SAP Knowledge Base Article - Preview

2527120 - Authentication fails when having two SAPSSO2 Generators defined in a single Security Profile

Symptom

  • A Fiori application is failing to connect to the expected Gateway backend when the application security profile has two SAPSSO2 Generators for two different backend Gateways.
  • The application is intended to only connect to one backend gateway.
  • The SMP server log shows 2 SSO tokens being generated:

#DEBUG#com.sap.mobile.platform.server.foundation.security.providers.sso2generation.SSOTicketGenerator######Generate SSO2 ticket for user: [<userName>] with issueId:<IssueIDofSMP>, issueissueClientId:000, recipientID:<SIDofBackend1>, recipientClient:<ClientOfBackend1>, ticketValidity:59. |

#DEBUG#com.sap.mobile.platform.server.foundation.security.providers.sso2generation.SSOTicketGenerator####Generate SSO2 ticket for user: [<userName>] with issueId:<IssueIDofSMP>, issueissueClientId:000, recipientID:<SIDofBackend2>, recipientClient:<ClientOfBackend2>, ticketValidity:59.


Read more...

Environment

  • SAP Mobile Platform (SMP) OData server 3.0
  • Two different backend Gateway systems (might be Development and QA)
  • Two different SAPSSO2 Generators.

Product

SAP Mobile Platform 3.0

Keywords

SMP SSO2, 401, mysapsso2, logon ticket , KBA , MOB-ONP-SEC , SAP Mobile On Premise Security , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP ONE Support launchpad (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.