Beruflich Dokumente
Kultur Dokumente
SAP NetWeaver
SAP NetWeaver is the primary technology computing platform of the software company SAP SE, and
the technical foundation for many SAP applications. It is a solution stack of SAP's technology products.
The SAP Web Application Server (sometimes referred to as WebAS) is the runtime environment for the
SAP applications, and all of the mySAP Business Suite solutions (SRM, CRM, SCM, PLM, ERP) run on
SAP WebAS
Procedure
1. Add the Application in RSA SecurID Access
2. Configure SAP NetWeaver to Use RSA SecurID Access as an Identity Provider
5. If it is a SP Initiated configuration choose the SAML request method. Select either SAML
request on redirect binding or SAML request via post.
6. Scroll down to SAML Identity Provider (Issuer) section.
a. In the Identity Provider URL field, copy the URL which will be needed later to
configure the Service Provider configuration.
b. Take note of the Issuer Entity ID.
c. Select Choose File and upload the private key. Select Choose File to locate and import
a private key to sign the SAML assertion. The private key must correspond to the public
signing certificate loaded in the SP application. If a private/public key pair is not readily
available, you can click Generate Certificate Bundle.
a. In the Assertion Consumer Service (ACS) URL field, enter the ACS URL to match the
configured value from the Service Provider.
b. In the Audience (Service Provider Entity ID) field, enter the Entity ID to match the
configured value from the Service Provider.
8. Scroll down to the User Identity section. Verify the settings are correct for your environment.
Next Steps
Configure SAP NetWeaver to Use RSA SecurID Access as an Identity Provider
Note: The Provider Name must match the Audience (Service Provider Entity ID) as
configured in the RSA SecurID Access console.
Note: None of the other Assertion Consumer Service or Single Logout Service bindings
are currently supported in RSA SecurID Access.
6. Open the Trusted Providers tab and click Add > Manually.
7. Enter a Name for the new trusted identity provider and click Next.
Note: The Name must match the Issuer Entity ID as configured in the RSA SecurID
Access Console.
Note: The primary signing certificate must match the certificate uploaded to the RSA
SecurID Access console.
Note: The Location URL must match the Identity Provider URL as configured in the RSA
SecurID Access Console.
Note: The NameID format must match the Identifier Type as configured in User Identity
section of the RSA SecurID Access console.
PEW