I've got a NW 7.4 ABAP Stack for Fiori. I wanted to see if I could enable SAML 2.0 to authenticate against Active Directory Federation Services as an Identity Provider.
- Successfully setup SSL (Note 510007) on this server with Certificates signed by our CA here at my company.
- Followed the SAML 2.0 for Fiori to configure SAML with our ADFS.
I modified the webgui service in sicf to use an Alternate Logon Method with SAML Logon as the second in the list behind HTTP, as the docs say to do. But I haven't been able to get it to work. It never redirects to ADFS to identify credentials. It just logs on to the local ABAP Datasource.
So it has me trying to confirm that this is a viable option for authentication. In the Thread below, there was a suggestion that JAVA is needed to produce the logon tickets. But the SAML 2.0 for Fiori document doesn't suggest that anywhere.
http://scn.sap.com/thread/3231649
The Wiki for SSO with SAML 2.0 lists three SAML 2.0 Identity Providers:
- Netweaver Single Sign-On
- Netweaver Identity Management
- Netweaver AS Java
Does this mean that Microsoft ADFS is not a valid Identity Provider?