SAP Knowledge Base Article - Preview

2820544 - All Users Able To Log Via SSO Regardless Security Policy

Symptom

You have some of your business users which don't use SSO set to Security Policy S_BUSINESS_USER and others with S_BUSINESS_USER_WITHOUT_PASSWORD which are using SSO.

However the users which have S_BUSINESS_USER policy are also able to log using SSO if they add the tag "-sso" to the application URL (e.g. https://myXXXXXX-sso.crm.ondemand.com / https://myXXXXXX.sapbydesign.com).


Read more...

Environment

  • SAP Cloud For Customer
  • SAP Business ByDesign

Product

SAP Business ByDesign all versions ; SAP Cloud for Customer add-ins all versions ; SAP Cloud for Customer core applications all versions

Keywords

SSO; Policies; Security; Logon; , KBA , sso , security , logon , SRD-CC-SEC , Security , How To

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.