We are looking to implement Kerberos Single Sign-On this year but it appears to be mind boggling as to whether we can do it out of the box or do we need to purchase NetWeaver Single Sign-On 2.0
Our Landscape is -
ECC6 EHP7 (NW7.4)
BW 7.3
Business Objects 4.1
We use both GUI730 and NWBC for Desktop 4.0, The front end being used by the user base is NWBC and they access the BW and BO systems through it onces logged into ECC6.
We want to streamline this process so that none of the systems need to be logged into using a username and password.
From looking at links like the below -
and reading through many forum posts and How To's am I correct in thinking we should be able to accomplish this by configuring SNC+SPNEGO Kerberos Authentication without having to the purchase NW SSO2.0?
SNC would be used for any DYNPRO applications
SPNEGO would be used for any HTTP based applications and the initial login to NWBC?
We would use certificate based SSO between the BW and BO systems.
Based on this I only see a use for NW SSO2.0 if we wanted to make SAML assertions which is this case we do not.
If anyone could confirm the above for me it would really help the planning of this implementation.
Regards
Mike