Skip to end of metadata
Go to start of metadata


You have a backend system connected to your portal. You have configured SSO on your system. The user password for the backend system is set to expire every 30 days. On the day of the expiration, the SSO does not work for the user and he is getting error. This article will explain how you can solve this issue.


The problem can be resolved by having the component systems ignore expired passwords when utilizing SSO.
  1. In the ABAP Systems the following parameter should be set:
             login/password_change_for_SSO set to 0

       2.  Change the ume.logon.force_password_change_on_sso to false in the JAVA systems. You can modify this property by navigating to SAP NetWeaver Administrator. In SAP NetWeaver Administrator go to Configuration -> Security-> Identity Management -> Configuration and select  "Open Expert Mode" button in the right upper side of the screen. Find the parameter above and change it's value.
       3.  Because this is not dynamically switchable a restart of the system is required
  • No labels

1 Comment

  1. Hi Mariya,

    Thank you for this. I had been struggling a bit to understand why I couldn't get my portal-based SSO to work for initial/expired passwords when I had set the backend parameter login/password_change_for_SSO to 0, and this was the answer.