We have an environment that includes a 3rd party java web app server which can use most common SSO technologies (kerberos, SAML, X509, etc.), which has custom java apps that make web service (HTTP) calls back to the ERP back end (NW ABAP stack only..no NW Java)
We do not have NW SSO 2.0 licensed. So, I'm trying to determine what, out of the box, options we have to enable SSO.
My understanding so far is that Kerberos would work for SAP GUI functionality, but not necessarily NW ABAP HTTP authentication. It appears that SAML is an option, but that requires an MS ADFS or other similar SAML architecture (we do not wish to install/utilize any SAP NW Java)
So, I'm looking for feedback on how to best enable SSO using existing MS AD credentials that will basically satisfy both product suites. We don't want to do X.509, so that seems to limit me as to what we can use to SSO into a NW ABAP stack for the purposes of utilizing HTTP services.
Thoughts?