Installation guide

ManualsBrandsRed Hat ManualsComputer equipmentNETSCAPE DIRECTORY SERVER 6.02 - DEPLOYMENT

141

142

143

144

145

146

147

148

149

150

Installing PAS

Chapter 6 Single Sign-On Solution for SAP Internet Transaction Server 2.0 149

• Configure at least one SAP system to issue SAP SSO (SSO2 logon) tickets

• Configure the other SAP systems to accept SSO2 logon tickets.

• Ensure that the browser supports and accepts cookies because SSO2 logon

tickets are saved as browser cookies.

• Configure SAP Secure Network Connections (SNC) on the ticket-issuing SAP

system, but not necessarily on the ticket-accepting system. SNC is a software

layer in the SAP system architecture, which assures safe communication

between trusted SAP components. It requires a cryptographic library to secure

the data communication paths between the various SAP systems.

• Configure PAS to use an external authentication mechanism. For details, refer

SAP documentation.

• Install and configure Sun ONE Identity Server and Sun ONE Identity Server

Policy Agent for Sun ONE Web Server 6.0.

Installing PAS

PAS must be installed on the Administration AGate (ADM) instance. The library

needed for PAS (

sapextauth.dll

) is supplied with SAP ITS from 4.6D C3 onwards,

and is also located in the ITS program directory. For detailed instructions to install

PAS, see SAP documentation.

The required service and template files must be installed in the respective instance

in the subdirectories

\services

and

\templates

, respectively. To do so, you can

unpack ITS package

ntauth.sar

from the SAP Service Marketplace or from the

server componentCD in path ITS\common\packages\211, orcreate the following

files manually:

•

\services\

pasname

.srvc

•

\templates\

pasname

\login.html

•

\templates\

pasname

\redirect.html

•

\templates\

pasname

\extautherror.html

For details of these template files, see section SAP Template Files.

It is important to note that two separate AGate instances are required on the ticket

issuing system. While PAS is installed on the ADM instance of the ticket issuing

system, the Webgui service is hosted on the other AGate instance. On a ticket

accepting system, only the Webgui service is hosted on the typical AGate instance.