Hi ,
I have configured SSO2 SP3 in our landscape using X.509 certificate.
SSO is working fine for ABAP systems but in crm system when i am executing transaction /ncrm_ui browser is asking for credentials or clicking on ITS url it is asking for credentials. I cleared the cache of browser and close all open session, then again i again try the same ,it is asking for credentials again.
Steps :
1. Secure Logon server is installed on portal NW 7.31 (Linux x86_64).
2. Secure login client is installed on client desktop(Windows 7)
3. Secure Login Library imported in ABAP system(ECC and CRM), path /usr/sap/<SID>/DVEBMGSxx/SLL
4. We are using latest commoncryptolib version 8.4.21, patch 8421 and JCE policy files downloaded from Oracle.
5. In client authentication profile we are using LDAP server authentication and LDAP server destination is maintained
6. For service user in LDAP SPN is maintained.
Parameters for CRM system(HPUX-IA64 11.31):
snc/identity/as = p:CN=SID, OU=SAP Web AS, O=SAP Trust Community, C=DE
snc/gssapi_lib = /usr/sap/SID/DVEBMGS11/SLL/libsapcrypto.sl
snc/enable = 1
snc/data_protection/min = 2
snc/data_protection/max = 3
snc/data_protection/use = 3
snc/accept_insecure_gui = 1
snc/accept_insecure_rfc = 1
snc/accept_insecure_cpic = 1
snc/permit_insecure_start = 1
snc/r3int_rfc_qop = 8
snc/r3int_rfc_secure = 0
snc/force_login_screen = 0
login/accept_sso2_ticket = 1
login/create_sso2_ticket = 2
In trace i have found that logon ticket is not generating and myssocnlt cookie is also not generating .But if i check transaction /nsso2 in my crm system everythings looks fine.
I have attached the document of SSO2 which we have used for configuration and trace when we are executing /ncrm_ui transaction
I have also refered Note 612670 and made changes accordingly but still no success , again it is asking for credentials.
Please help in resolving this issue.
Thanks,