hi,  Would it be possible to add a link to this information, for those not familiar with XI3.1  please? 

    "The steps are the same like in SAP BOXI3.1, so the article will not focus on this topic."

    Lee Lewis

    Summit Electric Supply