SAP Knowledge Base Article - Preview

2527120 - Authentication fails when having two SAPSSO2 Generators defined in a single Security Profile

Symptom

  • A Fiori application is failing to connect to the expected Gateway backend when the application security profile has two SAPSSO2 Generators for two different backend Gateways.
  • The application is intended to only connect to one backend gateway.
  • The SMP server log shows 2 SSO tokens being generated:

#DEBUG#com.sap.mobile.platform.server.foundation.security.providers.sso2generation.SSOTicketGenerator######Generate SSO2 ticket for user: [<userName>] with issueId:<IssueIDofSMP>, issueissueClientId:000, recipientID:<SIDofBackend1>, recipientClient:<ClientOfBackend1>, ticketValidity:59. |

#DEBUG#com.sap.mobile.platform.server.foundation.security.providers.sso2generation.SSOTicketGenerator####Generate SSO2 ticket for user: [<userName>] with issueId:<IssueIDofSMP>, issueissueClientId:000, recipientID:<SIDofBackend2>, recipientClient:<ClientOfBackend2>, ticketValidity:59.


Read more...

Environment

  • SAP Mobile Platform (SMP) OData server 3.0
  • Two different backend Gateway systems (might be Development and QA)
  • Two different SAPSSO2 Generators.

Product

SAP Mobile Platform 3.0

Keywords

SMP SSO2, 401, mysapsso2, logon ticket , KBA , MOB-ONP-SEC , SAP Mobile On Premise Security , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.