Registration

Dear SAP Community Member,
In order to fully benefit from what the SAP Community has to offer, please register at:
http://scn.sap.com
Thank you,
The SAP Community team.
Skip to end of metadata
Go to start of metadata

This is the starting point of all SAML 2.0 related topics.

You can read about SAML standard at SAML V2.0 Standard wiki page

Availability of SAML 2.0:

SAML 2.0 Service Provider

  • NetWeaver AS Java 7.20, 7.30, 7.31 and 7.4, 7.5 and higher
  • NetWeaver AS ABAP 7.02, 7.30, 7.31 and 7.4, 7.5 and higher

SAML 2.0 Identity Provider 

  • Part of SAP Single Sign-On
  • Part of NetWeaver Identity Management
  • Have to be installed on top of NetWeaver AS Java (SAP NW CE 7.2 Application Server Java, SAP NW 7.3 Application Server Java (or following EhPs), SAP NW 7.4 Application Server Java)

List of topics

SAML 2.0 in AS Java

  • Step-by-Step guide for SSO from MS Sharepoint 2010 to SAP EP 7.0x
    This wiki page describes only the necessary configuration for single sign-on from Microsoft SharePoint 2010 to SAP Portal 7.0x. It does not cover the other direction when user logged into SAP Portal has to have SSO to SharePoint 2010. The example setup assumes that the user IDs in ADFS 2.0, AS Java 7.2 and SAP Portal 7.0x are the same.
  • Single Sign-On with SAML 2.0 and ABAP Systems Supporting SAP Logon Tickets
    This wiki page describes implementing a single sign-on mechanism with SAML 2.0 in a network including an ABAP system which does not support SAML 2.0 authentication. Explanations are based on a sample real-life scenario.
  • Single Sign-On between SAP Portal and SuccessFactors
    This document describes how to enable single sign-on from a customer's on-premise SAP Portal to SuccessFactors. Single sign-on is based on standard SAML 2.0 mechanisms and the Identity Provider of SAP Netweaver Single Sign-On is used.
  • Implementation of Identity Federation for SAML 2.0
    This Wiki describes how to configure identity federation for Security Assertion Markup Language (SAML) 2.0 so that the users can attain federated identities for authentication. It also gives some example scenarios that would help the user federate identities.
  • SAML 2.0 and SAP GUI Single Sign-On in one and the same scenario

    This blog offers a solution to the scenario in which the interoperable SAML assertion could be used for the issuance of a well-known X.509 client certificate and then the certificate to be used for authentication to applications such as SAP GUI that do not support SAML authentication mechanisms, but accept X.509 client certificates.

SAML 2.0 in AS ABAP

Troubleshooting

Documentation

SAML 2.0 documentation for NetWeaver 7.5 (Service Provider in AS Java and AS ABAP) 

SAML 2.0 documentation for NetWeaver 7.4 (Service Provider in AS Java and AS ABAP)

SAML 2.0 documentation for NetWeaver 7.3 Ehp1 (Service Provider in AS Java and AS ABAP)

SAML 2.0 documentation for NetWeaver 7.3 (Service Provider in AS Java and AS ABAP)

SAML 2.0 documentation for NetWeaver 7.2 (Service Provider in AS Java)

SAML 2.0 documentation for NetWeaver 7.0 EHP2 (Service Provider in AS ABAP)

SAP Single Sign-On Identity Provider – Implementation Guide

Security Token Service for SAP NetWeaver Single Sign-On and SAP NetWeaver Identity Management

Setup of SAP Fiori System Landscape with SAML 2.0

SAML and SAP Gateway

Community

SAP NetWeaver Single Sign-On Community (Including Identity Provider and Security Token Service for AS Java)

Interoperability

SAP products certified in Kantara Initiative SAML 2.0 full-matrix interoperability testing conducted January - February 2011
SAP Products certified in Liberty Alliance Project in 2009

Wiki page on using proxies

SAP Web Dispatcher

Analysis and Recommended Settings of the Security Audit Log (SM19 / SM20)

Do you have a question or doubt? Please check the (NetWeaver Single Sign-On Community page) or create a new discussion there.